There’s a lot of focus on security and privacy, these days, and Apple’s recognised the challenges that application developers face when it comes to making sure the software they create is secure. To help with that, the guys in Cupertino have released a Secure Coding Guide – a free document that both new and experienced developers can use to familiarise themselves with the threats that are out there.
In its guide Apple writes that secure coding is the practice of developing applications that are resistant to malicious or mischievous attacks. Developing more secure applications will therefore keep users information safe from theft, prying eyes, and corruption. It also reduces the risk of applications being turned into things that allow attackers to gain control of the target machines.
Recently, Snapchat made the news for a hack in which its users’ details were compromised. We can only expect the number those types of hacks and leaks to grow over the coming years as smartphones become more popular. It’s even more lucrative for attackers which stand a chance of gaining access to one device that has a lot of the user’s personal information, sometimes even including credit card information.
The guide, which can be downloaded for free in PDF form, covers both OS X and iOS. Naturally, Apple wants applications on both of its platforms to be equally secure, and giving developers the right tools to make that happen is a good start. It covers everything from the basics of attack vectors, known vulnerabilities, how to avoid common overflows, and then delves deep into subjects like race conditions, elevating privileges, and injected attacks.
This is great for the creators of software, and now all that’s needed is a guide for end users to know what to look for when downloading and running apps. There are still those that are designed just to steal your data and be annoying, and while Apple does a great job when it comes to keeping truly malicious apps out of its App Store, there are still a lot of users being duped.