Security is a much more elusive and expansive topic than you might consider at first. You start with the simple goal of securing something, but as you contemplate each security measure you might implement, you come to realize each has weaknesses, so you add more measures to cover the weaknesses, which of course only introduces new vulnerabilities. Eventually, you come to two conclusions. First, no perfect security exists. Second, any security entails cost. The more layers you add, the more it costs. This in turn leads to questioning the costs in terms of the worth of whatever it is you are attempting to secure. In the end, you realize that security is as much a budgetary problem as a technical one.
But even then, you’re not done. A common solution to lower costs is to centralize them and hope for economies of scale to appear. In terms of software, this typically means pushing things toward the operation system. Applications already benefit from centralized file I/O, date and time functionality, and a whole host of other OS services. Why not security? iOS offers several layers of security that applications should take advantage of. However, risk is inherent with shared security layers. For instance, if a layer is breached, it is breached for all applications that make use of it. So again, security is expensive and elusive.
Hacking and Securing iOS Applications, by Jonathan Zdziarski, nicely captures the ambiguities that make the term iOS security seem like an oxymoron. Not only does the author convey the questioning attitude developers should adopt, but he also shows what can be done to bring some balance and worthwhile protection to your iOS applications.
[03:30]
There has been error in communication with Booktype server. Not sure right now where is the problem.
You should refresh this page.