Jay Lagare

November 2, 2015November 2, 2015

iOS 9 and the Firebase REST API

I was playing around with the Firebase REST APIs when I encountered the following SSL error:

NSURLSession/NSURLConnection HTTP load failed (kCFStreamErrorDomainSSL...

After some research, I found out that iOS 9 enforces App Transport Security or ATS which, according to Apple, “enforces best practices in the secure connections between an app and its back end”.

But I am using secure connections! After further research I found out that problem with the Firebase servers, specifically the SSL ciphers they allow.

By default, apps use only a specific set of ciphers for SSL communications:

TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA

Setting the NSAppTransportSecurity option will include the following ciphers, which the Firebase servers do allow:

TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
TLS_DHE_RSA_WITH_AES_256_CBC_SHA
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
TLS_DHE_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_256_GCM_SHA384
TLS_RSA_WITH_AES_128_GCM_SHA256
TLS_RSA_WITH_AES_256_CBC_SHA256
TLS_RSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_AES_128_CBC_SHA256
TLS_RSA_WITH_AES_128_CBC_SHA

Setting the NSAppTransportSecurity option entails adding the following into the app’s Info.plist:

<key>NSAppTransportSecurity</key>
<dict>
    <key>NSExceptionDomains</key>
    <dict>
        <key>firebaseio.com</key>
        <dict>
            <key>NSIncludesSubdomains</key>
            <true/>
            <key>NSThirdPartyExceptionRequiresForwardSecrecy</key>
            <false/>
        </dict>
    </dict>
</dict>

DHE stands for Diffie-Hellman Exchange. ECDHE stands for Elliptic-Curve Diffie Hellman Exchange. They both offer forward secrecy but ECDHE is just faster. So the NSThirdPartyExceptionRequiresForwardSecrecy is a bit of a misnomer.

Now I wonder why Firebase doesn’t just add support for ECDHE?

More at StackOverflow.

August 27, 2015August 27, 2015

FoneScan is Out!

FoneScan is a simple and easy-to-use barcode scanning app for your iPhone or iPad:

Create data file
Scan items: capture code and count
Manual entry or correction
Export scanned data to CSV format and email
Merge or update your master spreadsheet with the scanned data

Supports the following barcode types:

QR Code
Data Matrix
UPC E
UPC A
EAN 8
EAN 13
Code 128
Code 39
ITF

Do check it out!

August 26, 2015August 28, 2015

Reading A Vernier Caliper

I got a plastic vernier caliper for measuring watch parts. I got a plastic one because it’s (1) cheaper and (2) it will not scratch the watch.

A caliper is a device used to measure the distance between two opposite sides of an object. A vernier scale is a device that lets the user measure more precisely than could be done unaided when reading a uniformly-divided measurement scale (such as a ruler). A vernier caliper is therefore a caliper equipped with a vernier scale for precision measurements.

It has a main scale (in this case, in mm), a sliding vernier scale (in this case, with graduations that correspond to 0.05mm), inside jaws (upper, smaller jaws on picture) or the outside jaws (lower, bigger jaws on photo).

The inside jaws is for measuring the distance from inside of objects like lug widths (inside distance between the lugs of a watch). The outside jaws is used for measuring from outside of objects like length, width, height, case diameter, and lug-to-lug distance (distance between the tip of the top lugs to the tip of the bottom lugs).

Simply slide and position the jaws lightly on the object to be measured and read the scale. In this case, the “0” index on the vernier scale points a bit over 41mm on the main scale. How much is a bit over? Find the index on the vernier scale that lines up with the index on the main scale. In this case, it’s 2. Thus the distance is 41mm + 0.2mm or 41.2mm (with a ±0.05mm error).

That’s all there is to it :)

August 26, 2015August 27, 2015

Generic Watch Repair Kit

I got this generic watch repair kit from eBay for less than $10 including shipping. Of course you can have it for far more (rip-off prices) from other places (coughlazadacough).

Continue reading “Generic Watch Repair Kit”

June 24, 2015June 26, 2015

First Impression: Apple Watch Sport

I got my hands on Edong’s Apple Watch Sport and, with his permission, I unboxed it, took some photos, and played with it a bit.

The packaging is unusually big and bulky for Apple who have been steadily reducing the size of their product packaging for years. But it seems to be part of their premium and luxury message for the Apple Watch.

The 42mm case is rectangular and made of aluminium with a space grey anodized coating. Everything is smooth and rounded with no sharp edges or corners to be seen or felt. Knowing beforehand that it is 42mm, I wasn’t expecting that it would be quite small and light. But it is.

The Ion-X screen covers the whole face and is rounded at the edges. It is black and shiny when off and the display is very sharp when on. Nice to look at in either state. It has force-touch which means touching it with varying levels of force result in different actions. It is also very responsive though force-touching needs some getting used to.

The digital crown on the right side is big and quite effortless to turn and push. So with the other button.

The back has those scifi-looking sensors for reading your heart-rate.

The strap is black silicone rubber with a clever clasp. You button it on and slip the excess strap under the clasp. Very neat. And you can change straps or bracelets without any tools.

The whole watch is well-built. It looks and feels the high-end device you expect from Apple. Even more, it looks and feels like a futuristic device from science fiction. But aside from small nods to traditional watches it doesn’t pretend to be a watch but instead steps ahead and defines itself as a new class of wrist wear, the so-called smartwatch.

It looks like Apple has another winner on its hand (or wrist).