Twitter | Search | |
Rob Napier
Swift and Go. Love 'em both. They make me mad in completely different ways. Infosec as required.
13,095
Tweets
329
Following
5,828
Followers
Tweets
Rob Napier Aug 17
Yeah, really great work on the tool and writing it up. That’s very cool stuff. And a great targeted use case to drive learning it!
Reply Retweet Like
Rob Napier Aug 15
One of these days I’ll remember not to delete the app that Xcode is debugging. Sometimes it’s fine. Lots of times it hangs Xcode and I have to force quit. Days since I forgot: 0
Reply Retweet Like
Rob Napier Aug 15
I’m finally to that comfortable part in Horizon (~level 43, all overrides unlocked, upgraded spear, lots of Shadow armor) where I’m powerful enough to take on most anything I wander across without much trouble, so I can do what I love to do. Hunt for ...
Reply Retweet Like
Rob Napier Aug 15
Replying to @cocoaphony
What I like about is that it's actually a blog that happens to be tweet-like when things are short. I probably should just post to my real blog, but that's gotten to feel like being an Octopress admin more than writing.
Reply Retweet Like
Rob Napier Aug 15
OK, since brought it up, I'll at least take a look, but so far I've been mostly on . Still, to have the account. @cocoaphony@mastodon.social.
Reply Retweet Like
Rob Napier Aug 15
Replying to @griotspeak
(clearly I was wrong about that)
Reply Retweet Like
Rob Napier Aug 15
Replying to @griotspeak
I haven't tried mastodon; I'm only using . I had been under the impression that I had to self-host mastodon and so hadn't dug any deeper, but I was probably just wrong about that.
Reply Retweet Like
Rob Napier Aug 15
Replying to @_iains @olebegemann
To be clear, my stego tool has no intention to prevent reverse engineering by debuggers. I think this is a fool's errand unless you are very well funded. It's only goal is to thwart automated scanners enough that attackers move on to the next app and ignore you.
Reply Retweet Like
Rob Napier Aug 15
Replying to @_iains @olebegemann
I'm working a little on a data obfuscator (technically a steganography tool). I think steganography has some potential value in iOS. It happens to be the subject of my upcoming talk at 360iDev for anyone interested in that:
Reply Retweet Like
Rob Napier Aug 15
Replying to @_iains @olebegemann
What you generally want is hardening (anti-debugging) more than obfuscation (anti-decompiling). And hardening is…hard. And generally comes with a hefty price tag. If you're interested in the basics, this is my favorite gentle introduction. 3/
Reply Retweet Like
Rob Napier Aug 15
Replying to @_iains @olebegemann
In Swift there are so many markers to help you. In particular, you can't hide the types. After obfuscation, here's what a function might look like in Hopper (once you know how to read Hopper properly). I'm sure you have *no* idea what this function is doing… :D Super Secret. 2/
Reply Retweet Like
Rob Napier Aug 15
Replying to @_iains @olebegemann
Obfuscation as a rule is not helpful. For it to be helpful, you should expect it to hurt performance and bloat code size. If it isn't, then it's not doing anything. Symbol names aren't how you reverse engineer things most of the time anyway. 1/
Reply Retweet Like
Rob Napier Aug 15
Replying to @olebegemann
In my experience the best pure-algorithm obfuscator is an aggressive optimizer. The number of times I've looked at optimized Swift output (with no attempt at obfuscation and full access to the source code) and said "wait, what? where is… huh?" :D
Reply Retweet Like
Rob Napier Aug 15
Replying to @olebegemann
It looks like a really great way to learn about the compiler. Pretty useless as an obfuscator (symbol renaming, particularly if interacting with Cocoa, provides very little protection to algorithms, and even less to secrets), but I love this intro to the tooling.
Reply Retweet Like
Rob Napier Aug 14
Talking to got me thinking about TV, and after watching a few seasons of Killjoys for its kind of silly fun that you shouldn’t take too seriously, wow it suddenly got good this season. But I don’t know if you can jump into it w/o slogging through 3 years of setup.
Reply Retweet Like
Rob Napier Aug 14
Replying to @RedQueenCoder
I…wow…heh…I don’t know what…non-alcoholic white Zin to…prepare…fine wine… Ok, you have broken me for tonight. :)
Reply Retweet Like
Rob Napier Aug 14
Replying to @RedQueenCoder
My wife laughs a little at me when people are being embarrassed in a show. “You’re going to hide for this part, aren’t you?” Yes, yes I am. Generally behind a pillow until it’s over. “Funniest home videos” and almost all reality TV are not my thing. Frasier understood me. :)
Reply Retweet Like
Rob Napier Aug 14
Replying to @RedQueenCoder
Unrelated: Frasier is one of my favorite sitcoms because, while many of the situations are based on embarrassment, the embarrassment almost always occurs offscreen. You have the brief setup, and you have the aftermath story, but it generally skips the painful “happening” part.
Reply Retweet Like
Rob Napier retweeted
Sommer Panage Aug 14
This! Often we say, “every image needs a label,” when we really mean “every image that conveys information needs a label!”
Reply Retweet Like
Rob Napier retweeted
infinitetape (@infinitetape@mastodon.cloud) Aug 14
If you'd like to learn how to leverage functional programming techniques in Swift, I highly recommend taking this class by . He's a great teacher! Early bird discount ends on Friday.
Reply Retweet Like