A Peek Behind the Curtain of iOS and Mac Security

Black Hat, the annual hacker and security conference was recently held in Mandalay Bay, Las Vegas in August of this year.

During the conference, attendees could sit in on various keynotes and industry workshops. One event, in particular, was a look behind the scenes of iOS and Mac security. The talk was led by the Head of Security Engineering and Architecture at Apple, Ivan Krstic.

Earlier this week, Black Hat released Krstic’s discussion via YouTube. The video was initially posted on Reddit by u/KeepYourSleevesDown. Krstic’s keynote ran for approximately 44 minutes.

Krstic began by touching on Mac secure boot. Built on the T2 chip, Apple has been able to securely enable boot sequences to run through the T2 before being handed off to the x86, ensuring that each step of the initial boot sequence is protected against direct memory access attacks. Krstic broke down every step of the boot sequence, thereby protecting user devices.

In addition, Krstic’s keynote discussed iOS integrity protection. While touching on iOS Kernal, Krstic pointed out that new integrations included enforcement of kernel code and read-only data integrity and hardware implementation from iPhone 7 all the way through iPhone X models.

Krstic then concluded his discussion with the new ‘Find my’ security features. As a part of iOS 13 and macOS Catalina, Find My iPhone and Find My Friends have been merged, yet maintains the same quality and security. Users can track down their lost devices and receive help from nearby Apple devices while protecting the privacy of said devices. Krstic also demonstrates the effectiveness of the elliptic curve key diversification system, which enables users to find their offline devices without subjecting any private information to Apple.

Krstic is no stranger to Black Hat. He previously attended the conference in 2016 and held a similar keynote pertaining to Apple’s iOS and Mac security.