If you blog it they will come?

Friday, June 29, 2012

List of shortcuts to change in XCode

Some shortcuts in XCode don't make sense at all, some are for features I never use, and some are awesome but off by default. I'll update this periodically.

Shortcuts to enable/simplify:

  • Select Word (Selection)
    • This is close the vim-ism "Change Inner Word" (ciw). Saves a lot of cursor hopping.
    • Ctrl+W  
  • Move Focus to Next Area
    • makes it easier to hop between the split panes if you don't want to deal with the Cmd+J navigation view.
    • Cmd+Option+up arrow

Shortcuts everyone should disable:

  • Ctrl+P to print
    • when was the last time you needed to print anything in Xcode?

Shortcuts I have no use for:

  • I never use code folding
    • It's too much manual work to fold and unfold everything
    • If you need code folding, your methods are too long.
    • If you want to find functions quickly, just hit Ctrl+6 and start typing its name

Friday, June 1, 2012

iOS Security Overview

I recently read Apple's iOS security overview which outlines the various security measures present on iOS devices.

It's a fairly short read at under 20 pages and it's great stuff to familiarize yourself with if you're developing on the platform. Here is a summary / some limited thoughts (I don't know much about security):

  • A lot of Apple's security measures are possible due to novel hardware solutions
    • The ARM processor's Execute Never which marks pages as non-executable
    • AES 256 crypto engine and SHA-1 are built into the file system and implemented in hardware, which drastically reduces the overhead of encrypting everything
    • Novel ways of wiping sensitive data that would otherwise linger in flash memory
    • UIDs are not readable by software or firmware, yet still used as input to crypto
A lock inside a lock inside a lock

  • The file system encryption is of an onion nature
    • File metadata is not available all the time. This is to restrict access when the device is locked or interrupted by a phone call, etc. and availability rules are described by a files' class
    • File metadata is encrypted. The file data itself is encrypted too, and that key is only available after decrypting the file metadata (that's right, each file has its own key)
    • Did I mention that the file class which points to the file's metadata is also encrypted? See image above
    • It's fast to remote wipe your device: just destroy the top level keys and nothing else on the filesystem is accessible
  • Every encryption/security algorithm I've heard of is deployed here (ok not ROT13):
    • Address space layout randomization
    • Lots of certificates to authenticate trusted code
    • Asymmetric elliptic curve cryptography (Curve25519)
    • Yarrow
    • PBKDF2
    • SSL, VPN, etc.
    • AES and SHA-1
    • escalating time delays: it'd take years to brute force a short password
  • I don't understand keybags yet
    • My eyes glazed over and it sounds too similar to teabags