[prev in list] [next in list] [prev in thread] [next in thread]
List: websecurity
Subject: [WEB SECURITY] How Not to Store Passwords in iOS
From: Frank Kim <frankykim () gmail ! com>
Date: 2011-01-06 20:32:09
Message-ID: AANLkTikF5OUVLibJrLPh=wPhhv2GEEGGLXWWZg6XuQZh () mail ! gmail ! com
[Download RAW message or body]
Just wanted to share this post if you haven't seen it already. Talks
about how the WordPress iOS app stores credentials in plain text. To
their credit the WordPress for iOS team has already committed a fix
for the issue.
https://blogs.sans.org/appsecstreetfighter/2011/01/05/using-keychain-to-store-passwords-ios-iphone-ipad/
If you're interested in mobile there's a talk on "Hacking and Securing
Next Generation iPhone and iPad Apps" and other cool talks at SANS
AppSec 2011 on March 7-8 in San Francisco (full disclosure: I'm
chairing the conference). Arian (thanks for the kinds words earlier),
Jim Manico and a bunch other will be speaking there as well. Check
out the agenda at
http://www.sans.org/appsec-2011/agenda.php
----------------------------------------------------------------------------
Join us on IRC: irc.freenode.net #webappsec
Have a question? Search The Web Security Mailing List Archives:
http://www.webappsec.org/lists/websecurity/archive/
Subscribe via RSS:
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]
To unsubscribe email websecurity-unsubscribe@webappsec.org and reply to
the confirmation email
Join WASC on LinkedIn
http://www.linkedin.com/e/gis/83336/4B20E4374DBA
WASC on Twitter
http://twitter.com/wascupdates
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic