0 Replies
      Latest reply on Jun 14, 2016 4:47 PM by rtrouton
      rtrouton Level 1 Level 1 (0 points)

        No malware has affected iOS devices at scale

         

         

        • Decade-long effort to protect customers from security problems
        • Incredible scale - over a billion iOS devices
        • Every single iOS security feature is designed to protect against real threats

         

         

        Traditional security vs. iOS Platform Security

         

         

        Traditional security:

         

         

        • Physical security
        • Secure configuration
        • Installing latest patches
        • Password policy
        • Vetted apps
        • Mandated policies

         

         

        iOS Security

         

         

        • Security built in from silicon up
        • Secure default settings
        • Walled-garden app store

         

         

        • Secure Boot
        • Data Protection
        • Sandboxing
        • Code Signing
        • Touch ID

         

         

         

         

        Trust built from silicon up

         

        Secure Boot - Apple public key is burned into Boot ROM at the factory and can't be changed afterwards. That key is used to validate each step of the boot process.

         

         

        Trusting Secure Boot:

         

        • Keys are securely provisioned and managed by Apple
        • Software updates are authorized individually for each device.

         

         

         

         

        Protecting data at rest

         

        User data is encrypted at rest with keys derived from the user's passcode and wrapped using the keys in the Secure Enclave.

         

        SEP refuses to unlock after more than 10 incorrect passcode attempts

        'Erase Data' only controls erasure, not unlocking.

         

         

         

         

        Sandboxing

         

        Isolating data between applications

         

        Transparency

        Consent

        Control

         

        The user is asked to consent to certain actions.

         

         

        Code Signing

         

         

        Attacker's first step - code execution

        iOS code signing covers not just the OS, but every iOS app which runs on the device

         

         

        Touch ID

         

        • Average user unlocks their iOS device 80 times a day
        • Entering a passcode adds friction to this process, so a lot of folks didn't set passcode.
        • TouchID was designed to solve this by making it easier to unlock quickly using a fingerprint sensor.

         

        To secure this, the fingerprint sensor was connected to the Secure Enclave via a secure link. The fingerprint information is then encrypted in the Secure Enclave.

         

         

         

         

        Users upgrading their software

         

        Latest versions of iOS are always the most secure version of iOS.

         

        To assist with this software update process:

         

        • Apple has shrunk the size of iOS updates wherever possible.
        • The update process gives the user the option to update now, or late at night when the user is presumably asleep.

         

         

        Developers building secure apps

         

        Follow best practices:

         

         

        Use:

         

         

        Touch ID

        App Transport Security

        - Required by App Store at the end of 2016

        - Use TLSv1.2, with exceptions for already-encrypted bulk data like media streaming

         

         

        Know your code:

         

        • The developer is responsible for third-party code included in their app.
        • Libraries you use may undermine app security
        • Keep third-party code current in your app!

         

         

         

         

        How does Apple know how effective its iOS security is?

         

         

        • No iOS malware at scale
        • Jailbreak solutions usually need to chain together 5 - 10 vulnerabilities in order to jailbreak iOS.
        • Black market cost of an untethered iOS jailbreak - recently cited at costing $1 million.

         

         

        Security is a process, not a destination

         

         

        More info:

        https://developer.apple.com/wwwdc16/705

         

         

        See complete list of session and lab notes here:

        https://forums.developer.apple.com/message/142899