Hacking and Securing iOS Applications: Stealing Data, Hijacking Software, and How to Prevent It

Hacking and Securing iOS Applications: Stealing Data, Hijacking Software, and How to Prevent It

by Jonathan Zdziarski


$35.99 $39.99 Save 10% Current price is $35.99, Original price is $39.99. You Save 10%.
View All Available Formats & Editions
Choose Expedited Shipping at checkout for guaranteed delivery by Wednesday, September 25


If you’re an app developer with a solid foundation in Objective-C, this book is an absolute must—chances are very high that your company’s iOS applications are vulnerable to attack. That’s because malicious attackers now use an arsenal of tools to reverse-engineer, trace, and manipulate applications in ways that most programmers aren’t aware of.

This guide illustrates several types of iOS attacks, as well as the tools and techniques that hackers use. You’ll learn best practices to help protect your applications, and discover how important it is to understand and strategize like your adversary.

  • Examine subtle vulnerabilities in real-world applications—and avoid the same problems in your apps
  • Learn how attackers infect apps with malware through code injection
  • Discover how attackers defeat iOS keychain and data-protection encryption
  • Use a debugger and custom code injection to manipulate the runtime Objective-C environment
  • Prevent attackers from hijacking SSL sessions and stealing traffic
  • Securely delete files and design your apps to prevent forensic data leakage
  • Avoid debugging abuse, validate the integrity of run-time classes, and make your code harder to trace

Product Details

ISBN-13: 9781449318741
Publisher: O'Reilly Media, Incorporated
Publication date: 01/25/2012
Pages: 358
Product dimensions: 6.90(w) x 9.10(h) x 0.90(d)

About the Author

Jonathan Zdziarski is better known as the hacker "NerveGas" in the iOSdevelopment community. His work in cracking the iPhone helped lead theeffort to port the first open source applications to it, and his bookiPhone Open Application Development taught developers how to writeapplications for the popular device long before Apple introduced itsown SDK. Jonathan is also the author of many other books, includingiPhone SDK Application Development and iPhone Forensics. Jonathanpresently supports over 2,000 law enforcement agencies worldwide anddistributes a suite of iOS forensic imaging tools to obtain evidencefrom iOS devices for criminal cases. He frequently consults and trainslaw enforcement agencies and assists forensic examiners in theirinvestigations.

Jonathan is also a full-time Sr. Forensic Scientist, where, amongother things, he performs penetration testing of iOS applications forcorporate clients.

Table of Contents

  • Dedication
  • Preface
  • Chapter 1: Everything You Know Is Wrong
  • Hacking
    • Chapter 2: The Basics of Compromising iOS
    • Chapter 3: Stealing the Filesystem
    • Chapter 4: Forensic Trace and Data Leakage
    • Chapter 5: Defeating Encryption
    • Chapter 6: Unobliterating Files
    • Chapter 7: Manipulating the Runtime
    • Chapter 8: Abusing the Runtime Library
    • Chapter 9: Hijacking Traffic

  • Securing
    • Chapter 10: Implementing Encryption
    • Chapter 11: Counter Forensics
    • Chapter 12: Securing the Runtime
    • Chapter 13: Jailbreak Detection
    • Chapter 14: Next Steps

Customer Reviews

Most Helpful Customer Reviews

See All Customer Reviews

Hacking and Securing iOS Applications: Stealing Data, Hijacking Software, and How to Prevent It 2.6 out of 5 based on 0 ratings. 5 reviews.
m_k_o More than 1 year ago
This book shows the other side of Apple’s devices. Less secure one. We all are told that iOS based devices are secure due to restrictions applied by Apple. This is not exactly true. Well, there is always the other side of the coin. When I started the book I simply dived into it. I read it over one evening. Jonathan takes you on the journey over the low level layers of iOS development and shows what bad guys can do when they put their hands on your “precious”. He presents how to jailbreak device, how to access common data, how to retrieve information from the device, how to manipulate it and how to compromise it. After various malicious behavior is described, Jonathan shows how to make your own applications more bullet proof. How to avoid caching, how to encrypt better, how to detect jailbreaked devices. Last topics is particularly interesting for people who develop proprietary software and want to make sure it will not be compromised by irresponsible users. You will also learn few interesting debugging techniques and find loots of references to other sources related to the topic. Book is both rewarding and demanding at the same time. If you are an iOS newbie, you’d better learn more about Objective-C, shell and iOS SDK before you start this one. Contrary, if you are familiar with mentioned topics already, and you know some basics of assembler, go ahead and buy this one. Note!! To fully benefit from the book you will need a device that you can jailbreak. Otherwise you won’t be able to follow all exercises.
Anonymous More than 1 year ago
Boring i didnt even whant to read it all
Anonymous More than 1 year ago
Anonymous More than 1 year ago
You suck
Anonymous More than 1 year ago