GOTO is a vendor independent international software development conference with more that 90 top speaker and 1300 attendees. The conference cover topics such as .Net, Java, Open Source, Agile, Architecture and Design, Web, Cloud, New Languages and Processes

Emil Kvarnhammar, CEO at TrueSec Syd AB

Emil Kvarnhammar

Biography: Emil Kvarnhammar

Emil is a Security Software Engineer at TrueSec, a leading-edge company in IT security and development. He’s been involved in several security-critical projects, developing applications and components that are used by millions of users on a regular basis. His areas of interest include secure software design, secure communications, security in mobile platforms and cryptography. He has found security vulnerabilities in Apple OS X, and loves digging into binaries to reveal their implementation details.

Presentation: Security threats and mitigations for iOS developers

Track: Security, safety and privacy / Time: Tuesday 13:20 - 14:10 / Location: Marselisborg

From an architecture perspective iOS is one of the most secure mobile platforms available today. But there are examples of malware that have successfully targeted iOS despite the mandatory code signing, app review process, sandboxing, encryption, and lack of side-loading support.
 
This talk will explain built-in security mechanisms in iOS, common security issues that affect iOS developers and attack examples against iOS devices. We’ll cover XARA (cross-app resource attacks), masque attacks, SSL/TLS security, reverse engineering and how attackers try to circumvent the security rules enforced by the operating system. For each attack mentioned, we'll also discuss mitigation strategies.