To secure data is to prepare for jailbreak presented at Hacktivity 2012

by Zsombor Kovcs,

Tags: Security

Summary : Usually, designing the security architecture of an iOS application poses a harder challenge than the classic case of "browser/web server" scenario. There is a multitude of challenges to prepare for: the device can be physically stolen or lost, or the owner lends the device for a limited period of time. A proper iOS application also has to prepare for those cases.
It is a common problem that in order to protect data at rest, developers pack the application full with cryptographic voodoo, but they do not prepare for the case when the device is jailbroken. What does such a device mean for developers? What is going to work and what is not? Which iOS security controls are to be trusted? In the talk, we discuss such matters.