LinkedIn respects your privacy

LinkedIn and 3rd parties use essential and non-essential cookies to provide, secure, analyze and improve our Services, and to show you relevant ads (including professional and job ads) on and off LinkedIn. Learn more in our Cookie Policy.

Select Accept to consent or Reject to decline non-essential cookies for this use. You can update your choices at any time in your settings.

Join now Sign in

From the course: Writing Secure Code in iOS by Infosec

Unlock this course with a free trial

Join today to access over 24,900 courses taught by industry experts.

Activity: OWASP top 10 mobile vulnerabilities, part 2

Activity: OWASP top 10 mobile vulnerabilities, part 2

From the course: Writing Secure Code in iOS by Infosec

Start my 1-month free trial Buy for my team

Activity: OWASP top 10 mobile vulnerabilities, part 2

“

- Let's go on to insecure communication. And again, OWASP is talking about how this is easy to exploit. It's common. The impact, however, is severe. It could cause identity theft or fraud or reputational damage. And so the question is, are you vulnerable to insecure communication? Remember that you need to protect data going from point A to point B via any network means. This means not only Wi-Fi, not only things that carry TCP/IP, but also Bluetooth and near-field communications and audio and infrared in any of the cellular technologies and SMS. So you want to, wherever possible, use encryption, TLS encryption. And you want to make sure that if you have data that is stored locally, that you encrypt it. Because (chuckles) the old saying is, any data stored locally is insecure data, right? So the preferred thing is to encrypt the data even before you transmit it and also encrypt the transmission. So how do you prevent insecure communication? Well, here are general best practices. You…

Contents