Skip Hovsmith

Strengthen TLS in React Native Through Certificate Pinning - iOS Edition

Fri 30 November 2018 By Skip Hovsmith

Category: iOS, TLS, ReactNative

Enhance React Native’s networking API protection on Android and iOS without touching your Javascript code or manually editing the native code projects.

Read More

STRENGTHEN TLS IN REACT NATIVE THROUGH CERTIFICATE PINNING

Tue 14 August 2018 By Skip Hovsmith

Category: Android, ReactNative

 

Beginning in July 2018 with the 68 release, Chrome began marking all sites not running HTTPS (TLS over HTTP) as “not secure”. TLS uses site certificates to establish a chain of trust and encrypt...

Read More

REACT NATIVE: BRIDGING AN IOS NATIVE MODULE FOR APP AUTHENTICATION

Wed 09 May 2018 By Skip Hovsmith

Category: ReactNative, iOS

Photo by Liu Zai Hou on Unsplash

Read More

REACT NATIVE: BRIDGING AN ANDROID NATIVE MODULE FOR APP AUTHENTICATION

Wed 02 May 2018 By Skip Hovsmith

Category: ReactNative, Android

Photo by NGO TUNG on Unsplash

Read More

A TOUR OF API UNDERPROTECTION

Tue 03 April 2018 By Skip Hovsmith

Category: API Keys, Integration, TLS

AN OWASP APPSEC CALIFORNIA 2018 TALK

The fifth annual OWASP AppSec California was held in late January 2018 on the beach in Santa Monica. AppSec California is organized and run by an all-volunteer...

Read More

STRENGTHENING OAUTH2 FOR MOBILE

Wed 03 January 2018 By Skip Hovsmith

Category: Mobile App Authentication, OAuth2, TLS

Photo by Patrick Metzdorf on Unsplash

Read More

ADDING OAUTH2 TO MOBILE ANDROID AND IOS CLIENTS USING THE APPAUTH SDK

Mon 23 October 2017 By Skip Hovsmith

Category: Mobile App Authentication, OAuth2, TLS

OAuth2, often combined with OpenID-Connect, is a popular authorization framework that enables applications to protect resources from unauthorized access. It delegates user authentication to an...

Read More

API PROTECTION REQUIRES BOTH USER AND APP AUTHENTICATION

Mon 14 August 2017 By Skip Hovsmith

Category: Mobile App Authentication

As an API provider, you open your restful back end to those you trust in the hopes of doing something useful, making a profit, or both. You’re quite careful about registering and authenticating...

Read More

WHITELISTS AND INDIRECTION GO TOGETHER LIKE CHOCOLATE AND PEANUT BUTTER

Fri 28 July 2017 By Skip Hovsmith

Category: API Keys, Mobile App Authentication, Reverse Engineering, Third Party APIs

source: nourishmorelove

Read More

HOW PYTHON CODERS TRIED TO KILL MY SUPPOSEDLY SECURE JAVASCRIPT API SERVICE

Thu 15 June 2017 By Skip Hovsmith

Category: Mobile App Authentication, API Keys

ONE DEVELOPER’S BAD DREAM

Read More

Page 1 of 2