My research is on computer security and applied cryptography with a specific attention to web, game and mobile security.
I was lucky enough to get the new 2013 high-end Macbook Pro Retina (15″) yesterday and started wondering about how it compares to the mid-2012 Retina (15″) model. On a personal level, I’m also pretty interested in how its gaming performance compares with its predecessor’s.
Since no one has, at least so far, published benchmarks comparing the real-world performance of the integrated graphics chip (Iris Pro) vs the discrete one (NVIDIA GeForce 750M), I thought I’d run a few to help people decide if they need the integrated one. The bottom line: the integrated GPU does a good job for everything but gaming. Don’t let the synthetic benchmarks fool you: as we will see on Starcraft 2, the Nvidia is almost 50% faster. Overall the new Macbook Pro with its gorgeous screen and good graphic cards is an excellent gaming laptop (but, alas, a little bit pricey).Read more >>
Nearly everyone loves mobile apps that can perform local searches, get directions, or find the nearest decent restaurant. But what’s not so obvious is that these local apps can have hidden bandwidth costs — meaning that, in some cases, they can run up your phone bill in ways you might not expect.
Outsourcing blog comments to cloud services such as Disqus or Livefyre offers plenty of advantages: spam protection, analytics, already signed users and deep integration with social networks such as Twitter and Facebook.
Those features are appealing. But outsourcing your comments comes with a price: it will slow down your site. It’s been demonstrated time and time again that even an extra 500ms negatively impacts user engagement. In 2009, for instance, Google demonstrated this effect by adding artificially an extra 400ms delay which led to 0.6 percent fewer queries. Having a slow site can also negatively affect its search ranking.Read more >>
The next time you think you’re buying an iOS app from Apple’s online store, be warned: it could be a lookalike site. Recently I was redirected via an ad to an Apple-spoofing site at Badoink.Read more >>
Early July 2012, I reported to Apple numerous vulnerabilities related to their App Store iOS app. Last week Apple finally issued a fix for it and turned on HTTPS for the App Store. I am really happy that my spare-time work pushed Apple to finally enabled HTTPS to protect users. This post discuss the vulnerabilities I found. As a bonus, I made several video demos of the attacks described in this post so you can see by yourself how dangerous not having full HTTPS is.Read more >>