Trova il tuo prossimo book preferito

Abbonati oggi e leggi gratis per 30 giorniInizia la tua prova gratuita di 30 giorni

Informazioni sul libro

Learning iOS Security

Name: Learning iOS Security
Brand: Packt Publishing
Price: 9.99 USD
Availability: InStock
ISBN: 9781783553952

Di Allister Banks e Charles S. Edge

Azioni libro

Inizia a leggere

Lunghezza: 273 pagine1 ora

Editore:: Packt Publishing
Pubblicato:: Feb 27, 2015
ISBN:: 9781783553952
Formato:: Libro

Descrizione

About This Book Familiarize yourself with fundamental methods to leverage the security of iOS platforms and apps Resolve common vulnerabilities and security-related shortcomings in iOS applications and operating systems A pragmatic and hands-on guide filled with clear and simple instructions to develop a secure mobile deployment Who This Book Is For

This book is intended for mobile security professionals who want to learn how to secure iOS operating systems and its applications. Any knowledge of iOS architecture would be an added advantage.

Leggi altro

Azioni libro

Inizia a leggere

Informazioni sul libro

Learning iOS Security

Di Allister Banks e Charles S. Edge

Lunghezza: 273 pagine1 ora

Descrizione

This book is intended for mobile security professionals who want to learn how to secure iOS operating systems and its applications. Any knowledge of iOS architecture would be an added advantage.

Leggi altro

Editore:: Packt Publishing
Pubblicato:: Feb 27, 2015
ISBN:: 9781783553952
Formato:: Libro

Informazioni sull'autore

Allister Banks

Autori correlati

Skip carousel

carousel previous carousel next

Correlati a Learning iOS Security

Categorie correlate

Salta carosello

Anteprima del libro

Learning iOS Security - Allister Banks

Learning iOS Security

Credits

About the Authors

About the Reviewers

www.PacktPub.com

Support files, eBooks, discount offers, and more

Why subscribe?

Free access for Packt account holders

Preface

What this book covers

What you need for this book

Who this book is for

Conventions

Reader feedback

Customer support

Errata

Piracy

Questions

1. iOS Security Overview

Pairing

Backing up your device

iCloud backups

Taking backups using iTunes

Viewing iOS data in iTunes

Initial security checklist

Configuring a passcode

Configuring privacy settings

Safari and built-in App protections

Predictive search and spotlight

Summary

2. Introducing App Security

Installing apps

Blocking access to the App Store

Single App mode, App Lock, and Guided Access

App communication

Handoff and Continuity

Keybags and keychains

Keyboards and extensions

Securing what extensions can access

User context

Sandboxing and App data storage

Introduction to in-house App development

Summary

3. Encrypting Devices

Secure boot and activating iOS

Passbook and Touch ID for Apple Pay

Introduction to iOS network communication

AirDrop

A bug or a feature?

VPN (Always-On, APN, Per-App, On-Demand)

Global HTTP Proxy, caching, and the web content filter

Privacy-related concerns

Lesser-known ways for Apple to gather diagnostics

Health app

Configuration profiles

Signing, encryption, and delivery

Summary

4. Organizational Controls

Apple Configurator

Intended workflows

The interaction modes – Prepare, Supervise, and Assign

The importance of supervision

Apps, VPP, and Apple Configurator

Mass restoring and naming of devices

Backup concerns

Configurator as chaperone

Activation Lock and Find My iPhone

Addressing the rough spots

DEP versus Apple Configurator

Guided Access versus App Lock versus Single App Mode

ActiveSync

Summary

5. Mobile Device Management

Introducing MDM

Configurator versus MDM

The Profile Manager

Preparing the Profile Manager Server

Preparing Profile Manager

Completing Post Configuration tasks

Using Profile Manager

Enrolling into Profile Manager

Device management

Passcode policies

Introducing Bushel

Setup

The enrollment process

Restrictions

Volume Purchasing Program and MDM

Summary

6. Debugging and Conclusion

Xcode

Dive deeper with libimobiledevice

Installing libimobiledevice using Homebrew

Using idevicesyslog and idevicepair

Using idevicedate and ideviceinstaller

App communications

Identifying devices

Listening to network communications

Apple IDs and Apps

Forensics

Application security

Viewing an App

Summary

Index

Learning iOS Security

All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.

Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the authors, nor Packt Publishing, and its dealers and distributors will be held liable for any damages caused or alleged to be caused directly or indirectly by this book.

Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information.

First published: February 2015

Production reference: 2240215

Published by Packt Publishing Ltd.

Livery Place

35 Livery Street

Birmingham B3 2PB, UK.

ISBN 978-1-78355-174-3

www.packtpub.com

Credits

Authors

Allister Banks

Charles S. Edge

Reviewers

Jeremy Agostino

William Smith

Commissioning Editor

Ashwin Nair

Acquisition Editor

Hemal Desai

Content Development Editor

Mamata Walkar

Technical Editor

Menza Mathew

Copy Editors

Jasmine Nadar

Wishva Shah

Project Coordinator

Shipra Chawhan

Proofreaders

Safis Editing

Paul Hindle

Indexer

Tejal Soni

Production Coordinator

Melwyn D'sa

Cover Work

Melwyn D'sa

About the Authors

Allister Banks is an enthusiast. He's very excited to be in the exceedingly limited, exclusive club of coauthors of Charles S. Edge. After working for a decade with IT consulting companies on both the coasts of the U.S., he now works for a medical-focused institution with education and data center aspects. He has given speeches at LOPSA-East, MacTech Conference, and MacAdmins Conference at Penn State. He lives in New York. He contributes to various open source projects and speaks enough Japanese to order food.

Charles S. Edge has been working with Apple products since he was a child. Professionally, Charles started with the Mac OS and Apple server offerings in 1999 after working of years with various flavors of Unix. Charles began his consulting career with Support Technologies and Andersen Consulting. As the chief technology officer of 318, Inc., a consulting firm in Santa Monica, California, Charles built and nurtured a team of over 50 engineers, which was the largest Mac team in the world at that time. Charles is now a product manager at JAMF Software, with a focus on Bushel (http://www.bushel.com).

Charles has spoken at a variety of conferences including DefCon, BlackHat, LinuxWorld, MacWorld, MacSysAdmin, and Apple Worldwide Developers Conference. Charles has also written 12 books, over 3,000 blog posts, and a number of printed articles on Apple products.

About the Reviewers

Jeremy Agostino is a longtime Mac and iOS developer with a professional focus on hardware support and device drivers. He has assisted in the design and implementation of custom technical solutions to manage some of the largest iOS deployments in the U.S. Jeremy is currently leading the engineering team at Ground Control Solutions, where he is developing a powerful deployment and management tool for iOS devices.

William Smith is a solutions architect for 318, Inc., which is an IT consultancy that is based in Santa Monica, California. He is a technology veteran with more than 20 years of experience. He lives in Saint Paul, Minnesota, where he has provided training and consulting services on behalf of customers such as Apple and JAMF Software.

William enjoys writing and presenting on technology topics and he has spoken at JAMF Nation User Conference, MacIT, PSU MacAdmins, and other conferences. He has been a Microsoft MVP for more than 11 years and is co-owner of OfficeforMacHelp.com. Currently, he is a part of the steering committee for the new Twin Cities Mac Admins professionals group—a community that supports all things Apple, from education to enterprise.

www.PacktPub.com

Support files, eBooks, discount offers, and more

For support files and downloads related to your book, please visit www.PacktPub.com.

Did you know that Packt offers eBook versions of every book published, with PDF and ePub files available? You can upgrade to the eBook version at www.PacktPub.com and as a print book customer, you are entitled to a discount on the eBook copy. Get in touch with us at for more details.

At www.PacktPub.com, you can also read a collection of free technical articles, sign up for a range of free newsletters and receive exclusive discounts and offers on Packt books and eBooks.

https://www2.packtpub.com/books/subscription/packtlib

Do you need instant solutions to your IT questions? PacktLib is Packt's online digital book library. Here, you can search, access, and read Packt's entire library of books.

Why subscribe?

Fully searchable across every book published by Packt

Copy and paste, print, and bookmark content

On demand and accessible via a web browser

Free access for Packt account holders

If you have an account with Packt at www.PacktPub.com, you can use this to access PacktLib today and view 9 entirely free books. Simply use your login credentials for immediate access.

Preface

Nowadays, iOS is becoming more and more prevalent in companies and larger organizations. Whether this is a trend that is driven by Bring Your Own Device (BYOD) or something that is coming from within the IT department, our knowledge of platforms is being stretched more and more all the time. It's getting harder and harder to be an expert on every platform that is in use in our organizations!

You need to secure your iOS devices. Learning iOS security gives you the knowledge to build security into large-scale iOS deployments. This book takes you through good security practices; these include configuring privacy options to keep personal data away from prying eyes, learning about encryption options to keep data safe at rest, securing apps to reduce the risks introduced by third-party apps, and then laying down practical steps and procedures for carrying out these steps, both on-screen on devices and at scale using Apple Configurator, profiles, and Mobile Device Management (MDM) solutions.

This book also includes a section on debugging and viewing data so that you can check out how to further secure items not covered in detail in the book. We teach you how to provide enterprise-class security to your iPhone, iPad, and iPod Touch deployments. This includes a quick run-down of basic security steps and mass deployment of these steps to aid in your large-scale deployment of iOS devices.

This book is meant to be an easy-to-digest guide that follows real-world examples to implement best security practices. Each topic is covered in a theoretical context and further resources are provided where they are needed/applicable.

What this book covers

Chapter 1, iOS Security Overview, is a quick-and-dirty overview of the many steps to take to initially secure an iPad, iPhone, and iPod Touch. The purpose of this chapter isn't to go into too much depth with any given technology, but to provide a cheat sheet of sorts to get you started with iOS security.

Chapter 2, Introducing App Security, is a more thorough review of how to choose apps and secure them during an iOS deployment. Here, we look at an overview of sandboxing techniques and how to use Single App Mode and keybags. We also look at in-house Apps.

Chapter 3, Encrypting Devices, explains the encryption types and techniques that are used in iOS. Here, we look at Touch ID, Apple Pay, network encryption, and privacy concerns.

Chapter 4, Organizational Controls, introduces Apple Configurator and profile management. Here, we also look at the Find My iPhone app as it pertains to Activation Lock, ActiveSync policies (EAS Policies), and device supervision.

Chapter 5, Mobile Device Management, looks at Apple's Profile Manager and a simple third-party MDM called Bushel. Here, we look at Over the Air

Hai raggiunto la fine di questa anteprima. Registrati per continuare a leggere!

Inizia il periodo di prova gratuito

Pagina 1 di 1

Recensioni

Cosa pensano gli utenti di Learning iOS Security

Valutazione: 0 su 5 stelle

0 valutazioni / 0 recensioni

Cosa ne pensi?

Valutazione: su 5 stelle

Scrivi una recensione (facoltativo)

Lingua

Benvenuto in Scribd!

Trova il tuo prossimo book preferito

Informazioni sul libro

Learning iOS Security

Azioni libro

Descrizione

Azioni libro

Informazioni sul libro

Learning iOS Security

Descrizione

Informazioni sull'autore

Autori correlati

Correlati a Learning iOS Security

The Mac Terminal Reference and Scripting Primer

iPhone and iOS Forensics: Investigation, Analysis and Mobile Security for Apple iPhone, iPad and iOS Devices

Hacking Web Apps: Detecting and Preventing Web Application Security Problems

The Hacker's Guide to OS X: Exploiting OS X from the Root Up

Mobile Application Penetration Testing

Data Hiding: Exposing Concealed Data in Multimedia, Operating Systems, Mobile Devices and Network Protocols

Learning Android Forensics

Android Forensics: Investigation, Analysis and Mobile Security for Google Android

Mac OS X, iPod, and iPhone Forensic Analysis DVD Toolkit

Cuckoo Malware Analysis

OS X for Hackers at Heart

Learning Pentesting for Android Devices

Learning iOS Penetration Testing

XSS Attacks: Cross Site Scripting Exploits and Defense

Mastering macOS Programming

iOS Forensics Cookbook

Android Security Cookbook

Python Forensics: A Workbench for Inventing and Sharing Digital Forensic Technology

OS X Exploits and Defense: Own it...Just Like Windows or Linux!

Seven Deadliest Web Application Attacks

Simple iOS Troubleshooting: A Guide to the Most Common Issues with the iPhone, iPad and iPod Touch

macOS Black Book: Mastering Shortcut Keys

Managed Code Rootkits: Hooking into Runtime Environments

OS X Incident Response: Scripting and Analysis

Seeking the Truth from Mobile Evidence: Basic Fundamentals, Intermediate and Advanced Overview of Current Mobile Forensic Investigations

Mobile Forensics – Advanced Investigative Strategies

Learning iOS Forensics

All in One iPhone Manual: Your New Unlimited User Guide - Learn How to Use iPhone in Simple words plus iPhone Camera for Photography with step by step Proven Work.

Mobile Malware Attacks and Defense

Mobile Device Exploitation Cookbook

Return to Normalcy - Election of 1920 | Episode #046 | Election College: United States Presidential Election History: After the Progressive Era and a big war... we need a little normal in our lives.

tranquility du jour #329: 2015 dreams: Welcome to the 329th edition of Tranquility du Jour. Today's show features moi on Tranquility du Jour 2015 Dreams. You'll learn about my plans for the blog, podcast, and more. Featured...

FIT77 The Front Fell Off: Swimming with Garmin watches: Wahoo ROAM updates, Giant Power Pro, and Apple's WatchOS 6

Under the Radar 27: Fast App Review: How iOS development will change if the recent app-review speedup becomes permanent.

Mac OS Ken: 05.11.2011: DoJ Advocates for Consumer Tracking and Data Retention by Cell Carriers / Apple Exec Answers iOS Privacy Questions on Capital Hill / Apple Sued (Again) Over Alleged Misuse of iPhone UDID / Apple Top Smartphone Maker in Japan While Android Tops...

Tranquility du Jour #359: Artistic Activism: An interview with Dana Ellyn on Artistic Activism. Hear her transition from suburban wife to full-time artist, advice to aspiring artists, peek into her exhibit Speciesism, and learn the art history-inspired story behind my new pig painting....

MacVoices #21033: MacVoices Live! - Productivity Tools We Really Use (3): <p>We wrap up our look at some favorite productivity apps with our MacVoices Live! panel of <strong>David Ginsburg</strong>, <strong>Kelly Guimont</strong>, <strong>Frank...

Starting a Candle Business After Hitting Rock Bottom as a Single Mom of Four - Shonte James

GGG 176 Getting Savage: Getting Savage

70: No Furries in Space: This week we talk with Jordan Harbinger from The Art of Charm podcast about creativity, social engineering, and other assorted goodies. We also discuss stuff we like and some Star Trek fanfic. Spoiler alert, there are no furries in space.

Tranquility du Jour #404: Transitions: Transitions with me and Tim. In this week's edition of Tranquility du Jour, Tim and I discuss the transition of Tranquil Space to YogaWorks and what's next for both of us {hint, it involves pigs and pugs}. Direct download: ...

120: Obscura, with Ben McCarthy: Designer, photographer, and software developer, Ben McCarthy, talks about the inspiration behind the new version of his camera app: Obscura 2. Links: on Twitter Sponsors: Thanks to for sponsoring this show! Get all-you-can-learn access to over...

364: A Casey Settings Screen: Casey surprises everyone with a new app, John fixes Dock folders, and Marco names Wi-Fi networks.

Gain Control of Your Emotions: Cultivate peace when things seem to be spinning out of control

Interview With a Human Right's Lawyer: Managing an addiction crisis

GGH Beta.19: Vehicle Navigation GPSRs & Apps I: Our nineteenth beta show looks at vehicle navigation GPSRs and apps. We started with some feedback from OBXGeek about events beyond the GC101. We also heard from Nighthawk700 and Yawppy on the Vehicle Navigation GPSRs and Apps. We mentioned the...

Mac OS Ken: 01.03.2019: - Cook Adjusts Holiday-Quarter Revenue Guidance Down to $84B - Tech Stocks Tumble in Apple’s Wake - Baidu CEO to Staff: “Winter is Coming” - MacRumors: Hits by iOS 13 Picking Up - Sign up to get a FREE company account and add up to 5 team...

Christmas Eve Peace Meditation: Enjoy the gifts of peace, joy, hope and love

Betrayal and Redemption CMP052: The gift of the Great House goes horribly wrong and war breaks out between the Irish and the Welsh.

NVIDIA CONFIRMS Your PSU Can't Handle RTX 3000 - WAN Show August 28, 2020

Improvising in the Kitchen: Tips and ideas to become a better freestyler in the kitchen! For complete show notes on this episode, visit http://kitchencounterpodcast.com/129 Connect with the show at: Facebook: https://www.facebook.com/kitchencounterpodcast...

Ep. 200: The Algo Trading Special: It's the 200th episode of Paisa Vaisa!! To mark this milestone host Anupam is joined by Mr. Nitesh Khandelwal, CEO & Co-founder at QuantInsti. Paisa Vaisa has been involved in podcast algorithms 200 times. Yes, it's our 200th episode and to...

Gratitude: Rewrite your story

Mac Power Users 316: Locking Down Your Technology: David and Katie run down options for securing your tech and staying safe online. We cover securing your iOS devices and Macs as well as discuss best practices for passwords, email, web browsing and locking down your online profiles.

Bear

MobileFamilyTree 8.5

How To: Fix Autocorrect’s ‘Ducking’ Problem On IOS

Surprising Things You Can Do On Your IPad

10 Years Of IPad

Notability 9

UNREAD 2: STYLISH RSS READER FOR iOS IMPROVES WHILE REMAINING EXACTLY THE SAME

How to Binge-Watch Netflix Without Ruining Your Sleep

Procreate 4.3.3

Track And Share Your Symptoms

Best Utility Apps

Understand The Main Noto Writing Features