Yubikeys are a popular hardware security token that can be leveraged for WebAuthn/FIDO2, OTP/TOTP, and Smart Card/PIV purposes. Since SSH supports FIDO security keys and Git leverages SSH for operations, you can use them for Git over SSH as well as commit signing via SSH keys. However, there are some prerequisites. First, the Yubikey must be on firmware version 5.2.3 or newer for ed25519-sk key pairs. Firmware prior to this only supports ecdsa-sk and ECDSA is not recommended by the cryptographic community....

Prior to iOS 11, developers could leverage SFSafariViewController to interact with Safari in app view a remote view controller for authentication. However, because this is a view controller, it can be hidden from the user. As a result, malicious actors abused this API to track end users without their consent. Apple’s strategy to combat this was to limit the data sharing capabilities of this API to only the app (i.e. creating a sandbox)....

As communicated at WWDC, Apple has published the list of APIs it now deems sensitive and frameworks/apps must include a justification for using them. The APIs are divided into five categories: file timestamp access, system boot time access, disk space access, active keyboard access, and user defaults. As with some other recent attempts by Apple to prevent fingerprinting and tracking, legitimate use cases get caught in the crossfire. Take for example the file timestamp access APIs (both metadata and stat/fstat) and needing to reconcile data on device and a server....

Yesterday, Apple released Xcode 15 β3 (15A195k) and I noticed that my tests started failing. These tests verified that an expectation was thrown from calling a method that should be unavailable. However, these tests were failing with an uncaught exception: xctest(8933,0x1f2049e00) malloc: nano zone abandoned due to inability to reserve vm space. Test Suite 'ExampleClassTest' started at 2023-07-06 07:40:43.904. Test Case '-[ExampleClassTest testInit]' started. 2023-07-06 07:40:43.907915-0500 xctest[8933:99736] *** Terminating app due to uncaught exception 'NSInternalInconsistencyException', reason: 'init is unavailable for class ExampleClass' *** First throw call stack: ( 0 CoreFoundation 0x00000001971a3154 __exceptionPreprocess + 176 1 libobjc....

The last Google tablet released was the Nexus 9 way back in 2014 with its software support ending in the fall of 2016. Since then, Google and others have left the Android tablet market. Now, however, Google has reentered the fray with the new Pixel Tablet. This new tablet starts at $499, which places it in-between the iPad ($449) and the iPad Air ($599) with its G2 CPU (2022) roughly equating to the A13 (2019)....