Post

Replies

Boosts

Views

Activity

Reply to Why do I need to whitelist Apple IP addresses on server
1: accessing other websites and other network services can be leveraged by an adversary for command and control or for data exfiltration during a breach. (And some of the other apps and tools that can be involved with those other ports and services can themselves be vulnerable to exploits and a potential means of ingress.) 2: You’ll need to discuss that with Vercel support. Depending on the current hosting details, you may be headed for a dedicated host, which is prob preferable here anyway.
1d
Reply to Can I Implement an Exit Button in an iOS App?
My (nuanced) answer: If you offer a quit in specific and appropriate circumstances, it may well pass app review. Otherwise, don’t. An example being as part of a completion dialog after performing a user-requested account deletion and data deletion procedure. (The only path left for the app in that state is starting an on-boarding.) Outside of specific and app-specific cases, I’d expect review problems.
1d
Reply to Do Apple root certificates expire ?
Yes, the Apple Root Certificate Authority certificates expire. Apple Root CA-C2 and -G3 both expire in 2039. Details are here: List of available trusted root certificates in iOS 17, iPadOS 17, macOS 14, tvOS 17, and watchOS 10 Apple hasn’t updated the doc for the current 2024040500 certificates, so the above 2023071300 data is slightly stale.
Jul ’24
Reply to Xcode - Sqlite versions
Short answer: find wherever the added SQLite was installed from whatever installed it, and its name, and add that as a library or SDK reference, and add the header. Long: I’d expect to either reference and link with the added SQLite in the library settings in the build, or to add the SQLite code itself (SQLite is very modular C). Here’s an example: SQLiteLib If you’re using Swift (you’ve not mentioned), I’d look at using a framework wrapper such as SQLite.swift. If you’re building using C or ObjC, you can pull the SQLite source code itself and the header directly into the project. sqlite3.h and sqlite3ext.h, IIRC. related SO thread
May ’24
Reply to How to access login keychain of all users when runs as root?
Lacking substantial context, so making some quite-possibly-wrong assumptions... Can you go after this password change from the server side, with what amounts for a forced password change setting? You can either accept and validate the password and force the password change on the server (probably preferable), or can accept any password (hazardous), and require a new password or (probably better) passkey be established. This server-side change might also require a little work on the client, depending on the details. And forced-password change mechanisms are baked into pretty much all enterprise directories, which means any installation involving a directory is going to have to contend with a server-requested password reset anyway. Backing up a step or two, this feature is right on the edge of a denial-of-service mechanism combined with a means for compromising existing accounts, too. If users can trigger this global reset, miscreants might well eventually explore its implementation details.
Dec ’23
Reply to Write in /System folder on macOS Sonoma
Find somewhere else to write your data. Here is an System Integrity Protection overview and some info about the read-only system volume, and here is an Apple video including info on the read-only system volume. Why are these areas becoming more difficult to access? You're effectively writing what is indistinguishable from malware. Writing outside of the user and app-related areas is undoubtedly only going to get more difficult, too. If you really do want to try this, maybe try this: https://developer.apple.com/forums/thread/649832 I don't have a macOS 14 Sonoma system available for this sort of hackery, so I'm not able to test those suggestions on Sonoma.
Dec ’23
Reply to Analyzing Text
Theoretically? Sure. AppleScript is Turing complete, after all. In practice? Yikes, no, no, nope, nein, no. Natural language processing is no small matter. You'll here fundamentally need to identify exactly which words are nouns with some form of tagging. As has been used elsewhere as an example of the relative difficulty of this task, this sentence is semantically-valid English: "Buffalo buffalo Buffalo buffalo buffalo buffalo Buffalo buffalo". Even words you might think of as always being nouns—"butterfly", for instance—can be verbs. The rest of the problem here is housekeeping; of slogging through a database or some other storage for the identified nouns. The tagging? Yeah, not gonna try that in AppleScript. There's a book Speech and Language Processing by Daniel Jurafsky & James H. Martin, 2019, and the author Jurafsky has a draft of chapter 8 Part-of-Speech Tagging available online at Stanford. Alas, the URL isn't allowed here. AFAIK, macOS contains no APIs for tagging parts of speech.
Nov ’23
Reply to I need the information about the access-points/devices of the connected Wifi network
The apps I'm most familiar with that do this are associated with Ubiquiti networking equipment, and those apps draw the network client data directly from the access points, in conjunction with the associated switch topology, combined with camera- and LIDAR-based room scanning. Apple exited the Wi-Fi router and access point business a while back, so you'll want to look into whatever is available from your particular mix of vendors' routers, APs, and switches. That's probably going to involve some mix of SNMP, ICMP, CDP, OSPF, and BGP, among other protocols. Other options seem to include SolarWinds Network Topology Mapper, or such. Pretty much any mid- or upper-range networking equipment vendor will have some options available for network mapping, too.
Oct ’23
Reply to Need Advice / Tech Selection / First Apple App
Chat with your manager about this. Why that chat? In many organizations, IT security would be minimally inclined to coach, or discipline, or potentially fire employees involved in misuse of the organization's computing resources. A built-in means to lock macOS involves a token-based login and a card reader: https://support.apple.com/guide/deployment/use-a-smart-card-on-mac-depc705651a9/web I would generally not suggest starting out with a problem related to IT security as your first project learning about development on macOS or Apple platforms. Apple has some intro material here: https://developer.apple.com/learn/curriculum/
Sep ’23