What you need to know

  • Ivan Krstić runs Security Engineering and Architecture at Apple.
  • He's returning to the Black Hat cybersecurity conference on August 8, 2019, at 12:10pm.
  • He'll be presenting "Behind the scenes of iOS and Mac Security"

Ivan Krstić runs security engineering and architecture at Apple and he's returning to the Black Hat cybersecurity conference this year to present a behind the scenes look at iOS and Mac security.

Here's the brief from Black Hat:

With over 1.4 billion active devices and in-depth security protections spanning every layer from silicon to software, Apple works to advance the state of the art in user security with every new product and software release. We will discuss three iOS and Mac security topics in unprecedented technical detail, offering the first public discussion of several key technologies new to iOS 13 and the Mac.

And the topics:

Code integrity enforcement has long been a critical part of the iOS security architecture. Starting with iPhone 7, we began to fortify core pieces of this security mechanism with new features built directly into Apple silicon. We will delve into the history of code and memory integrity technologies in the iOS kernel and userland, culminating in Pointer Authentication Codes (PAC) in the Apple A12 Bionic and S4 chips. PAC prohibits modification of function pointers, return addresses and certain data, preventing traditional exploitation of memory corruption bugs. We will take a close look at how PAC is implemented, including improvements in iOS 13. We will also discuss previously-undisclosed VM permission and page protection technologies that are part of our overall iOS code integrity architecture.

The T2 Security Chip brought powerful secure boot capabilities to the Mac. Comprehensively securing the boot process required protections against sophisticated direct memory access (DMA) attacks at every point, even in the presence of arbitrary Option ROM firmware. We will walk through the boot sequence of a Mac with the T2 Security Chip and explain key attacks and defenses at each step, including two industry-first firmware security technologies that have not been publicly discussed before.

The Find My feature in iOS 13 and macOS Catalina enables users to receive help from other nearby Apple devices in finding their lost Macs, while rigorously protecting the privacy of all participants. We will discuss our efficient elliptic curve key diversification system that derives short non-linkable public keys from a user's keypair, and allows users to find their offline devices without divulging sensitive information to Apple.

Since the launch of the iPhone, Apple has been working to make iOS devices tiny little cryptographic bricks that balance ease of entry with Touch ID and Face ID with absolute lock-out against unauthorized intrusions.

Over the last few years, Apple has been bringing similar protections to macOS, there also balancing the needs of the traditionally far more open computing environment of the Mac,

None of it is easy. Most of it in ingenious. All of it is absolute brain candy to infosec nerds everywhere.

If you're going to Black Hat please check it out and let me know how it goes!

VECTOR | Rene Ritchie

Main

Latest And Best Prime Day Deals

Amazon's Fire TV Cube is down to just $70 thanks to this Prime Day deal
Amazon Fire TV Cube
$69.99 $119.99 Save $50

Save $80 on the Neato D4 robot vacuum during this Prime Day Lightning deal
Neato Robotics D4 Alexa-enabled laser-guided robot vacuum cleaner
$319.99 $400.00 Save $80

Time is running out. And so is the supply. Grab it while you can.

Grab TCL's 32-inch 720p Roku TV for less than $100 in this Prime Day Lightning deal
TCL 32S325 32-inch 720p Roku TV
$99.99 $130.00 Save $30

Act fast while you can. These Lightning deals tend to sell out quick.

The Ring Alarm security system is reaching new low prices for Prime Day
Ring Alarm home security systems

Various configurations of the Ring Alarm are discounted to their best prices yet exclusively for Prime members at Amazon through Tuesday night to help keep your home secure.

The Sonos Beam Prime Day deal includes a $40 discount and 2 $50 Amazon gift cards
The Sonos Beam Prime Day deal includes a $40 discount and $100 in Amazon gift cards
$359.00 $499.00 Save $140

That's just so much savings in one deal. You'll have to wait for the physical gift cards, but that's basically $100 to spend however you want.

Prime Day dropped this PlayStation 4 console bundle to just $250
PlayStation 4 Slim 1TB console with Marvel's Spider-Man and Horizon Zero Dawn
$249.99 $359.98 Save $110

This deal on the PlayStation 4 Slim console saves you $50 off its regular price while also including Marvel's Spider-Man and Horizon Zero Dawn Complete Edition for free. You'll just need an Amazon Prime membership to snag it.

The newest device in the Echo family, the Show 5, is now down to just $50
Echo Show 5
$49.99 $89.99 Save $40

It's only been on the market since May, but it hasn't escaped the Prime Day price cuts.

Amp up your home security with these huge Prime Day discount on nearly all Ring products
Save on Ring products today only

Whether you need a video doorbell, whole home alarm system, or some lights to brighten a dark area, Amazon has it all marked down today!

More Prime Day Deals