Apple publishes new enterprise security guide for iOS and macOS
Apple has published a massive 157-page document detailing its "platform security", covering what it does for security in hardware and biometrics, system security, encryption, app security, security services and network security.
Security
The new document is part of Apple's emphasis on security, which includes its investments in new security technologies and its just opened public bug bounty. Until now, the bug bounty, which has a top reward of $1.5 million, has been closed to approved security researchers.
The company describes a number of its security innovations in the new document. "For example, Find My uses existing cryptographic primitives to enable the groundbreaking capability of distributed finding of an offline Mac — without exposing to anyone, including Apple, the identity or location data of any of the users involved," it said.
SEE: Top 20 Apple keyboard shortcuts for business users (free PDF)
Apple also sheds some light on efforts to improve Mac firmware security and how it's making it harder to exploit the iPhone via vulnerabilities like the 14 iOS bugs Google researchers recently found were being exploited in the wild.
The discovery of those bugs rattled Apple's status as inherently more secure than Android. These days, some exploit brokers are now offering more for Android exploits than iOS, which traditionally attracted the highest payments, but a surge in Safari and iMessage exports helped .
"[A]s attackers continue to increase the sophistication of their exploit techniques, Apple is dynamically controlling memory execution privileges for iPhone and iPad by leveraging custom CPU instructions — unavailable on any other mobile devices — to thwart compromise," the report states.
And echoing Apple CEO's Tim Cook's past statements on privacy, the report notes that the company believes "privacy is a fundamental human right and has numerous built-in controls and options that allow users to decide how and when apps use their information, as well as what information is being used."
The Apple Platform Security Fall 2019 guide is available as a PDF or as a more easily accessible website.
The document for the most part is specific to iOS 13.3, iPadOS 13.3, macOS 10.15.2, tvOS 13.3, and watchOS 6.1.1.
SEE: Apple opens public bug bounty program, publishes official rules
Apple noted the most critical component is the Secure Enclave coprocessor, which appears on all recent iOS, iPadOS, watchOS, and tvOS devices – and all Mac computers with the Apple T2 Security Chip.
"The Secure Enclave provides the foundation for encrypting data at rest, secure boot in macOS, and biometrics," it said.