Thomas Claburn:
“Jekyll apps do not hinge on specific implementation flaws in iOS,” the paper explains. “They present an incomplete view of their logic (i.e., control flows) to app reviewers, and obtain the signatures on the code gadgets that remote attackers can freely assemble at runtime by exploiting the planted vulnerabilities to carry out new (malicious) logic.”
Assembling malicious logic at runtime avoids detection by reviewers and by automated methods of static analysis, a way to analyze program code without actually executing the instructions.
The full Usenix paper is available here.
App Store iOS iOS App Security
Chris Espinosa recommends some books about the history of Apple.
Apple Book History
Dave Winer:
I wish that every company that makes a server with an API would read this document, and do the work that Dropbox did to be friendly to static JavaScript apps.
Basically, it should be possible to write a static JavaScript app that talks with your platform without requiring a server app acting as a proxy. That means either having CORS set for it, or using JSONP.
Dropbox JavaScript Web
Federico Viticci reviews Editorial for iPad, the new text editor from Pythonista developer Ole Zorn:
Editorial is a text editor that supports Markdown, syncs with Dropbox, and comes with “accessory panels” to access a preview of documents (converted from Markdown to HTML), a Python console and scratchpad, a documentation viewer, and a web browser for quick research.
Editorial supports Dropbox versions, TextExpander snippets as well as its own abbreviation system, it comes with a powerful URL scheme, and – the core aspect of the app – it lets you automate text editing and communication with other apps through a workflow systems that is reminiscent of Automator and combines built-in actions with the possibility of running Python scripts. Editorial can be used to “just take some notes”, but it truly shines when the browser and workflows are put to good use for research purposes and to automate writing and editing in Markdown.
Editorial iOS iOS App iPad Markdown Python Text Editor TextExpander
