Apple is one notoriously oppressive and insular organization, a tendency often at odds with the security research community. The company is generally secretive about the technicalities of how its products and security features work. Thus, the resource that security researchers rely most on for breadcrumbs is Apple’s annual Platform Security Guide, the new edition of which launched today. It offers the most comprehensive and technical look at Apple’s warranties to date, including the first documentation of Apple’s new M1 chips.
Apple first offered the guide ten years ago as a very brief description of the dawn of the iPhone era. It would later evolve into an “ iOS Security Guide ” focused solely on mobile, before expanding to macOS in 2019. It includes details about security features such as Touch ID and Face ID, Apple’s secure enclave and secure boot, so software developers and security researchers can understand more about how these features work and interact with each other. Over the years, the company says it has struck a balance between readability for a wide audience and usability for those with deeper technical knowledge. This year it contains more information than ever on features both new and old.
“I’m constant referring to that guide for years, ”said Sarah Edwards, an experienced Apple security researcher. “I use it for all aspects of my research, my day-to-day job, my teaching, everything. About once a year, I sit it down on my iPad and read it page by page to see what I’ve missed before or what happens to ‘clicks’ when I revisit after learning something through my research. “
This year’s edition includes significantly expanded information on hardware such as M1, new details about the secure enclave, and accounting of many software functions.
Researchers and hackers collect a lot through reverse engineering, the process of determining how something is built by examining the final product. That “ security through obscurity ” helps keep attackers at bay to some extent, but by releasing the Platform Security Guide, Apple can help its customers take advantage of its defensive features while providing guides for security researchers, hoping they be able to find vulnerabilities earlier. the bad guys.
“Everything can be reversed. That’s a lot of fun, at least for me, ”said Will Strafach, a longtime iOS researcher and creator of the Guardian Firewall app for iOS. “But having a comprehensive and well-detailed authoritative document from Apple is helpful because it allows people to know the intentions and limitations associated with certain security capabilities. Apple always does a great job with it, even if it doesn’t dive too deep into the weeds. “
Researchers say they always have some “wishlist” items they want Apple to include in future manuals. Strafach wants to learn more about how M1 chips handle booting other operating systems safely, always a question for jailbreakers when Apple releases new processors. And he’s curious about Apple’s iOS 14 enhancements that were intended to debunk a ubiquitous jailbreak escape, but can be circumvented in some cases.
Researchers each have specific, even esoteric hopes and dreams for new guides based on their specialties. Patrick Wardle, an independent Apple security researcher, said he hoped to see more details about Apple’s own antivirus and malware detection tools, something the company added in today’s report. However, he still hopes to gain a better understanding of how some macOS functions can be managed in greater detail.