Home Interview-Swift
Post
Cancel

Interview-Swift

fozu on Sep 7, 20212021-09-07T00:00:00+08:00
11 min read

Abount Swift

  1. type-safe
  2. build-in error handling
  3. memory is managed automatically
  4. safer: variables are always initialized befor used
  5. suppert OSs: FreeBSD, Linux, Darwin, etc.

swift makes us develop software that is fast, robust and secure

Swift vs Objective-C

  1. Swift is Open Source
  2. Swift is object-oriented functional programming language, whereas Objective-C is class based object-oriented language
  3. Swift support dynamic libraries, whereas Objective-C does not
  4. Swift support tuples while Objective-C does not
  5. Swift allow up define methods in structure, classes or enumeration whereas Objective-C does not
  6. A single swift file vs (.h, .m) files

Networking

  1. Port
    The IANA (Internet Assigned Numbers Authority) is responsible for the global coordination of the DNS Root, IP addressing, and other Internet protocol resources.

    Well-known ports (0 - 1023), registered ports (1024 - 49151), and the dynamic or private ports (49152 - 65535)

    A process associates its input or output channels via an Internet socket

  2. Internet Socket
    A type of file descriptor, associated with a transport protocol, an IP address, and an port number.

    A socket is used by an process to send and receive data via the network.

    Operating system’s networking software has the task of transmitting outgoing data from all application ports onto the network, forwarding arriving network pakcets to processes by matching the packet’s IP address and port number to a socket.

    A tcp connection is identified by a tuple consisting of the local address, the local port, the remote address, the remote port.

Wireless Communication

  • Wireless Communications\
  • smart home\
  • Wifi, Bluetooth, radio, NFC\
  • WEP (Wire Equivalent Privacy)\
  • Wi-Fi Protected Access (WPA)\
  • Wi-Fi Alliance\
  • Exploit loopholes 利用(漏洞) \
  • ITS (Intelligent Transport System)\
  • V2I (vechicles to infrastructure)\
  • V2V (vechicles to vechicles)\
  • DSRC (Dedicated short-range communication)\
  • ETC (Ellectronic Toll Collection)\
  • PSK (Phase-shift keying)\
  • Modulation, the process of varying one or more properties of a periodic waveform, called carrier signal with modulation signal, to impress information on the carrier wave.\
  • Carrier signal, modulation signal(typically contains information to be transmitted), the carrier is higher in frequency than the modulation signal.\
  • FDM (frequency division multiplexing)\
  • passband (occupied by modualted carrier), baseband (occupied by modualtion signal)\
  • AM (amplitude modualtion)\
  • FM(frequency modualtion)\
  • digital modulation (impresses a digital signal on carrier)

Security

  • eavesdropping 窃听
  • forging (伪造)
  • tampering (篡改)

    Denial-of-service attack (Dos attack)

  • A cyber-attack in which the perpetrator seeks to make a machine or network resource unavilable to its intended users by temporarily or indefinitely disrupting services of a host connected to the internet.
  • Typically accomplished by flodding the targeted machine or resource with superfluous requests in an attempt to overload systems or prevent some or all legitimate request from being fulfilled.

Open Systems Interconnection model (OSI model)

Internet protocol suite

the transport layer, handling host-to-host communication; the application layer, providing process-to-process data exchange for applications; the internet layer, providing internetworking between indepent networks; the link layer, containing communicaton methods for data that remains within a single network segment(link)

[https] (https://en.wikipedia.org/wiki/HTTPS)

  • encrypted using Transport Security Layer (TLS) or, formerly, Secure Socket Layer(SSL). HTTP over TLS, Http over SSL
  • motivated by the authentication of the accessed website and protection of the privacy and integrity of the exchanged data.

TLS

TLS handshake

  • Begins when a client connects to a tls-enabled server requesting a secure connection and the client presents a list of supported cipher suites (ciphers and hash functions)

  • From the list, the server picks a cipher and hash function that it also supports and notifies the client of the decision.

  • The server usually then provides identification in the form of a digital certificate. The certificate contains the server name, the trusted CA that vouches for the authenticity of the certificate, and the server’s public encryption key

  • The client confirms the validity of the certificate before procedding.

  • To generate the session keys used for the secure connection, the client either:

    • Encrpts a random number with the server’s public key and sends the result to the server. Both parties then use the random number to generate a unique session key for subsequent encrption and decryption of data using the session.
    • Uses Diffie-Hellman key exchange to securely generate a random and unique session key for encryption and decryption that has the property of forward secrecy: if the server’s private key is disclosed in future, it cannot be used to decrypt the current session, enen if the session is intercepted and recorded by a third party.

TLS runs “on top of some reliable transport protocol(e.g. TCP),” which would imply that it is above the transport layer, it serves encryption to higher layers, which is normally the function of the presentation layer.

Information Security

Man-in-the middle, MITM, PITM

The need for Alice and Bob to have some way to ensure that they are truly each using each other’s public-keys, rather than the public key of an attacker. otherwise, such attacks are generally possible, in principle, against any mesage sent using public-key technology. MIMT attachs can be prevented or detected by two means: authentication and tamper detecton All cryptographic systems that are secure against MIMT attacks provide some method of authentication for messages. Most require an exchange of information in addition to the message over a secure channel. Such protocols often using key-aggrement protocols

A public key infrastructure, such as TLS, may harden TCP against MITM attacks. In such structures, clients and server exchange certificates which are issued and verified by a trusted third party called certificate authority (CA).Use of mutual authentication, in which both servers and clients validate the other’s communication, covers both ends of a MITM attack.

HTTP Public Key Pinning (HPKP), sometimes called “certificate pinning”, helps pervent a MITM attack in which the certicate authority itself is compromised, by having the server provide a list of pinned public key hashes during the first transaction. Subsequent transactions then require one or more of the keys in the list must be used by the server in order to authenticate that transaction.

Attestments, such as a verbal communications of a shared value, or recorded attestments such as audio/visual recordings of a public key hash are used to ward off MITM attacks, as visual media is much more difficult and time-consuming to imitate than a data packet communication. However, these methods require a human in the loop in order to successfully initiate the transaction.

Elliptic-curve Diffie–Hellman(ECDH)

Elliptic Curve Digital Signature Algorithm (ECDSA)

Packet-sniff, packet injection

Authentication

The act of proving an assertion, such as the identity of an computer system user.
In contrast with identification, the act of indicating a person or thing’s identity, authentication is the process of verifing that identity.

Forward secrecy

A feature of specific key agreement protocol that gives assurances that session keys will not be compromised even if the long-term secrets used in the session key exchange are compromised.

Diffie-Hellman key exchange

Cipher suite

Key (Cryptography)

Public keys are used for encryption or signature verification; private ones decrypt and sign.

Public-key cryptography

Symmetric-key algorithm

SHA-1 SHA-2 (Secure Hash Algorithm)

State (computer science)

A system is described as statefull if it is designed to remember the preceding events or user interactions; the remembered information is called the state of the system.

Logic gate

Sequential logic

Combinational logic

Truth table

IoT (internet of things)

wreables

LoRa (Long Rang)

low-power wide-area network

TCP/IP(熟练掌握)

Executable

直播

  1. 如何保证压缩率. e.g. 30HZ下采集,第一帧全部上传,之后的帧只上传diff
  2. 多线程安全访问数组(礼物)
  3. h256, smtp

IM

  1. 数据库的结构
  2. 数据库的升级
  3. 群多人同时发消息可能会造成的问题

Objective-C

  1. Objective-C 消息机制
  2. NSObject调用实例方法
  3. 外部修改readonly property
  4. runtime Objective-C Runtime Programming Guide
  5. runloop
  6. block的实质,有几种block(如栈block)
  7. 监测奔溃并定位到方法
  8. atomic 是否真的绝对安全 (只有setter, getter)

OpenGL, Metal

Https

  1. 原理

Tcp

  1. 握手

Tcp Segment

The term TCP packet appears in both informal and formal usage, whereas in more precise terminology segment refers to the TCP protocol data unit (PDU), datagram to the IP PDU, and frame to the data link layer PDU.

Connection establishment

  • SYN (client): sequence number A
  • SYN-ACK(server): acknowledgment number A + 1, sequence number B
  • ACK (client): sequence number A + 1, acknowledgment number B + 1

connection termination

  • FIN (last packet from sender)
  • ACK
  • FIN
  • ACK A connection can be half-open, in which case on side has terminated its end, but the other has not. The side that has terminated can no longer send any data info the connection, but the other side can. The terminating side should continue reading the data until the other side terminates as well.

Internet Protocol (IP)

Network interface controller

  • Also known as network interface card, network adapter, LAN adapter or physical network interface
  • A computer hardware component that connects a computer to a computer network

IP fragmentation

  • An Internet Protocol (IP) process that breaks packets into smaller pieces (fragments), so that the resulting pieces can pass through a link with a smaller maximum transmission unit (MTU) than the original packet size.
  • The fragments are reassembled by the receiving host.

Packet switching

  • Packet switching may be classified into connectionless packet switching, also known as datagram switching, and connection-oriented switching, also known as virtual circut swithcing

Connection-oriented communication

  • A network communication mode in telecommunications and computer networking, where a communication session or a semi-permant connection is established before any useful data can be transferred, enabling the ability to ensure entire that data is delivered in the correct order to the upper communication layer.

Connectionless communication

  • A data transmission method used in packet switching networks in which each data is individualy addressed and routed based on information carried in each unit, rather than in the setup information of a prearranged, fixed data channel as in connecton-oriented communication .

数据结构 (扎实)

  1. 怎么找到二叉树的最多节点的层

算法 (扎实)

Page replacement algorithm

LRU算法 (Least recently used)

AES, DES

RSA

锁🉐️类型

性能优化

多线程编程

  1. GCD运行机制 The Beauty of Semaphores in Swift Concurrency Programming Guide

TMF SDK

Modulation Technique

整体大前端的跨平台架构(熟悉)

H5的一些前端框架

中大型项目实践

iOS系统体系结构以及底层库

离屏渲染

Oher

  • Peripheral /pəˈrif(ə)rəl/: A peripheral or peripheral device is an auxiliary device used to put information into and get information out of the computer.

  • AC(alternating-current) adapter

  • DC(direct-current)

  • Microphone: a device – a transducer – that converts sound into an electrical signal

  • Loudspeaker: an electroacoustic transducer; a device which converts an electrical audio signal into a corresponding sound.

  • Many computers have color-coded ports. Speakers or headphones connect to the green port, and microphones connect to the pink port. The blue port is the line in, which can be used with other types of devices.

  • Some speakers, headphones, and microphones have USB connectors instead of the usual audio plug. These can be connected to any USB port. In addition, many computers have speakers or microphones built into the monitor.

  • Surge protector: A surge protector (or spike suppressor, or surge suppressor, or surge diverter) is an appliance or device designed to protect electrical devices from voltage spikes

Booting

Boot is short for bootstrap or bootstrap load and derives from the phrase to pull oneself up by one's bootstraps. The usage calls attention to the requirement that, if most software is loaded onto a computer by other software already running on the computer, some mechanism must exist to load the initial software onto the computer.

Non-volatile memory

A type of computer memory that can retain stored information even after power is removed. e.g. flash memory, read-only memory (ROM), ferroelectric RAM

Volatile memory

Needs constant power in order to retain data.

POST (power-on self-test)

Memory layout of C programs

Graphics pipeline

Create thread safe array in Swift

write: queue.async(flags: .barrier) {}
read: queue.sync {}

ios block 详解

Code Loading Programming Topics

lldb

symbolic breakpoint

Programming with Objective-C

Autoreleasepool

Tools

  • simctl xcrun simctl list xcrun simctl shutdown

  • strings

  • otool 
    1

    otool -tvV

  • lldb

  • diassemble -b -n

  • nm

  • plutil -p

iOSRE notes

Working
interview working
This post is licensed under CC BY 4.0 by the author.
Recent Update
Contents

firewall

iptables