Discover 35 articles on Security in mobile performance
Showing 15 of 35 articles (Page 2 of 2)
Zomato's Android team breaks down SSL certificate pinning: the security feature that could brick your app if done wrong.
Zomato's Android team is tackling a critical vulnerability that most apps ignore. Your encrypted HTTPS traffic might not be as secure as you think.
DoorDash's Android team learned the hard way that adding payments isn't just about processing transactions. It's about building a system that scales across countries, payment methods, and user expectations.
Amorn Apichattanakul from KBTG just open-sourced a production-ready Flutter template that solves the three biggest headaches in mobile app development: CI/CD setup, native bridging, and security hardening.
Amorn Apichattanakul from KBTG reveals why the SSL pinning solution most Flutter devs find on StackOverflow has a critical security flaw. His team discovered this while building banking apps that passed penetra...
Cory Benfield from Apple's Cloud Services team just open-sourced SwiftNIO SSH, bringing programmatic SSH capabilities to Swift. Think libssh2, not openssh: this isn't a ready-made client, it's the building bloc...
Signal just solved one of iOS's most frustrating problems: losing your encrypted message history when you upgrade devices. imperiopolis walks through how they built a secure, local device-to-device transfer tha...
Minyoung Sim from LINE breaks down iOS code signing in forensic detail, revealing how Apple's security mechanism validates every app before execution. This isn't your typical overview.
AWS Amplify just made mobile authentication dramatically simpler. Device tracking, OAuth 2.0, and SAML federation now work out of the box for iOS and Android developers.
Jesse Wilson explains why Square is cutting off 11% of Android devices with OkHttp 3.13. Spoiler: your web servers might break too.
Seunghoon Kim from LINE's AIR GO team breaks down Android's APK signing evolution. If you're still using v1 signing, you're leaving security holes wide open.
Konstantin Yakushev from Bumble reveals the brutal truth about universal links: Apple and Google's 'simple' solution is riddled with undocumented bugs that break user experience. Here's how Badoo's team catalog...
The Badoo iOS team learned the hard way: adopting Swift in 2015 meant navigating undocumented code signing nightmares that crashed enterprise apps at runtime. Here's what broke and how they fixed it.
Trevor Johns from Android Developer Relations reveals a breaking change that could silently corrupt encrypted data for apps using Unicode passphrases. If your app uses PBKDF2 key derivation, this affects you.
Twitter built a 2FA system where your private keys never leave your phone and the server stores no persistent secrets. Here's the engineering behind it: