LAS VEGAS -- Apple Inc.'s first public appearance before the security community was poorly received by an audience...
of security researchers, several of whom said the iPhone and iPad maker missed an opportunity to open a dialogue with them. Instead, Apple shed little light on the company's internal security processes, which have long remained a mystery.
[Apple] could have come in and embraced the security community, but instead we got a recitation of the white paper.
The presentation by Dallas De Atley, Apple's manager of platform security, Thursday at the 2012 Black Hat Briefings conference, marked the first time the Cupertino, Calif.-based company has ever spoken publicly about its products' security architectures.
In May, Apple issued an iOS Security white paper (.pdf), which in general terms described its system architecture, data protection and network security processes. For many at the hacker conference, the technologies and processes outlined in De Atley's presentation were little more than a review of the white paper, dashing the hopes of attendees who were eager for more, especially on its internal security processes.
"They could have come in and embraced the security community, but instead we got a recitation of the white paper," said Charlie Miller, a security consultant at Denver-based Accuvant Inc. "It was everything that we already know and have long documented about the platform."
Miller said the Apple tech talk shared nothing about how Apple vets applications, nor did De Atley take any questions from attendees; he was whisked out a side door immediately following the presentation.
Despite all the protections that Apple has put in place to protect the iOS platform, security researchers have found ways to bypass many of them. Miller and another prominent security researcher, Dino Dai Zovi, have written books about Apple internals and the iOS architecture. Apple last year banned Miller from obtaining early builds of iOS 6, following a proof-of-concept demonstration in 2011 in which he ran malicious code on an iPhone.
Dallas De Atley, Manager of the platform security team, Apple Inc.
Credit: Black Hat Events (C) 2012
When De Atley took the podium, he explained that Apple engineers focused on building security into the underlying architecture of iPhone and iPad devices from the very beginning, adding capabilities to validate software running on the devices, and to tightly control the processes running at any time.
De Atley told conference attendees the security features and internal architecture of Apple iOS are responsible for limiting the attack surface, making malware and other attacks difficult for cybercriminals to carry out. In addition to using code signing to validate apps and sandboxing to isolate them from critical processes, he said Apple engineers designed the iOS kernel to be the ultimate authority, responsible for providing access to the user's data and for protecting it.
More from Black Hat 2012
See more of SearchSecurity.com's special coverage of Black Hat 2012.
"Our attitude is that security is architecture; you have to build it in from the very beginning," De Atley said. "It's not something that you can sprinkle over the code when you are done."
When developing the iPhone, De Atley said, Apple engineers realized there were aspects about the device that made it different from typical computers. Many underlying baseband components remain live, even when the device is in sleep mode.
"The device is always connected to some form of networking infrastructure," he said. "There's networking infrastructure that is always aware of the device and can send it data."
With that understood, various teams worked on creating security features that rely on the A5 processor, which is the heart of the iPhone. From there, the company established what it calls a “chain of trust,” a series of software-validation processes that can determine if a device is corrupted, and in turn always provide the option to reset a device to factory settings.
To limit the attack surface available to cybercriminals, De Atley said Apple engineers only added system tools that were necessary; that's why the device doesn't ship with a shell or any remote login support.
"A lot of the command-line interface that OS X users are familiar with isn't on the iPhone," De Atley said.
The company also partitioned the iPhone, creating a read-only system partition and a partition where all the user data is stored.
De Atley also described the device's data protection features. Apple also supports AES and SHA encryption, employing them from within the processor itself. Dedicated keys are stored in the processor. He said neither Apple nor the manufacturer knows what they are.
In addition, De Atley said the software update was designed to make it as easy as possible for customers to deploy updates. About 80% of device owners are running the latest version, he said, meaning their devices have Apple's most recent security fixes installed.
"We want to make sure that our customers can take advantage of those fixes as quickly and easy as possible," he said.