Mobile App Security Requirements and Verification

Wer für mobile Geräte (i.e. iPhone, iPad etc.) Software entwickelt, der sollte sich auch um die Sicherheit der App kümmern.

Das OWASP-Projekt (Open Web Application Security Project) stellt hier beispielhaft viele Dokumente bereit, die einem zeigen, auf was man alles achten sollte.

Für Mobile gibt es einen gesonderten Bereich OWASP Mobile Security Project.

Vor allem das Dokument (OWASP_Mobile_AppSec_Verification_Standard_v1.0.pdf) zu den Mobile Application Security Verification Standard (MASVS) ist sehr sehr lesenswert.

Eine praktische Checkliste für die erreichbaren Level (MASVS-1, MASVS-2, MASVS-2+R) gibt es als Excel Tabelle (Mobile_App_Security_Checklist.xls).

Why do I blog this?Weil es sehr nützlich ist. Für die ganz Ungeduldigen… man kann es auch als Git-Book lesen.

Note-2-Self: PocketCHIP

I just want to remind myself I want a PocketCHIP to play around with an idea I have.

Ordered this item long time ago on 30th of august 2017. nothing yet here. (Depublizierungsschutz) I guess I will not see this thing arriving here in 2017.


Looks like the guys at Next Thing Co. just do not deliver anything. So I guess my money is gone. :(

Why do I blog this? This one project (not a game) can be realized with this easily.

Overview of hacker-friendly single board computers

The linux gizmos mag has a nice and helpful review/compilation of all kind of single board computers created in Jan 2017.

Brief reviews on the site look like this:

They also have a spreadsheet online to get the full overview.

Why do I blog this? I always wanted to play around with one of these. I did a bit playing around with Arduino but never went for something more than a 20-40 lines of code. Maybe this helps to get me into a deeper sphere of playing around with these quite powerful things.