0 Replies
      Latest reply on Jun 14, 2016 4:47 PM by rtrouton
      rtrouton Level 1 Level 1 (0 points)

        No malware has affected iOS devices at scale



        • Decade-long effort to protect customers from security problems
        • Incredible scale - over a billion iOS devices
        • Every single iOS security feature is designed to protect against real threats



        Traditional security vs. iOS Platform Security



        Traditional security:



        • Physical security
        • Secure configuration
        • Installing latest patches
        • Password policy
        • Vetted apps
        • Mandated policies



        iOS Security



        • Security built in from silicon up
        • Secure default settings
        • Walled-garden app store



        • Secure Boot
        • Data Protection
        • Sandboxing
        • Code Signing
        • Touch ID





        Trust built from silicon up


        Secure Boot - Apple public key is burned into Boot ROM at the factory and can't be changed afterwards. That key is used to validate each step of the boot process.



        Trusting Secure Boot:


        • Keys are securely provisioned and managed by Apple
        • Software updates are authorized individually for each device.





        Protecting data at rest


        User data is encrypted at rest with keys derived from the user's passcode and wrapped using the keys in the Secure Enclave.


        SEP refuses to unlock after more than 10 incorrect passcode attempts

        'Erase Data' only controls erasure, not unlocking.







        Isolating data between applications






        The user is asked to consent to certain actions.



        Code Signing



        Attacker's first step - code execution

        iOS code signing covers not just the OS, but every iOS app which runs on the device



        Touch ID


        • Average user unlocks their iOS device 80 times a day
        • Entering a passcode adds friction to this process, so a lot of folks didn't set passcode.
        • TouchID was designed to solve this by making it easier to unlock quickly using a fingerprint sensor.


        To secure this, the fingerprint sensor was connected to the Secure Enclave via a secure link. The fingerprint information is then encrypted in the Secure Enclave.





        Users upgrading their software


        Latest versions of iOS are always the most secure version of iOS.


        To assist with this software update process:


        • Apple has shrunk the size of iOS updates wherever possible.
        • The update process gives the user the option to update now, or late at night when the user is presumably asleep.



        Developers building secure apps


        Follow best practices:






        Touch ID

        App Transport Security

        - Required by App Store at the end of 2016

        - Use TLSv1.2, with exceptions for already-encrypted bulk data like media streaming



        Know your code:


        • The developer is responsible for third-party code included in their app.
        • Libraries you use may undermine app security
        • Keep third-party code current in your app!





        How does Apple know how effective its iOS security is?



        • No iOS malware at scale
        • Jailbreak solutions usually need to chain together 5 - 10 vulnerabilities in order to jailbreak iOS.
        • Black market cost of an untethered iOS jailbreak - recently cited at costing $1 million.



        Security is a process, not a destination



        More info:




        See complete list of session and lab notes here: