All the latest UK technology news, reviews and analysis


Black Hat: Apple offers rare glimpse into iOS security

26 Jul 2012
Apple iPhone 4S

LAS VEGAS: Apple used its first appearance at the Black Hat conference to provide an unprecedented under-the-hood look at the security practices it has built in to its massively popular iPad and iPhone devices.

Speaking to a near-capacity crowd, Apple platform security team manager Dallas De Atley described how the platform relies on a complex set of hardware encryption and access keys to prevent malware from accessing the core components of the company's mobile operating system.

Though the security of the iOS platform has been largely credited to Apple's strict control of the App Store service, De Atley noted that the platform itself employs strict built-in security protections.

"When we were developing the phone we realised there were a number of aspects about the device that made it different from computers at the time," De Atley said.

"Security is an architecture, you have to build it from the beginning."

De Atley described how the company builds security checks into iOS from the kernel itself, running a series of checks before the device activates the display and other hardware components, then runs additional checks before loading other software components.

By doing so, iOS devices are able to check for possible issues in the firmware and operating system and allow the device to activate recovery alerts and procedures should key components of the device incur damage.

The checks and imprints are extended to system updates as well. Every software update includes a check with Apple to verify firmware and personalise the installation for each device, effictively preventing an attacker from downgrading a device to an older, more vulnerable firmware version.

Apple has also made encryption a central component to its security approach. By using hardware-based encryption, the company claimed it is able to save battery life and reduce processor load, while also laying the foundation for a complex series of checks and access keys.

User data is stored on a separate, encrypted partition on the hardware, and accessing various files requires the use of access keys which are tied to another series of master keys. Depending on pre-set permissions, the access keys are able to access various files and components based on conditions such as whether the device is currently awake or whether the user has entered their access code.

Even the access code itself has been designed for security. De Atley noted that the company employed techniques such as an 80 millisecond delay when entering keystrokes and an escalating delay time between attempts to thwart brute force crack attempts.

"If you have got a passcode that is six charactors and alphanumeric, it is going to take 5.5 years to attempt every single combination."

The presentation comes as Apple prepares to unveil the next version of iOS. The iOS 6 update is due to arrive this fall and will likely accompany a new iPhone model.

  • Comment  
  • Tweet  
  • Google plus  
  • Facebook  
  • LinkedIn  
  • Stumble Upon  
Shaun Nichols
About

Shaun Nichols is the US correspondent for V3.co.uk. He has been with the company since 2006, originally joining as a news intern at the site's San Francisco offices.

More on Mobile Phones
What do you think?
blog comments powered by Disqus
Poll

BYOD vs CYOD vs BYOC poll

Which approach is your firm taking to managing employees' mobile devices?
20%
14%
5%
20%
29%
12%

Popular Threads

Powered by Disqus
Google Android logo

How to take a screenshot on Android

A step by step guide to how to screen-grab on a Google-powered smartphone

Updating your subscription status Loading
Newsletters

Get the latest news (daily or weekly) direct to your inbox with V3 newsletters.

newsletter sign-up button
hpv33

Data protection: the key challenges

Deduplication is a foundational technology for efficient backup and recovery

rdc2

iPad makes its mark in the enterprise

The iPad can become a supercharged unified communications endpoint, allowing users to enhance their productivity

Java Software Developer

Java Software Developer Location: Manchester, Lancashire...

3rd Line Windows Support - Exchange, VMware, Hyper V, Networ

3rd Line Windows Support - Exchange, VMware, Hyper V...

Oracle PLSQL Developer

Oracle PLSQL Developer - Livingston - Up to 40k Key...

Junior Oracle PLSQL Developer

Junior Oracle PLSQL Developer - Livingston - £25,000...
To send to more than one email address, simply separate each address with a comma.