Automatically verify integrity of your dependencies, thru signature verification. This is trying to address the supply chain security attacks that have been happening. Just like the discussion on privacy reporting, it is ultimately each developer’s responsibility to ensure all your signatures are correct and you are not using maliciously modified… Continue reading
This is about simplifying creation of Privacy Nutrition Labels and holding developers accountable for the APIs and SDKs they use. You are responsible for all code in your app. I can image a fight brewing now between SDK creators and developers, who are ultimately responsible for the usage of these SDKs…. Continue reading
In my last post I took you thru the OAuth 1.0a API flow. While there are three APIs defined in the RootServices document which enable you to execute the flow, it is still a lot of work to ultimately get your OAuth 1.0a Token for usage. This token is only… Continue reading
The goal of the next two posts is to provide you with methods for authentication of your APIs. I will not be going thru all the methods that a ELM server support authentication, but at a high level your server can either be setup to use application level authentication or… Continue reading
Day three was loads of fun, the highlight of which was the Code-Along for WidgetKit. I also had my lab appointment on the problems I was having with SiriIntents and Shortcuts. While I was a able to get my Intents to work, we ran out of time for the Shortcut… Continue reading
This year there have been so many reports about IoT devices being hacked, being misused, and being subverted. I think we are at a watershed when it comes to Internet of Things Connected devices. There are two major issues, which if not resolved, will crater the industry and drive a… Continue reading
Wow, what a year 2016 has been! While politics and work have had their major ups and downs, I did get a ton of good reading in this year. I figured a great way to wrap up the year would be to go back thru the books and just think… Continue reading
Wow.. what a busy day, and yes, I picked up a toy today. The Bass Egg was a kickstarted last year, and after hearing it today and doing a few tests (like placing it on my head), I was amazed and had to buy it. I am listening to a… Continue reading
Last night, as I was checking my email before going to bed, I got a note from Apple that their replace/rebuild of the Developer portal had been completed and all services are working again. Great news, and hopefully Apple has addressed, not only the security flaws identified by the Turkish… Continue reading
Prior to the security issues on Apple’s site over a week ago, Apple had been on a bi-weekly cadence for iOS and OS X beta releases. Last Monday, (July 22nd) the developer portal was down while Apple rebuilt the site to address the security issues no iOS beta was reported… Continue reading