TCPdump is one of my favorite network packet analysis tools in existence today. In the past year I have enjoyed TCPdump so much that I have wanted to learn more about the project. So, I thought a good place to start would be to get involved contributing on GitHub. My contributions are not much, but they help me learn the ins and outs of the project and how to use some of the more advanced features as I come up in issues or pull requests. During my time thus far I have noticed that a lot of filtering questions tend to come up on how to use filters or how to interpret the documentation fo
As a long time mobile and server side engineer I have been involved in many different types of projects over the years. Some small, and some large, but all with one recurring trend; the mobile clients need to consume data from a server to perform a task. Sometimes this data being consumed is small, and other times the application needs to continuously poll or be notified of new data to keep the application up to date it real time. So far, this is probably nothing out of the ordinary, right?
Python just received a minor version update to Python 3.7 with many new performance enhancements, added features, and module improvements to the language. One of the existing Python modules in 3.7 that received some nice new enhancements is the ssl module. The updated ssl module now has enhanced hostname support, updates to how blacklisting and whitelisting work, but most importantly, conditional support for TLS 1.3 connections.
As you may have heard Apple’s World Wide Developer Conference was last week in San Jose, California showcasing all of the latest updates across all of the Apple platforms. Since Apple and Unix technologies are something I am heavily invested in I thought I would take a few minutes and provide an overview of the Siri and Networking updates that came out of WWDC 2018 that I found interesting.
In the last couple of months I have found myself in situations where I have needed to diagnose transport security issues from from the context of an iOS application. This often can be difficult from the client side perspective as you may not know anything about the minimum TLS version, preferred cipher suite, or the certificate in use on the server. Often, the best move you have, if you do not have a direct line to the server side team, is to test different settings to diagnose what works and what does not.
Debugging network activity on an iOS device can be challenging. There are fantastic tools built into Xcode that allow you to to see the data flowing in and out of the device, but troubleshooting network activity at the TCP level can be difficult. Often the best option you have is to perform a packet capture at the router level, but this presents it’s own set of challenges.
Debugging network issues no matter what platform you are on can be challenging. Often, the deeper you dig into the operating system the harder it can be to analyze and accurately interpret the network traffic you are seeing. And working with iOS is no different. Debugging iOS traffic from a device to a router or from a device to a server can present many challenges.
A few weeks ago Apple released a new open source framework on GitHub called Swift-NIO. What is Swift-NIO? The opening line on GitHub describes the project as a cross platform, event driven, non-blocking, application framework to develop high performance networking applications in Swift. So what does that mean? That means that Apple has developed a foundational project for any application that may need take advantage of an asynchronous networking framework, similar to that of Node.js.
In an effort to always keep myself informed and up to date with the latest network security enhancements for iOS and macOS I downloaded and read through the Apple White Paper, entitled iOS Security Guide, January 2018. This security guide itemizes all of the latest security standards and enhancements Apple has put out for development and info security teams to reference when making decisions about how to design their applications. Reading through this document I can recognize many notable sections, but the section th