site_archiver@lists.apple.com Delivered-To: darwin-dev@lists.apple.com Hi Jay, Cheers, Graham Lee http://blog.securemacprogramming.com Author of Professional Cocoa Application Security http://www.amazon.co.uk/gp/product/0470525959?ie=UTF8&tag=thaeofer-21&linkCo... I am not sure where to discuss issues related to developing Macintosh code that uses the Internet to transmit data in a secure manner: If anyone can suggest a better list, by all means say so and I will go there. Meanwhile ... I am developing a Macintosh application which will be capable of running on a cluster of Macs; that is, each of a number of Macs will be running a copy of the application (or of part of it) and the different Macs will communicate with each other to coordinate activity and share data: The app is not a web-server-and-client kind of thing; I expect to be using Internet socket connections directly, from within the various instances of the application. So far, I have described a very general programming issue -- probably too general for this group. What I am wondering about is what special support is available for this kind of thing based on the fact that I am using Macintoshes, and have all the facilities of MacOS and Xcode to develop and run with. The app is a clustered version of Wraith Scheme, a parallel Scheme implementation for the Mac that I have been developing for some years. See the "Software" page of my web site (URL below) if you are terminally curious. Wraith Scheme is very powerful, and a malicious person who accessed it remotely could do immense damage to the system it is running on. (The actual number of users of any such clusters is likely minuscule, so the probability that anyone will try to do such a thing is small, but I would like to handle the security issues as professionally as I can.) Comments are welcome, as are suggestions to go elsewhere. (People are *always* telling me where to go ...) -- Jay Reynolds Freeman --------------------- Jay_Reynolds_Freeman@mac.com http://web.mac.com/jay_reynolds_freeman (personal web site) _______________________________________________ Do not post admin requests to the list. They will be ignored. Darwin-dev mailing list (Darwin-dev@lists.apple.com) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/darwin-dev/leeg%40thaesofereode.info _______________________________________________ Do not post admin requests to the list. They will be ignored. Darwin-dev mailing list (Darwin-dev@lists.apple.com) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/darwin-dev/site_archiver%40lists.appl... I think that to understand the security requirements of your app, we need to know more about what it does. Are all the systems on the same subnet? What data is sent between them? Should such data be private, what would happen if it were tanpered with? With what privilege do different components run? Once you've pinned down the security requirements, then we can look at the technology needed to implement them. P.s. If people do think you're off-topic here, I'd suggest apple-cdsa (the common data security architecture list) or stackoverflow.com. On 2 Apr 2010, at 21:05, Jay Reynolds Freeman <jay_reynolds_freeman@mac.com

wrote: This email sent to leeg@thaesofereode.info

This email sent to site_archiver@lists.apple.com