Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Behind the Scenes of iOS and Mac Security

Black Hat via YouTube

Overview

Explore a comprehensive Black Hat conference talk delving into the intricate security mechanisms of iOS and macOS. Gain insights into the Find My feature's privacy-preserving implementation, including the elliptic curve key diversification system. Discover Gatekeeper improvements in macOS Catalina, user data protections, and solutions to critical challenges like unrestricted direct memory access. Learn about DMA protection for Thunderbolt and PCIe, EFI exploit mitigations, and Mac Secure Boot. Examine the evolution of Kernel Integrity Protection, fast permission restrictions (APRR), and userland integrity safeguards. Understand the Page Protection Layer (PPL) and Pointer Authentication features. Investigate the security and privacy goals of the Find My feature for offline devices. Get information on Apple's iOS Security Research Device program and Security Bounty initiative, aimed at facilitating iOS research and enhancing overall system security.

Syllabus

Intro
Gatekeeper macOS Catalina
User Data Protections Data that requires user consent to access
Two Critical Challenges
Unrestricted Direct Memory Access
Direct Memory Access with VT-d
DMA Protection for Thunderbolt
DMA Protection for PCle Bus 0
PCle Option ROMS
OROM Sandbox
EFI Exploit Mitigations
Mac Secure Boot Summary
Software Enforced Code Integrity Before iOS 9
Kernel Integrity Protection vo
Lessons Learned
Kernel Integrity Protection v1: Read-Only Data
Kernel Integrity Protection v2
Fast Permission Restrictions (APRR) iPhone X
Pre-APRR VM Permissions
APRR: JavaScriptCore Execution Threads
APRR: JavaScriptCore JIT Compiler Thread
Protecting Userland Integrity
Page Protection Layer (PPL) iPhone XS
Page Protection Layer Summary
Pointer Authentication
Helping users find lost devices, even when offline
Security and Privacy Goals Protect owners, finders, and devices
Introduced in 2016
Making It Easier to Get Started with iOS Research
iOS Security Research Device program
Apple Security Bounty Summary

Taught by

Black Hat

Reviews

Start your review of Behind the Scenes of iOS and Mac Security

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.