Wednesday, September 12, 2012

iPhone 5 and what every (secure) developer should know

Well, the Apple iPhone 5 big event has come and gone, and what new stuff do we need to know from a security standpoint?

For starters, the new iOS 6 Gold Master, Xcode 4.5 Gold Master, and iTunes 10.7 are available for download, as of this writing. (Mine are downloading as I type.)

While there was a lot of buzz about the "i5" getting Near Field Communications (NFC) capability, for payment systems and other short range RF comms, that didn't pan out. From what we can gather at this point, it appears the new Passbook system in iOS 6 is going to be based on barcode scanning, much like the existing Starbucks app has been doing for well over a year.

But then there is iOS 6 itself, and while the jury is still out on its under the hood security enhancements -- which are inevitable with each new major iOS release -- there aren't a lot of security changes on the surface.

Certainly, to support the bigger i5 screen, app devs are going to have to tweak their UIs, but that's all functional stuff and will no doubt happen in due time.

So, from an app security standpoint, the best thing we can be doing right now is to ensure our apps build properly in Xcode 4.5 and start diving into what Passbook has to offer us (if you're doing anything like payments, coupons, boarding passes, etc.). And, since we're forced now to support two different screen geometries, now might not be a bad idea to build UI XIBs for all of them (including iPad) and build our apps as Universals. While those are compiling, we'll be diving into the iOS 6 docs looking for any minor or major security UI enhancements.

Either way, we'll plan on a iOS 6 changes sidebar at our upcoming Mobile App Sec Triathlon in San Jose on November 5-7. Hope to see you there. Bring your iOS 6 questions with you!

Cheers,

Ken

No comments:

Post a Comment