Comments for iOS 6 Programming: Pushing the limits

Comment on CGLayer no longer recommended by Mariano

Mariano — Fri, 25 Jan 2013 23:13:33 +0000

I have watched it as well and I found myself frustrated at this moment because the source code is not available. Any luck on your side?

Comment on CGLayer no longer recommended by Danilo

Danilo — Thu, 17 Jan 2013 05:49:25 +0000

I have watched the 506 session videos from wwdc and also have download the source demos for the 2012 wwdc. But The code for the paint app from that session was not available. Does anyone have the source code for that app “iOS Paint” from the session? Thanks.

Comment on The Singleton pattern by Dave

Dave — Sat, 05 Jan 2013 20:19:59 +0000

Thanks, this helps a lot!

Comment on The Singleton pattern by robnapier

robnapier — Sun, 30 Dec 2012 20:39:41 +0000

First, you need to understand the "static" keyword. It means that there is only one "once" variable. It is not a local variable to this function, or an instance variable. There is one copy for the entire program. Furthermore, "once" is initialized to all zeros before the program starts running. Both of these are features of C. There's nothing special here. So no matter how we get to this method, and no matter what thread we're running on, "once" refers to the same memory. dispatch_once does effectively the following:

lock(token);
if (! token) {
  ... do the block ...
  token = ;
}
unlock(token);

Logically it works like the above, but the actual implementations of "lock()" and "unlock()" are insanely fast if token has already been set and there's no actual blocking. See Jim Dovey's discussion on how this can be implemented using OSAtomicCompareAndSwapPtrBarrier(), which is probably similar to how dispatch_once is actually implemented, but I haven't gone and looked.

Comment on The Singleton pattern by Dave

Dave — Sun, 30 Dec 2012 20:04:59 +0000

I am working my way through your iOS6 book. For someone not very experienced with GCD Could you explain the syntax for this singleton pattern? thanks.

Comment on CGLayer no longer recommended by Akiel

Akiel — Wed, 21 Nov 2012 16:35:18 +0000

Answering my own question after looking at CALayer header which says
@property(retain) id contents;
so the answer is yes (should’ve checked before asking, sorry!)

Comment on CGLayer no longer recommended by Akiel

Akiel — Wed, 21 Nov 2012 16:24:45 +0000

Rob,

Would I be right in assuming that multiple instances of CALayer can share the same content? In the sense that when you set

layer1.content = aCGImage;
layer2.content = aCGImage;

they’re pointing to the same CGImage in memory, as opposed to each layer making its own copy of the image?

I had an app in mind that would make extensive use of “stamping”, as you call it.

Comment on Going Offline Errata by Alice

Alice — Sun, 11 Nov 2012 13:05:05 +0000

Hi!
In method isMenuItemsStale, the stalenessLevel is always returned negative.
This is because the file modification date is always earlier than current date.
I modified it to:
NSDate *now = [NSDate date];
NSDate *modificationDate = [[[NSFileManager defaultManager] attributesOfItemAtPath:archivePath error:nil] fileModificationDate];
NSTimeInterval stalenessLevel = [now timeIntervalSinceDate:modificationDate];

Does it make sense?

Comment on Going Offline Errata by Jose

Jose — Mon, 01 Oct 2012 09:25:58 +0000

Also I think on method:
+ (void)cacheData:(NSData*) data toFile:(NSString*) fileName;

The part:

if ([recentlyAccessedKeys count] > kCacheMemoryLimit) { NSString *leastRecentlyUsedDataFilename = [recentlyAccessedKeys lastObject]; NSData *leastRecentlyUsedCacheData = [memoryCache objectForKey:leastRecentlyUsedDataFilename]; NSString *archivePath = [[AppCache cacheDirectory] stringByAppendingPathComponent:fileName]; [leastRecentlyUsedCacheData writeToFile:archivePath atomically:YES];

[recentlyAccessedKeys removeLastObject]; [memoryCache removeObjectForKey:leastRecentlyUsedDataFilename]; }

Should be:

if ([recentlyAccessedKeys count] > kCacheMemoryLimit) { NSString *leastRecentlyUsedDataFilename = [recentlyAccessedKeys lastObject]; NSData *leastRecentlyUsedCacheData = [memoryCache objectForKey:leastRecentlyUsedDataFilename]; // Changes: path yo save in disk the last object in memory NSString *archivePath = [[AppCache cacheDirectory] stringByAppendingPathComponent:leastRecentlyUsedDataFilename]; // End changes. [leastRecentlyUsedCacheData writeToFile:archivePath atomically:YES];

[recentlyAccessedKeys removeLastObject]; [memoryCache removeObjectForKey:leastRecentlyUsedDataFilename]; }

Thanks!
Jose.

Comment on “New” (well, not really new) PRF functions for PBKDF2 by robnapier

robnapier — Wed, 19 Sep 2012 02:06:29 +0000

I used to write Infosec policy for Cisco, and performed security assessments for them for years. While I've learned a lot more of the theory in recent years, I've always been focused on the practical aspects of security. You are correct that as a matter of corporate policy it is convenient to make blanket statements like "never use SHA-1." But it is critical that we as security engineers know the details, even if we write more conservative policy. Otherwise we undermine our credibility fighting over something that isn't actually a risk. I'm aware of no security risks in using SHA-1 in the HMAC of PBKDF2 that are mitigated by using SHA-2. I am eager for links to known or theorized vulnerabilities from knowledgeable writers. It's not just that it's "not that bad." It is currently equivalent to SHA-2 in security terms for use within the HMAC of PBKDF2. PBKDF2 simply does not require a collision-resistant hash in its HMAC in order to maintain its security (hooray!). This is why Schneier said "it doesn't affect applications such as HMAC where collisions aren't important." There are some concerns about PBKDF2 because its may be too easy to implement in hardware, but that's unrelated to collisions in the hash function and is not improved with SHA-2. I developed RNCryptor specifically because so many iOS developers were using AES wrong. They'd heard the simple rule "AES good," and then proceeded to implement it completely insecurely thinking that its AESness would cover all sins. We need to educate our engineers better in how crypto systems work and how to reason about them. There is too much "I heard this was good and this was bad" and it leads to bad security implementations. Someone in the org needs to know how to evaluate issues with more than just rules of thumb, and developers need know when to go to the expert for advice. Of course you shouldn't design your own KDF. No argument. Nor your own hash or cipher. You shouldn't even implement them yourself if you can possibly help it. That's why RNCryptor relies entirely on the OS for security code. As I said, we should move to SHA-2 in PBKDF2 as a matter of housekeeping. We should move to SHA-2 for digests as a matter of security. Security people should be clear on the difference, and push much harder on the ones that matter so we don't use too much political capital fixing things that aren't broken. I apologize for the length. I've tried to trim it down a bit. This is a passion for me, as I suspect it is for you. And I still highly recommend the Stanford course. It's free and excellent. I think every senior security professional should at least attempt it. Thanks for reading. I do appreciate the comments. As you say, this stuff is very real-world for you. I hope my writing can help your iOS developers write more secure code.