Apple engineer Ivan Krstic is scheduled to host a discussion at this year's Black Hat Conference, offering a "Behind the Scenes" look at iOS security. Black Hat is an annual event designed for the global InfoSec community, giving security professionals a place to meet up and gain training on new techniques.

According to an overview of Krstic's talk, three iOS security mechanisms will be discussed in "unprecedented technical detail," including the first public discussion of Auto Unlock, a feature new to iOS 10.

blackhat

HomeKit, Auto Unlock and iCloud Keychain are three Apple technologies that handle exceptionally sensitive user data - controlling devices (including locks) in the user's home, the ability to unlock a user's Mac from an Apple Watch, and the user's passwords and credit card information, respectively. We will discuss the cryptographic design and implementation of our novel secure synchronization fabric which moves confidential data between devices without exposing it to Apple, while affording the user the ability to recover data in case of device loss.

Krstic will also cover the Secure Enclave Processor present in iOS devices that include the iPhone 5s and later, creating a discussion around how it enabled a new approach to Data Protection key derivation and brute force rate limiting within a small TCB, and he'll cover browser-based vulnerabilities and new protective features in iOS 10 Safari.

The 2016 Black Hat Conference will take place from July 30 to August 4 at the Mandalay Bay hotel in Las Vegas, Nevada. Tickets are priced at $2,595.

Top Rated Comments

keysofanxiety Avatar
113 months ago
Well the latest version of iOS 9's jailbreak got released this week, so spare yourself a ticket because the answer is: Security ain't good.
If you can't see the distinction between a user jailbreaking and unauthorised hacking, I would question why you felt the need to comment.
Score: 11 Votes (Like | Disagree)
uroshnor Avatar
113 months ago
Jailbreaking is hacking, a malicious third party can exploit the same holes that jailbreaks use. They are, like it or not, major security holes in iOS that allow you to bypass many of the systems protections. Those quick and easy jailbreak by visiting a website can easily be a malware install.
Since Apple stopped shipping the A4 processor, there has been no way to jailbreak without :

- knowing the device passcode
- having physical control of the device, and hooking it up to a computer that is running the jailbreak installation software
- rebooting the device as part of the process

Recent jailbreaks like Pangu require 10+ exploits chained together, under the above conditions (i.e. Unlocked & paired to the "hostile" computer)

Since the A7 shipped & iOS 8, there have been no "bypass the passcode attempt counter" attacks either. (There was one for A5/A6 and iOS 8, but it was patched with iOS 9).

If you look back to an earlier time, before the A5 and before secure enclave when a web based attack like JailbreakMe.com was feasible, across all 3 versions, it was unlatch for, IIRC, a total of 67 days (40 days for the first time, 20 the second and 7 the third).

If you look at the black market prices for the buying and selling of exploits to break into devices : for iOS exploits, when they are for sale, have going prices that are 10x to 100x other platforms , and a jailbreak is worth between 1 and 4 million USD.

Pangu and TaiG are funded by the pirate App Store market in China and have a comparable research budget to that.

So yes, the methods used in a jailbreak might enable malware , and might enable drive-by infestation, but in general Apple has gotten things to a point where in order to jailbreak you already have access to all the info on a phone. That's not ideal, but it's far from awful, and vastly better than 99% of Android devices and other platforms.
Score: 7 Votes (Like | Disagree)
keysofanxiety Avatar
113 months ago
Jailbreaking is hacking, a malicious third party can exploit the same holes that jailbreaks use.
Name one example of that, which has happened without user authorisation.
Score: 3 Votes (Like | Disagree)
smacrumon Avatar
113 months ago
I wish Apple would get more into the "behind the scenes" look of its technology at its keynotes as it used to in the past. In more recent keynotes, the unveilings have been more superficial and a little too sales pitchy IMHO.
Score: 3 Votes (Like | Disagree)
stepmuel Avatar
113 months ago
I wish Apple would get more into the "behind the scenes" look of its technology at its keynotes as it used to in the past.
Google "ios security white paper" and you'll get a PDF that is most likely exactly what the Apple engineer will talk about.

On https://developer.apple.com/videos/ you'll find all the technical "behind the scenes" videos. I recommend "Platform State of the Union" for a good overview.
Score: 2 Votes (Like | Disagree)
C DM Avatar
113 months ago
The iPhone 5s has a secure enclave? I did not know that.
Isn't that basically associated with TouchID and 64-bit architecture (both of which started out with 5s)?
Score: 1 Votes (Like | Disagree)

Popular Stories

iPhone 17 Pro 34ths Perspective

iPhone 17 Pro Launching Later This Year With These 10 New Features

Sunday March 23, 2025 10:00 am PDT by
While the iPhone 17 Pro and iPhone 17 Pro Max are not expected to launch until September, there are already plenty of rumors about the devices. Below, we recap key changes rumored for the iPhone 17 Pro models as of March 2025: Aluminum frame: iPhone 17 Pro models are rumored to have an aluminum frame, whereas the iPhone 15 Pro and iPhone 16 Pro models have a titanium frame, and the iPhone ...
iOS 18

iOS 18.4 Expected Next Week - Here Are the Release Notes

Friday March 28, 2025 2:01 pm PDT by
With the second release candidate of iOS 18.4 that Apple seeded out today, the company finally provided us with release notes that give a full rundown on what to expect. There's an Apple Vision Pro app, new Apple Intelligence features for notifications and additional language support, plus an Apple News Food feature for Apple News+ subscribers, and several updates that should improve the...
Magic Mouse Green

What to Expect From the Magic Mouse 3

Saturday March 29, 2025 10:15 am PDT by
Apple is reportedly working on a new Magic Mouse. Below, we recap what to expect. The two key rumors for the Magic Mouse 3 so far include a relocated charging port, along with a more ergonomic design. It was briefly rumored that the Magic Mouse 3 would also feature voice control, but that was misinterpreted information. Relocated Charging Port While the Magic Mouse switched from...
top stories 2025 03 29

Top Stories: WWDC 2025 Announced, iPhone 17 Pro and iOS 19 Rumors, and More

Saturday March 29, 2025 6:00 am PDT by
Apple's big developer event is a little over two months away, and rumors about what we can expect to see in Apple's next major operating system updates are becoming increasingly frequent. A public release of iOS 18.4 is also imminent with a number of updates and improvements, although we won't be getting the major Apple Intelligence Siri upgrades that had reportedly been planned for this...
Foldable iPhone 2023 Feature Homescreen

Six Things to Know About Apple's Upcoming Foldable iPhone

Friday March 28, 2025 3:54 pm PDT by
We've been hearing rumors about a foldable iPhone for almost a decade now, but it looks like we might finally see the device come to fruition in 2026. We're going to be waiting many more months for the foldable iPhone, but so far we're hearing good things. Apple wants to make it creaseless. It's taken Apple multiple years to design a foldable iPhone that it's satisfied with because Apple ...
iOS 19 visionOS UI Elements

Apple Codename Provides Clue About iOS 19's Rumored New Design

Sunday March 30, 2025 6:40 am PDT by
Multiple sources have claimed that iOS 19 will introduce a new design with more translucent buttons, menus, notification banners, and more, and there is now another clue that points towards this glass-like appearance. Bloomberg's Mark Gurman today said the new design project is codenamed "Solarium" internally. A solarium is a room with glass walls that allow in plenty of sunlight, so this...
ipad pro 2024

Gurman: New iPad Pro and MacBook Pro Models With M5 Chips to Launch Later This Year

Sunday March 30, 2025 6:06 am PDT by
Apple's next-generation iPad Pro models with the M5 chip will "launch this year," according to Bloomberg's Mark Gurman. In his Power On newsletter today, Gurman said the new iPad Pro models have progressed to an "advanced testing" stage, and he expects mass production of the devices to begin in the second half of this year. If that timeframe is met, the new iPad Pro models could launch...
Facebook Feature

Facebook's New iPhone App Feature Turns the Clock Back to 2007

Thursday March 27, 2025 1:59 pm PDT by
In the mid-to-late 2000s, Facebook was all about staying connected with friends and family. However, as the social media platform added new features and grew over time, that core experience began to get drowned out. That changes starting now, according to Meta, which today introduced a new feature that will "bring back the joy" of classic Facebook. Specifically, Meta has redesigned the...