The latest Apple Platform Security update combines iOS, macOS & hardware into a single ‘Security 2021’ roadmap.
Apple released its 2021 Platform Security guide, Thur., outlining its current & year-ahead agenda for its device hardware, software & silicon security.
This year’s 192-page report is upgraded, compared to past reports, with new insights into how Apple is tackling security & privacy within its entire mobile, desktop & cloud ecosystem. Previous Platform Security updates have taken a ‘piecemeal’ approach to address Apple’s security universe, stated Rich Mogull, Analyst & CEO with Securosis.
Platform Security Update
“This is the most comprehensive platform security update we have ever seen from Apple,” he explained.
Top 2021 Apple Platform Security report themes include what Apple’s M1 silicon means for Mac security; the latest developments around its Blast Door security technology used in iMessages; & transparency around Secure Enclave – a dedicated secure subsystem integrated into Apple systems-on-a-chip (SoC).
M1 Silicon Security
“This 2021 Platform Security guide provides details about how security technology & features are implemented within Apple platforms. It also helps organisations combine Apple platform security technology & features with their own policies & procedures to meet their specific security needs,” wrote Apple.
As for Apple’s M1 silicon security, the platform report debuts just as reports surface that malware authors are specifically targeting Apple’s new M1 SoC.
For Blast Door, Google’s Project Zero 1st highlighted the technology last month when examining iOS 14 & iMessage security.
“One of the major changes in iOS 14 is the introduction of a new, tightly sandboxed ‘BlastDoor’ service which is now responsible for almost all parsing of untrusted data in iMessages (i.e., NSKeyedArchiver payloads).
Also, this service is written in Swift, a mostly memory safe language which makes it significantly harder to introduce classic memory corruption vulnerabilities into the code base,” wrote Google Project Zero in late Jan.
2021 Apple Platform Security Highlights Include:
- Memory safe iBoot implementation
- Boot process for a Mac with Apple silicon
- Boot modes for a Mac with Apple silicon
- Startup Disk security policy control for a Mac with Apple silicon
- Local Policy signing-key creation and management
- Password Monitoring
- IPv6 security
- Car keys security in iOS
Most of what is included in the report has been previously announced or leaked – with the exception of details around Apple’s Security Research Device.
Apple Security Research Device
The Apple Security Research Device is a specially fused iPhone that allows security researchers to perform research on iOS without having to defeat or disable the platform security features of iPhone, according to Apple.
“With this device, a researcher can side-load content that runs with platform-equivalent permissions & thus perform research on a platform that more closely models that of production devices,” wrote Apple.
The deep dive report covers iOS 14, macOS Big Sur, Apple Silicon & iCloud Drive security. Part of today’s release also includes Security Certifications & Compliance Center website & guide.
The destination is designed to allow 3rd-party Apple customers & partners a way of assuring that Apple’s hardware, software & services meet the requirements of legislation, regulation & industry norms, according to the company.
Similar to Microsoft’s ‘Trustworthy Computing Initiative’, the Apple Platform Security report is designed to give partners, security researchers & consumers a holistic picture of its security posture.