Skip to main content

Apple’s Black Hat presentation on iOS security disappoints, rehashes old white paper

We told you earlier this week that Apple would send for the first time one of its employees, a manager for the platform security team, Dallas De Atley, to speak at the Black Hat conference on iOS security. Unfortunately, while many hoped we would get an inside look at iOS security technologies, a wrap up of the event from The New York Times described the talk as “the equivalent of reading aloud a white paper, timed to a PowerPoint deck, before escaping out a side door.” According to several reports, most of what was covered came from a recently published white paper.

As for what Atley said:

“Our attitude is: security is architecture. It has to be built in from the very beginning,” Mr. De Atley said. In building the iPhone, he said, Apple took a bare-bones approach and sought to use the minimum number of components. Apple purposefully decided not to ship the phone with a shell, or support remote log-in access. “There’s an entire set of attack vectors we don’t have to fundamentally worry about on iOS,” he said.

Mr. De Atley highlighted a number of “sandboxing” technologies Apple had in place. “The goal is to physically isolate and separate processes from each other so that if one has a flaw, it can’t easily wreak havoc on the rest of the system.”

As examples, he noted that all third-party apps were stored in their own container on users’ devices. User data is kept partitioned from the device’s operating system so that any updates to the system do not affect the user’s personal data. He added that every single file created on the iPhone gets its own encryption key and is wrapped in the user’s passcode.

FTC: We use income earning auto affiliate links. More.

You’re reading 9to5Mac — experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

Comments

Author

Avatar for Jordan Kahn Jordan Kahn

Jordan writes about all things Apple as Senior Editor of 9to5Mac, & contributes to 9to5Google, 9to5Toys, & Electrek.co. He also co-authors 9to5Mac’s Logic Pros series.


Manage push notifications

notification icon
We would like to show you notifications for the latest news and updates.
notification icon
You are subscribed to notifications
notification icon
We would like to show you notifications for the latest news and updates.
notification icon
You are subscribed to notifications