- HTTPS, TLS
- In 2015, TLS is a minimum baseline
Many servers default to TLSv1.0, from 1999
Newest version is TLSv1.2
TLSv1.2 is not enough. Compromise of a server key lets you decrypt all TLS traffic that was encrypted in the past.
With forward secrecy, a server key compromise will only let you read future traffic. Past traffic will not be able to be decrypted.
By default, apps linked against iOS 9 and OS X 10.11 cannot make unprotected HTTP connections.
TLS connections will need to comply with best practices
- Exceptions can be declared on a case-by-case basis in your app's Info.plist file.
System Integrity Protection
Defense in Depth
Security is about layers
One layer failing shouldn't defeat all security
Rely on multiple layers of protection
- Delay the attacker
- Reduce your attack surface
Seque into talking about Vauban and star fortresses. History lesson FTW.
OS X's star fortress security model:
- Outermost line - Developer ID and Gatekeeper
- Second layer - Sandbox - attacker only gets access to the data which the user permits
- Third layer - POSIX - Unix-level permission, only able to access data permitted by permissions.
- Fourth (innermost) layer - Keychain - uses cryptography to protect secrets stored inside.
- Most Macs are single-user systems, where the user has admin rights
- Root hidden behind a single - often weak - password
- Root can disable all security measures on the device
System Integrity Protection
Limits the power of root
Protect the system by default, on disk and at run time
New security policy applying to every process, including privileged code running unsandboxed.
System file objects cannot be modified
System binaries can only be modified by Apple Installer and Software update, and no longer permit runtime modification.
No impact on Mac App Store applications, already SIP-compliant
Potential impact for non-AppStore applications (watch video, went fast.)
- Filesystem protections
- Runtime protections
- Kernel Extensions
- Configuration mechanism
Installer marks system locations with special flag
Kernel stops processes from:
- Writing to protected files or folders
- Writing to block devices that back protected content
- Mounting over protected content
Only applies to the boot and root volumes.
System-only (protected by System Integrity Protection)
Available to developers
System Migration will move 3rd-party content out of system locations after upgrading.
Injecting code into a process is equivalent to modifying the binary on disk
Processes are marked restricted by the kernel
- Main executable is protected on disk
- (other stuff went by fast, watch the video)
- task_for_pid() / processor_set_tasks() fail with EPERM
- Mach special ports are reset on exec(2)
- dyld environment variables are ignored
- dtrace probes unavailable
Kernel extensions must be signed with a Developer ID for Kexts certificate
Install into /Library/Extensions
kext-dev-mode boot-arg is now obsolete
Disabling System Integrity Protection
- Boot to Recovery HD
- Launch "Security Configuration" from "Utilities" menu
- Change configuration and hit the Apply button
System Integrity Protection configuration is stored in NVRAM
- Applies to the entire machine
- Persists across OS install
The configuration change can *only* be made via Recovery, because root on the boot OS can't be trusted.
Third party content *must* be migrated out of system locations protected by System Integrity Protection.
The Keychain and Touch ID - iOS
Keychain - a very specialized database
- Efficiently searched by attributes
- Optimized for small payloads (secrets)
Factor keychain into a small, testable unit
- Wrapper class
Use the highest data protection level you can.
Reducing password prompts
- Shared web credentials
Safari Saved Passwords
iCloud Keychain - share the saved passwords across devices
It's possible to extend Safari Saved Passwords to iOS 9 apps as well.
- Don't need to enter your passcode all the time
- Stronger passcode
Touch ID APIs in iOS 8
- Keychain Access Control List
Touch ID enrollment changes in iOS 9
- Checking finger enrollment over time, make evaluations and ask user if they still want to use Touch ID.
Keeping Things Inside the Secure Enclave
Asymmetric cryptography using public key / private key encryption
Data is sent from the Secure Enclave across kernel space as encrypted data, decrypted once it hits userspace.
Generated private keys
EC-P256 Elliptic curve cryptography