Apple is a A notoriously closed and isolated organization, a trend that often puts it in conflict with the security research community. The company is often secretive about the technical details of how its products and security features work. So the feature that security researchers say they depend on most for bread crumbs is Apple’s annual Platform Security Guide, whose new edition was released today. It provides the most comprehensive and technical view of Apple protections to date – including the first documentation of Apple’s new M1 chips.
Apple first offered the guide a decade ago, as a very short summary at the beginning of the iPhone era. It later evolved into an “iOS Security Guide” focused exclusively on mobile devices, before expanding to cover macOS in 2019. It details security features like Touch ID and Face ID, Apple’s secure enclave and secure boot, to that software developers and security researchers can understand more about how these features work and interact with each other. Over the years, the company says it has tried to balance readability for a wide audience with utility for those with deeper technical knowledge. This year, it brings more information than ever about new and old features.
“I’m constantly referring to that guide for years, ”says Sarah Edwards, a longtime security researcher at Apple. “I use it for all aspects of my research, my daily work, my teaching work, everything. About once a year or more, I sit with him on my iPad and read page by page to see what I may have missed before or what happens to ‘click’ when I review it again after learning something through my search. “
This year’s edition contains significantly expanded information about hardware such as M1, new details about the secure enclave, and accounting for a number of software resources.
Researchers and hackers reap a lot through reverse engineering, the process of determining how something is built by examining the finished product. This “security through obscurity” helps keep attackers at bay, but by launching the Platform Security Guide, Apple can help its customers take advantage of its defensive capabilities, while providing guidance to security researchers on hope that they can find vulnerabilities before the bad guys do.
“Everything can be reverse engineered. This is a lot of fun, at least for me, ”says Will Strafach, a longtime iOS researcher and creator of the Guardian Firewall app for iOS. “But having a detailed and detailed official document from Apple is useful, as it allows people to know the intentions and limitations associated with certain security features. Apple always does a great job with it, even if it doesn’t dive too deep into the weeds. “
Researchers say they always have a few “wish list” items that they want Apple to include in future guides. Strafach wants to know more about how M1 chips handle the boot of other operating systems, always an issue for jailbreakers when Apple releases new processors. And he’s curious about Apple’s iOS 14 enhancements, which were intended to deny an ubiquitous exploitation of jailbreak, but can be circumvented in some cases.
Each of the researchers has specific hopes, and even esoteric dreams, of new guides, based on their specialties. Patrick Wardle, an independent security researcher at Apple, said he hopes to see more details about Apple’s own anti-virus and malware detection tools, something the company added in today’s report. He still hopes to get more information, however, on how to control some features of macOS more granularly.