Skip to main content

Network Security

Now the Google I/O’ 19 is officially in the books I wanted to do a short overview on some of the interesting Android Encryption updates announced at this years event.

As a long time mobile and server side engineer I have been involved in many different types of projects over the years.  Some small, and some large, but all with one recurring trend; the mobile clients need to consume data from a server to perform a task.  Sometimes this data being consumed is small, and other times the application needs to continuously poll or be notified of new data to keep the application up to date it real time.

OpenSSL 1.1.1 LTS
Featured Post

On September 11th, 2018 the OpenSSL team released a Long Term Support (LTS) version (1.1.1) of OpenSSL which will be supported by the community and the core team for the next five years.  This LTS release includes many new features such as TLS 1.3, ABI version compatibility, new cryptography algorithms, and an overhaul in many areas to the random number generators included in OpenSSL.

Python just received a minor version update to Python 3.7 with many new performance enhancements, added features, and module improvements to the language.   One of the existing Python modules in 3.7 that received some nice new enhancements is the ssl module.

In the last couple of months I have found myself in situations where I have needed to diagnose transport security issues from from the context of an iOS application.  This often can be difficult from the client side perspective as you may not know anything about the minimum TLS version, preferred cipher suite, or the certificate in use on the server.  Often, the best move you have, if you do not have a direct line to the server side team, is to test different settings to diagnose what works and what does not.