How Development Experts Tackle Tough App Security Issues