iOS Security Engineer2018 - PRESENTYinkozi
Technologies: iOS, Swift, C, Cryptography, OpenSSL
- Developed features for the Yinkozi iOS security container in Swift, C, and Objective-C: Yinkozi.com. The Yinkozi iOS security container is a library, unit tests, and set of supporting bash and ruby tools that provide security features for iOS apps that link with it. The security container provides the following high-level security features for client iOS apps: system call protection controls, device integrity controls (jailbreak detection), app integrity controls, binary hardening controls, app data protection, and certificate pinning.
- Built Swift APIs to provide iOS device integrity controls (jailbreak detection) to client apps.
- Developed Swift APIs to provide application integrity controls such as iOS app bundle validation and App Store receipt validation.
- Created Swift APIs to validate the symbol addresses of imported iOS system symbols used by the container such as symbols in the iOS keychain, FileManager, and Security framework.
- Implemented the data protection of a client app in Swift and C, including encrypting/decrypting app data, writing to and reading from disk, encryption key wrapping, and iOS keychain wrapping. The container's encryption and decryption processes were built upon OpenSSL APIs in a linked OpenSSL static library.
- Developed Swift APIs for SSL certificate pinning to provide server identification integrity for client iOS apps.
- Enabled interoperability of a container's Swift front end and C back end.
- Developed a container pre-build Bash script to configure the container's Swift, Objective-C, and C source code to be built for the configuration of the client app specified in the container security configuration. The security configuration enables client apps to enable or disable security controls and to specify values for other security controls.
- Wrote a container post-build bash script to apply binary hardening to the client iOS app Mach-O, such as _cstring encryption, constants obfuscation, and Mach-O validation.
- Developed container unit tests in Swift to test all security controls provided by the container.
- Created obfuscation scripts in Bash to obfuscate container and client app source code.
- Wrote obfuscation scripts in Bash to obfuscate client app resources such as Storyboards and XIBs.
- Composed a supporting Ruby script to install and integrate the Yinkozi iOS security container into client Xcode projects, using the Ruby gem Xcodeproj: www.rubygems.org/gems/xcodeproj.
- Wrote container integration and usage documentation for clients. The guide shows clients how to integrate the container into their iOS app's Xcode project, build the container's dependencies, import the container into the source of their iOS app, and use the container API in their app to build the app successfully with the integrated container. Successfully following the guide gets clients up and running.
Senior iOS Developer2018 - PRESENTYouVersion
Technologies: iOS, Swift, Core Data, User Notifications, Firebase, Carthage, Fastlane, Crowdin
- Developed new features in Swift 4 for Bible Lens, available in the iOS App Store with over 1 million installations.
- Used instruments to profile the application’s memory use to determine the root cause of the app crashing due to excessive memory use. Analysis using Instruments showed that the app was using 1.5-2GB of memory when parsing image metadata JSON files stored on disk.
- Solved the issue by modeling the image metadata in Core Data and completely refactored the way the app cached, fetched, and presented the images, and used the image metadata, in the view layers of the app. This resulted in a tremendous reduction of memory use with high water memory usage averaging around 200-300 MB when generating and loading app images.
- Internationalized and localized the app to support multiple languages.
- Developed in-app language selection feature that allows the user to set the language of the application to one different than the device language.
- Built delivering local user notifications showing newly available images in the in-app language the user has selected.
- Implemented managing app dependencies with Carthage.
- Pushed builds to TestFlight using Fastlane.
- Used the Crowdin localization platform to translate localized application text (Crowdin.com).
- Implemented caching and updated the app settings using the Firebase SDK.
Senior iOS Developer2017 - 2018Jumpnet
Technologies: iOS, Swift, VPN, NetworkExtension, NEPacketTunnelProvider, SSL, TLS, DTLS, Open Transport
- Developed features for the Jumpnet VPN iOS app, Jumpnet VPN iOS SDK, and Jumpnet VPN iOS Network Extension using the native iOS VPN subsystem. Jumpnet is a VPN that defines and implements a custom VPN protocol whose design and iOS implementation provides secure networking, seamless WiFi-cellular transitions, and better network streaming by simultaneously using the device’s WiFi and cellular interfaces; Jumpnet.com.
- Implemented portions of the low-level Jumpnet VPN protocol in the Jumpnet iOS SDK in Swift and Jumpnet iOS Network Extension.
- Installed the Jumpnet VPN iOS network extension (an application extension) as a NEPacketTunnelProvider using the NetworkExtension framework and iOS VPN system.
- Developed an in-app purchase feature for users to buy various Jumpnet subscriptions (annual, six-month, and one-month).
- Implemented client-side communication with Jumpnet server over DTLS using Open Transport on iOS. Open Transport is a macOS/iOS framework that establishes Secure Sockets Layer (SSL) sessions to facilitate secure communication between client and server.
iOS Developer2017 - 2018TruePic
Technologies: iOS, Swift
- Developed the TruePic iOS SDK to upload verified media and its metadata to TruePic servers. This development was done from scratch completely in Swift 4. TruePic is a photo verification platform that authenticates photos as being unedited: Truepic.com.
- Implemented end-to-end encryption using the new iOS crypto APIs released in iOS 10. The metadata is encrypted using a hybrid scheme of RSA and AES-GCM with a 256bit hash. The metadata and the media are signed with a 256bit HMAC.
- Developed an advanced custom camera view that clients of the framework present in their apps to capture images and/or video. Media can be saved to the Photos Library or to disk.
- Made use of iOS's more than ten AVCapture APIs that capture bracketed images. This allows the TruePic backend to analyze media uploads by the SDK and catch forged photos that are pictures of a picture.
- Integrated the TruePic iOS SDK into the TruePic React Native consumer app available in the App Store: iTunes.apple.com/us/app/truepic/id1100089673?mt=8.
Senior iOS Developer | Arduino Developer2017 - 2017Humidifall
Technologies: iOS, Arduino, C++, Amazon Web Services (AWS), IoT
- Developed the Humidifall iOS app. Humidifall is a waterfall that can be mounted on a wall to control the humidity in an area. The iOS app allows the user to control the Humidifall as an IoT device; Humidifall.com.
- Built the Arduino Yun back-end for the Humidifall system using C++. I developed the back-end to be an AWS IoT client (Amazon Web Services IoT) in order to send/receive messages to/from the Arduino and upload application data from the Arduino to store in DynamoDB.
Technical Writer for the Stormpath Blog2017 - 2017Stormpath
Technologies: iOS, Security
- Worked as the technical writer for Stormpath's blog.
- Wrote articles about security topics in the context of developing iOS applications. I wrote an article for them about common authentication and authorization schemes used in mobile apps, how to implement them on iOS, and how to integrate the Stormpath iOS framework into an iOS app.
Senior iOS Developer2015 - 2016The Weather Channel
Technologies: iOS, watchOS, tvOS, WatchConnectivity, Core Data, RxSwift, MapKit, Mapbox, REST/JSON Services
- Worked in a team to develop The Weather Channel’s iOS app. All the development was in Swift, except for a few minor places of integration which was developed with Objective-C. The app has approximately 200 million users in 35 languages.
- Developed the location services, networking, caching, and data model of The Weather Channel’s Apple watchOS Swift app. The watch app determines and uses the user’s current location to fetch a collection of relevant weather data to present to the user in five views on their watch, including complications on the watch face, glances, and weather notifications. The watch app can use the iOS app as a cache of weather data when the iOS app has fresh data via the WatchConnectivity framework.
- Worked in a team to develop an iOS framework in Swift for client apps to use to fetch weather data from The Weather Channel. The framework included a public API and data model to represent the parsed JSON weather data from The Weather Channel’s weather data APIs that process weather data requests which number billions per day. The Weather Channel’s production iOS App uses the framework, and it has been made available to clients such as IBM and Weather Underground.
- Developed an endpoint service type in the library that vended Observable<T> so that clients could observe weather data events for locations in the form of a latitude-longitude. For example, clients could observe a location (e.g. latitude 33.1, longitude -84.1) and then subscribe to next events in the stream. Then when the next event was observed in the stream, the client would update its view with the observed type T weather data for that location, or if the event was an error, handle the error appropriately.
- Developed the prototype for The Weather Channel’s Apple TV app on tvOS in Swift. I developed the functionality to authenticate and authorize a user with their cable provider using REST services provided by Akamai Identity Services.
- Integrated Mapbox into The Weather Channel’s iOS app in place of MapKit. We switched to Mapbox to implement custom drawing in OpenGL of weather conditions in the radar view of the app.
- Worked in a team to develop custom weather alerts, user profiles and their persistence, sign-ups, and logins with Facebook, analytics, and weather-related remote notifications, in Swift for The Weather Channel’s iOS app. Custom weather alerts include alerts in the form of remote notifications about seasonal weather events: for example, winter weather alerts. Also included was the necessary back-end support to save the user’s profile locally in Core Data and pushing and fetching it from the back-end.
Senior iOS Developer2014 - 2015Chick-fil-A
Technologies: iOS, Keychain Services, iBeacons, Core Location, AVFoundation, MediaPlayer, REST/JSON Services
- Developed iOS applications for restaurant owners and staff. Implementations were done in Swift 1.0 starting in the fall of 2014.
- Developed an iOS framework from scratch that provides single sign-on for users of all Chick-fil-A apps on their devices. All Chick-fil-A apps require authentication and authorization with Chick-fil-A back-end services. The framework allows users to authenticate and authorize in one app and then switch to another app on the device and not have to login again. The framework defines keychain entitlements across the apps using the Chick-fil-A development team. The user’s credentials are stored in the keychain. The app also supports authentication with Touch ID.
- Developed Chick-fil-A podcasts from scratch—an iOS app that streams educational and news videos to restaurant owners and staff. Content metadata is fetched from Brightcove's web services, cached locally in Core Data, and streamed via the AVFoundation and MediaPlayer frameworks. I developed a custom video player and UI controls for the app, implemented in Swift 1.0., I integrated Chromecast support with the Chromecast SDK for the app to support playing videos via Chromecast. The app also supports receiving remote notifications via Urban Airship.
- Designed and developed Chick-fil-A contacts-sync from scratch—a Swift 1.1 iOS app to synchronize the user’s Chick-fil-A contacts provided by Chick-fil-A web services using the AddressBook framework. The app fetches the user’s contacts from the back-end and caches them locally using Core Data.
- Developed Chick-fil-A Campus—an iOS app that uses iBeacons and Core Location to provide location information and guiding services about the Chick-fil-A corporate campus to users as they tour the campus. Portions of the app were done in Swift 1.1.
Senior iOS Developer | Scala Back-end Developer2013 - 2014Pharmaceutical Dimensions
Technologies: iOS, Scala, Play Framework
- Developed the Mobile Quick Returns iOS app for Pharmaceutical Dimensions. Mobile Quick Returns is a client-server app for Pharmaceutical Dimensions to inventory items returned by pharmacies to drug manufacturers. The iOS app fetches and updates inventory from the back-end and scans new inventory using the camera and barcodes.
- Developed the Mobile Quick Returns' back-end for Pharmaceutical Dimensions. The back-end is written in Scala with the Play framework.
Senior iOS Developer2013 - 2013Stable/Kernel
Technologies: iOS, Android, Core Data, Card.io, REST/JSON Services
- Collaborated with Joe Conway on the design and development of the Richtree Market Pass iOS application for Natural Markets Food Group, available in the App Store. The app provides a UI for users to register a credit card with PayPal's Card.io and pay for meals at a tech-enhanced food court in Toronto. Thoughtworks developed the back-end services.
- Developed the Richtree Market Market Pass Android application.
iOS Developer2012 - 2013GoPago
Technologies: iOS, Core Data, Jumio Netswipe, REST/JSON Services
- Developed the iOS GoPago app, available in the App Store. The GoPago app is a mobile storefront and payments app. Users register a credit card with Jumio Netswipe, browse, order, and pay for items at GoPago merchants; then receive their order at the store without having to wait in line or pay.
iOS Developer2012 - 2012Wahoo Fitness
Technologies: iOS, Core Bluetooth
- Worked in a team to develop Cruise Control—an iOS app that helps people maintain their pace during exercise by listening to music within a target range of beats per minute.
- Developed the Music Analyzer—a module the app uses to analyze the songs on the device by determining the beats per minute of each song, downloading song metadata from Echonest’s REST service, filtering out songs that are not within the target beats per minute, and presenting the list of available songs to the user. Metadata is cached locally using Core Data.
- Developed BlueSC Odometer—an odometer app for the BlueSC, a low-energy Bluetooth cycling computer from Wahoo Fitness. The odometer app connects to the BlueSC via Bluetooth, downloads the user’s mileage data, and presents the distance ridden history to the user. The app was developed using Core Bluetooth.
iOS Developer2011 - 2012QuantiSense
Technologies: iOS, External Accessories Framework, LineaPro Scanner, JSON Web Services
- Worked in a team to help develop an app for Lululemon Athletica, an athletic wear maker. The app scans barcodes of items in their stores and fetches a configurable set of analytics data about the item from the back-end services.
- Developed the scanner component of the above app to scan barcodes using either the camera on an iPhone, or a LineaPro infrared scanner using the External Accessory framework on an iPod Touch. The analytics data is then fetched from the back-end services and presented to the user.
iOS Developer2011 - 2011Third Cup
Technologies: iOS 3
- Designed and developed Wine Memories, a wine cellar application available in the App Store. More can be found in the portfolio section.