Skip to main content

Apple’s security chief to go behind the scenes of iOS security during upcoming BlackHat USA 2016 briefing

Apple is planning on discussing various aspects of iOS 10 security in “unprecedented detail” at the upcoming BlackHat USA 2016 security conference. Ivan Krstic, head of Apple Security Engineering and Architecture, will give a 50-minute briefing to discuss cryptographic design, the Secure Enclave found in Touch ID-enabled devices, and a new JIT hardening mechanism in iOS 10.

This won’t be the first time that an Apple employee has graced the stage in Las Vegas during a BlackHat event. Back in 2012, Apple made headlines by allowing one of its employees to speak at the event, a first for the notoriously secretive company.

Sadly, the 2012 speaking engagement, led by platform security team manager Dallas De Atley, was largely viewed as a dud. The New York Times described De Atley’s talk as a rehash of publicly available white paper documents.

Judging from its exciting description, that doesn’t seem like it will be the case during this year’s event:

With over a billion active devices and in-depth security protections spanning every layer from silicon to software, Apple works to advance the state of the art in mobile security with every release of iOS. We will discuss three iOS security mechanisms in unprecedented technical detail, offering the first public discussion of one of them new to iOS 10.

“Unprecedented technical detail” indicates that this engagement will consist of much more than a rehashing of a publicly existing document. It seems, from the description at least, that Apple will be providing more detail on iOS security, outside of its own developers conference, than it has ever done in the past.

Traditional browser-based vulnerabilities are becoming harder to exploit due to increasingly sophisticated mitigation techniques. We will discuss a unique JIT hardening mechanism in iOS 10 that makes the iOS Safari JIT a more difficult target.

The cryptographic design and its implementation is what technologies like HomeKit, Auto Unlock and iCloud Keychain rely on. Thus, this discussion will touch on security-related technologies that many iOS customers can identify with and use on a daily basis.

Krstic, responsible for building out from-the-ground-up end-to-end security for all Apple products, will give his 50-minute discourse on August 4th at 12:50 EST at Las Vegas’ Mandalay Bay South Convention Center.

FTC: We use income earning auto affiliate links. More.

You’re reading 9to5Mac — experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

Comments

Author

Avatar for Jeff Benjamin Jeff Benjamin

Jeff is the head of video content production for 9to5. He initially joined 9to5Mac in 2016, producing videos, walkthroughs, how-tos, written tutorials, and reviews. He takes pride in explaining things simply, clearly, and concisely. Jeff’s videos have been watched hundreds of millions of times by people seeking to learn more about today’s tech. Subscribe to 9to5Mac on YouTube to catch Jeff’s latest videos.


Manage push notifications

notification icon
We would like to show you notifications for the latest news and updates.
notification icon
You are subscribed to notifications
notification icon
We would like to show you notifications for the latest news and updates.
notification icon
You are subscribed to notifications