Note: This is not a comprehensive security tutorial for RAD Server merely a tech tip. There are a number of sections in the emsserver.ini file which can help you secure your RAD Server for production which include Server.APICrossDomain, Console.Login, Server.Authorization. You can limit cross site scripting by changing the CrossDomain setting in Server.APICrossDomain to only allow your domains. You can customize the UserName and Password of the Console.Login section so that only you will b...

When it comes to developing mobile applications, keeping data on your device is a must-have feature, but can still be risky. With embedded InterBase, you can deploy high-performance multi-device applications that maintain 256-bit encryption, have a small footprint and need little, if any, administration. What can participants expect to learn: Using InterBase in your mobile apps is easier than you may expect. Learn to develop mobile applications using InterBase, and how to take advantage of&...

We are pleased to release a hotfix for RAD Studio 10.2. This hotfix addresses: debugger issues for Android, iOS, and Linux; Delphi Win64 compiler issues; a C++ RTL issue addressing a crash on exit; a security issue in the C/C++ RTL. Our thanks to Łukasz Wyporek for notifying us of this issue. You can find full details about each issue in the readme and download page on CodeCentral. We also have an Android compatibility patch in the works to address Android issues around text input, con...

The new hype in Enterprise architectures are "micro-services". The concept to build distributed systems from many small, independent building blocks that are accessible through REST APIs is not new. The rise of container architecture where you can realistically start the whole operating system very quickly to just serve a method call. When you start thinking about building such a solution, or at least demo, one of the first questions are about handling security. Clearly just using HTTPS is...

Build a secure Multi-device Application Using Embedded encrypted InterBase ToGo In Part 1, we showed how to add database and column level encryption to an InterBase ToGo database.  In this Part 2, we show how to build a secure multi-device application that uses our encrypted InterBase database. In Part 1, we saw how to get our InterBase ToGo Deployment license.  Now we show the steps to build a secure multi-device application using RAD Studio, Delphi or C++ Builder and our ...

Here are my posted Tweets for the week of Sunday, April 3, 2016 to Saturday, April 9, 2016. Embarcadero specific posts are in bold.   Sunday, April 3, 2016 Oracle wants Google to pay it $9.3 billion for using Java's APIs in Android http://buff.ly/1RwObd1 This SAP president has a fabulous career because he spent one sad and lonely holiday at work http://buff.ly/1PyxtaR Why IT can’t handle data breaches alone http://buff.ly/1RmuTua 4 security discoveries that should raise the alarm ht...

In RAD Studio XE8 we added new components to support the platform native HTTP/HTTPS libraries on all targeted platforms. I covered additional security programming details in my blog post "The RAD Studio XE8 Summer (Northern Hemisphere) and Winter (Southern Hemisphere) of Security!" We also updated Enterprise Mobility Services (EMS) to use the new native libraries so that you did not have to use OpenSSL. The Native HTTP libraries on multiple devices. and EMS use the new http://docwiki.embarc...

Yesterday I wrote about some of the RAD Studio XE8 secure computing capabilities that are supported in the product features and technologies. Robert posted a comment asking whether the EMS Console app was secure as it was using HTTP for development and debugging. This is true.  I asked our EMS R&D team members. I was reminded that when you deploy your EMS server applications they run under Microsoft IIS using an included ISAPI.DLL that works with your EMS application package files. The ...

The RAD Studio XE8 Summer (Northern Hemisphere) and Winter (Southern Hemisphere) of Security!The RAD Studio XE8 Summer/Winter of Security! This blog post contains information and links covering secure development topics for Delphi, C++Builder and RAD Studio XE8 developers. You’ll find secure computing introductory topics and starting information for InterBase database, components, libraries, Backend as a Service (BaaS), Cloud, App Tethering and more. Throughout the Summer (or Winter if you live...

Anthem Inc. – 80,000,000 records stolen; Sony Pictures – 100 terabytes of data stolen; JP Morgan Chase – 70,000,000 records stolen; and EBay – 145,000,000 records stolen. This short list is the “tip of the iceberg” of organizations across all industries that have had significant amounts of their customer, employee, and other important organization data stolen. With the increased reliance of digital information by organizations and their customers, these trends will likely continue and be fueled ...