Chapter 14. Next Steps
Security is a game of chess; books such as this can provide a glimpse into the strategies of the day, and provide a good repertoire of countermoves, however it’s much more important to learn how to play the game. Malicious hackers are always finding new ways to attack applications; especially those containing information of high value. As more mission-critical iOS applications come to market, there will be many new attacks that haven’t yet been discussed, and many countermoves as well. What’s important to take away from this book is the thought pattern of the adversary, and the subsequent response a developer should have.
Thinking Like an Attacker
All too often, developers code around the latest 0-day attacks by simply moving things around in their application, or adding a new sanity check to address a particular vulnerability. These typically only fix the problem for a few days, leaving an attacker to just make minor tweaks to their exploit. They can sometimes help, but the more complete strategy is one that does more than merely address the bug of the day. A good strategy follows the mindset of an attacker, and can even frustrate an attacker to move onto a less secure application. Books such as this can’t win the game for you, but can provide really good strategies to block an attack. As attackers figure out how to get past the latest blocks, you, the developer, must always be one step ahead of them. The best way to learn the mindset of an attacker, as you’ve ...
Get Hacking and Securing iOS Applications now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.