IOActive’s Ilja van Sprundel to Present at LOGIN 2011

IOActive’s Principal Security Consultant to present Writing Secure iOS Applications

Seattle, Wash—May 17, 2011. IOActive, a leading provider of application security, compliance, and smart grid security services, today announced that Ilja van Sprundel, one of their Principle Security Consultants, will present Writing Secure iOS Applications at LOGIN Conference 2011. LOGIN is the conference for developers in the online gaming industry, which includes Facebook game, MMOG, Xbox Live and PlayStation Network, and iPhone/iPad development as well as digital distribution. This annual conference, hosted in Washington state each May, brings together a mix of industry leaders to discuss, collaborate, and share advancements about technology, design, business, community, and legal areas of online game development.

In this presentation, van Sprundel will discuss lessons learned from auditing iPhone, iPad, and iPod Touch applications over the last year. It will cover the use of specific APIs, why some of them aren't granular enough, and why they might expose way too much attack surface. The talk will cover transport security, use of XML APIs, URL handling, use and misuse of UIWebView, format string bugs, and much more. He also will discuss possibly problematic issues with common code patterns in iOS applications from a security point of view, and then offer possible solutions, workarounds, or mitigations.

WHAT  Writing Secure iOS Applications

WHERE  Meydenbauer Center

WHEN  May 18, 2011. 11:30 am.

HOW  For more information, visit the LOGIN website.

About Ilja van Sprundel
As a Principle Security Consultant at IOActive, Ilja van Sprundel performs penetration testing, identifies system vulnerabilities, and designs custom security solutions for clients in software development, telecommunications, financial services, and non-profit organizations. Van Sprundel has a passion for security and takes an offensive approach. He participated in the final security review of Windows Vista, has authored numerous white papers, and speaks at security conferences around the world including PacSec, Ruxcon, BlueHat, CanSecWest, and EUSecWest.

About IOActive
Established in 1998, IOActive is an industry leader that offers comprehensive computer security services with specializations in smart grid technologies, software assurance, and compliance. Boasting a well-rounded and diverse clientele, IOActive works with a majority of Global 500 companies including power and utility, hardware, retail, financial, media, aerospace, high-tech, and software development organizations. As a home for highly skilled and experienced professionals, IOActive attracts talented consultants who contribute to the growing body of security knowledge by speaking at such elite conferences as Black Hat, Ruxcon, Defcon, BlueHat, CanSec, and WhatTheHack. For more information, visit www.ioactive.com.

-###-