Apple is a notoriously closed and insular organization, a trend that has often put it at odds with the security research community. The company is often secretive about the technical details of how its products and security features work. So the resource that security researchers say they have come to rely on the most for breadcrumbs is Apple’s Annual Platform Security Guide, the new edition of which was released today. It provides the most comprehensive and technical overview of Apple’s security measures yet, including the first documentation for Apple’s new M1 chips.
Apple first offered the guide a decade ago as a very brief overview at the dawn of the iPhone era. It would later evolve into an “iOS Security Guide” focused exclusively on mobile devices, before expanding to encompass macOS in 2019. It details security features like Touch ID and Face ID, Apple’s secure enclave, and secure boot, so that software developers and security researchers can better understand how these functions work and interact with each other. Over the years, the company says it has tried to balance readability for a wide audience with usefulness for those with deeper technical knowledge. This year, it includes more information than ever on new and old features.
“I’m constantly referencing that guide, and we’ve been doing it for years, ”says Sarah Edwards, a longtime Apple security researcher. “I use it for all aspects of my research, my daily work, my work as a teacher, everything. About once a year, I sit down with it on my iPad and read it page by page to see what I’ve missed before or what happens to the ‘click’ when I check it again after learning something through my research. “
This year’s edition contains significantly expanded information on hardware such as M1, new details on the secure enclave, and an accounting of a number of software functions.
Researchers and hackers alike get a lot out of reverse engineering, the process of determining how something is built by examining the finished product. That “security through the dark” helps keep attackers at bay to some extent, but by publishing the Platform Security Guide, Apple can help its customers take advantage of its defensive features, while also providing guides for security researchers, in the hope that they can find vulnerabilities sooner. the bad guys do.
“Everything can be reverse engineered. That’s a lot of fun, at least for me, ”says Will Strafach, a longtime iOS researcher and creator of the Guardian Firewall app for iOS. “But having a detailed, detailed authorized document from Apple is helpful, as it lets people know the intentions and limitations associated with certain security capabilities. Apple always does a great job with it, even if it doesn’t get too deep in the weeds. “
The researchers say they always have some “wish list” items that they want Apple to include in future guides. Strafach wants to know more about how M1 chips safely handle booting of other operating systems – always a question for jailbreakers when Apple releases new processors. And you’re curious about Apple’s iOS 14 enhancements that were meant to negate a ubiquitous jailbreak exploit, but can be circumvented in some cases.
Each of the researchers has specific, even esoteric, hopes and dreams of new guides based on their specialties. Patrick Wardle, an independent Apple security researcher, said he expected to see more details about Apple’s own antivirus and malware detection tools, something the company added in today’s report. However, you’re still waiting to learn more about how to handle some macOS features in a more granular way.