be signed by Apple - Each app has unique ID and directory - ‘Sandbox’ restricts app from accessing almost everything - Apps cannot access data from other apps* - Low level ‘attacks’ reduced with ‘sandbox’* General conditions
with 4 tables: genp, inet, cert, keys - keychain API performs IPC calls to securityd which handles database access - access control is based on application id - new: applications with the same keychain access group entitlement can access/share the keychain items - simple “WHERE agrp = %s” clause appended to SQL statements Keychain
only after the device is unlocked kSecAttrAccessibleAfterFirstUnl ock Keychain item is accessible only after the first unlock of the device until reboot kSecAttrAccessibleAlways Keychain item is accessible even when the device is locked kSecAttrAccessibleWhenUnlocke dThisDeviceOnly Keychain item is accessible only after the device is unlocked, and the item cannot be migrated between devices. kSecAttrAccessibleAfterFirstUnl ockThisDeviceOnly Keychain item is accessible after the first unlock of the device and the item cannot be migrated between devices. kSecAttrAccessibleAlwaysThisD eviceOnly Keychain item is accessible even when the device is locked and the item cannot be migrated between devices.
(compatibility version 1.0.0, curre /System/Library/Frameworks/QuartzCore.framework/QuartzCore (compatibility version 1.2 /System/Library/Frameworks/SystemConﬁguration.framework/SystemConﬁguration (compat version 499.0.0) /usr/lib/libxml2.2.dylib (compatibility version 10.0.0, current version 10.8.0) /System/Library/Frameworks/Security.framework/Security (compatibility version 1.0.0, curren /System/Library/Frameworks//CoreData.framework/CoreData (compatibility version 1.0.0, c /System/Library/Frameworks/UIKit.framework/UIKit (compatibility version 1.0.0, current ver /System/Library/Frameworks/Foundation.framework/Foundation (compatibility version 300.0 /System/Library/Frameworks/CoreGraphics.framework/CoreGraphics (compatibility version /usr/lib/libobjc.A.dylib (compatibility version 1.0.0, current version 227.0.0) /usr/lib/libSystem.dylib (compatibility version 1.0.0, current version 125.0.0)
t -[WABaseProﬁleHeader nicknameLabel] 00040980 - 01 0000 FUN -[WABaseProﬁleHeader nicknameLabel] 00040360 t -[WABaseProﬁleHeader onClanButtonTap:] 00040360 - 01 0000 FUN -[WABaseProﬁleHeader onClanButtonTap:] 000402d0 t -[WABaseProﬁleHeader onCompareButtonTap:] 000402d0 - 01 0000 FUN -[WABaseProﬁleHeader onCompareButtonTap:] 00040610 t -[WABaseProﬁleHeader roleLabel] 00040610 - 01 0000 FUN -[WABaseProﬁleHeader roleLabel] *Xcode does not strip symbols by default 
functions MSHookFunction(CFShow, replaced_CFShow, &original_CFShow); De facto framework for developing iOS(Android!) extensions - MobileLoader dynamically loads code in running iOS process using DYLD_INSERT_LIBRARIES environment variable /Library/MobileSubstrate/DynamicLibraries/ *Use theos tool for convenience
for additional obfuscation - verify In-App purchases - do not save significant info in plists/plain text - encrypt your app’s resources (artworks, sound, etc.) - check if phone is jailbroken (and act accordingly) - turn off NSLog :) Protect yourself