"A failure in the hot air department"
Full blog index.
Friday Q&A 2016-02-19: What Is the Secure Enclave? at 2016-02-19 14:40
The big tech news this week is that the FBI is trying to force Apple to unlock a suspect's iPhone. One of the interesting points around this story is that the iPhone in question is an older one, an iPhone 5c. Newer phones have what Apple calls the Secure Enclave, which some say protects against requests of this nature; even if Apple wanted to break into your phone, they couldn't. Which then brings up an interesting question I've seen a lot of people asking: what exactly is the Secure Enclave, and what role does it play here?
Friday Q&A 2015-05-01: Fuzzing with afl-fuzz at 2015-05-01 13:24
With computer security high on everyone's minds these days, tools that help assess and improve the security of our code are extremely useful. Today I'm going to talk about one such tool,
afl-fuzz, which has seen a lot of attention lately and produces some interesting results. I'll discuss how it works and how to use it on your own code.
Use strnstr at 2008-03-18 20:49
A few months ago I told everyone not to use
strnstr. This bug was fixed in Leopard, but persisted in Tiger. Today, Apple finally fixed it in Tiger. Now you can safely use
strnstr. I assume that this bug probably still exists on Panther and earlier, but as long as you're targeting Tiger and up (as every sane person ought to), you are now safe.
Don't use strnstr at 2007-09-26 00:00
strnstrfunction is broken on Mac OS X 10.4 (and presumably earlier) and should be avoided.