Walled Garden Farmers
security
Python Pillow’s Denial of Service Vulnerability
A popular image processing library has a vulnerability that can cause denial of service by a maliciously-crafted file causing the application to consume too much memory. Should you upgrade or is there another solution?
How to Securely Provide Apple ID Password into Notarization Build Jobs
Including passwords into the source tree is a big security breach. Similarly including passwords into build jobs would be insecure. Learn how to securely provide Apple ID credentials into notarization jobs.
Enabling Hardened Runtime on a Sparkle App
Notarization requirements is just around the corner in the coming release of macOS. But the Sparkle updater framework is not yet ready for it. Here’s how you can fix that.
Shared Frameworks in a Hardened Runtime World
macOS Catalina is just around the corner and with it comes mandatory notarization and hardened runtime. If your mac app accepts plugins or otherwise loads 3rd party frameworks and libraries, there are a few caveats that you’ll need to take care.
WordPress JetPack’s Vulnerability
Having social sharing functions on every page in your blog seems intuitively useful. However these could easily be exploited by malicious people to do bad things and pass the blame onto you. Learn what is the problem behind these social media buttons and what you should do as a webmaster.
Is Your Server Ready for iOS 9 and El Capitan?
Apple is enforcing a stronger encryption that applications need to use when connecting to their backends. Is your server secure enough to meet Apple’s standards? Being HTTPS doesn’t necessarily imply that it’s good enough.
Reverse-Engineering iCloud Keychain
Ever wonder how iCloud Keychain or 1Password works? Wonder no more.
Copyright (C) Sasmito Adibowo. This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.