In the presentation, we will discuss how iOS third-party web browsers are built. We will go through the main properties and limitations of UIWebView, common features added by browser developers, and common design or programming flaws that result in security vulnerabilities. While security of the underlying WebKit engine is exposed to continuous research, and the imperfections of mobile browser UI are widely known, the publicly available resources dedicated to secure implementation of web views in iOS applications do not cover the challenges which a browser developer faces. We would like to fill this gap in at least a small part.
More details can be found here: http://haxpo.nl/hitb2014ams-pilorz-zmyslowski/
See you there :)