サクサク読めて、アプリ限定の機能も多数!
トップへ戻る
おみそ汁
krausefx.com
Last week I published a report on the risks of mobile apps using in-app browsers. Some apps, like Instagram and Facebook, inject JavaScript code into third party websites that cause potential security and privacy risks to the user. I was so happy to see the article featured by major media outlets across the globe, like TheGuardian and The Register, generated a over a million impressions on Twitter
Update: A week later, I’ve published a new post, looking into other apps including TikTok, where I also found an additional JavaScript event listener of Instagram which can monitor all taps on third party websites. Check it out here The iOS Instagram and Facebook app render all third party links and ads within their app using a custom in-app browser. This causes various risks for the user, with th
howisFelix.today? Want to be the first to hear about more privacy and mobile related essays? Subscribe I’ve built and published iOS apps for over 8 years now. Back then the App Store review times were over 2 weeks, iTunes Connect would allow only uploads of a single screenshot at a time, there was no CocoaPods… and code signing was pretty much the same as it is today. In 2014, I sat in my dorm roo
howisFelix.today? Want to be the first to hear about more privacy and mobile related essays? Subscribe Update 2019-06-04 Apple has fixed this issue with macOS Catalina Facts Any Mac app, sandboxed or not sandboxed can: Take screenshots of your Mac silently without you knowing Access every pixel, even if the Mac app is in the background Use basic OCR software to read the text on the screen Access a
howisFelix.today? Want to be the first to hear about more privacy and mobile related essays? Subscribe Update 2020-06-22 Apple has fixed this issue with iOS 14 Facts Once you grant an app access to your camera, it can access both the front and the back camera record you at any time the app is in the foreground take pictures and videos without telling you upload the pictures/videos it takes immedia
howisFelix.today? Want to be the first to hear about more privacy and mobile related essays? Subscribe Do you want the user’s Apple ID password, to get access to their Apple account, or to try the same email/password combination on different web services? Just ask your users politely, they’ll probably just hand over their credentials, as they’re trained to do so 👌 Disclaimer This is just a proof
howisFelix.today? Want to be the first to hear about more privacy and mobile related essays? Subscribe It’s only been a bit over year that fastlane joined Fabric at Twitter, which enabled me and the team to build even more awesome things around fastlane, just some examples: A web-app to build your fastlane configuration A pre-packaged fastlane, to have all dependencies bundled fastlane plugins, a
howisFelix.today? Want to be the first to hear about more privacy and mobile related essays? Subscribe When submitting iOS apps to the App Store with Bitcode enabled, your app gets recompiled by Apple, to be optimized for specific devices and architectures. While Bitcode is optional, it’s more and more encouraged by Apple, and even required for watchOS and tvOS apps. Due to the fact that recompili
howisFelix.today? Want to be the first to hear about more privacy and mobile related essays? Subscribe Update 2017: fastlane got acquired by Google I started fastlane as a side project about a year ago. In just a short time, fastlane became the most popular iOS automation toolset, used by thousands of developers around the world. I never imagined that so many people would use it or how much time i
howisFelix.today? Want to be the first to hear about more privacy and mobile related essays? Subscribe Up until now you had 2 good ways to build and sign your application from the command line: Use the built-in xcodebuild command Use the third party tool shenzhen Both approaches have their problems xcodebuild When using xcodebuild you have to fiddle around with a long list of available parameters:
howisFelix.today? Want to be the first to hear about more privacy and mobile related essays? Subscribe Launching AppTrackingTransparency.ai - the first, of many hyper-focused ContextSDK products, helping you increase your app’s revenue. Apps relying on ad-revenue have struggled showing the App Tracking Transparency (ATT) prompt at the right time, reducing their likelihood of an opt-in. Large playe
このページを最初にブックマークしてみませんか?
『Felix Krause』の新着エントリーを見る
j次のブックマーク
k前のブックマーク
lあとで読む
eコメント一覧を開く
oページを開く