Full Video of Apple Engineer's Black Hat Security Talk Now Available
Earlier this month, Apple's head of security engineering Ivan Krstic gave a talk at the Black Hat Conference, an annual event designed for the global InfoSec community. During the event, Krstic spoke about Apple security and unveiled the company's new bug bounty program.
Krstic's briefing is now available in full on YouTube, shared this morning on the Black Hat YouTube channel in a video entitled "Behind the Scenes of iOS Security."
In the talk, Krstic covers three major iOS security mechanisms -- HomeKit, Auto Unlock, and iCloud Keychain -- in "unprecedented technical detail," along with other iOS security measures.
HomeKit, Auto Unlock and iCloud Keychain are three Apple technologies that handle exceptionally sensitive user data - controlling devices (including locks) in the user's home, the ability to unlock a user's Mac from an Apple Watch, and the user's passwords and credit card information, respectively. We will discuss the cryptographic design and implementation of our novel secure synchronization fabric which moves confidential data between devices without exposing it to Apple, while affording the user the ability to recover data in case of device loss.
Data Protection is the cryptographic system protecting user data on all iOS devices. We will discuss the Secure Enclave Processor present in iPhone 5S and later devices and explain how it enabled a new approach to Data Protection key derivation and brute force rate limiting within a small TCB, making no intermediate or derived keys available to the normal Application Processor.
Traditional browser-based vulnerabilities are becoming harder to exploit due to increasingly sophisticated mitigation techniques. We will discuss a unique JIT hardening mechanism in iOS 10 that makes the iOS Safari JIT a more difficult target.
The most notable moment of Krstic's briefing features the unveiling of Apple's first ever bug bounty program, which will see the company paying out up to $200,000 to researchers who discover vulnerabilities in Apple software. Apple's bug bounty program, initially limited to a few dozen researchers, launches this September.
Popular Stories
iOS 26 was released last month, but the software train never stops, and iOS 26.1 beta testing is already underway. So far, iOS 26.1 makes both Apple Intelligence and Live Translation on compatible AirPods available in additional languages, and it includes some other minor changes across the Apple Music, Calendar, Photos, Clock, and Safari apps.
More features and changes will follow in future ...
With the fourth betas of iOS 26.1, iPadOS 26.1, and macOS 26.1, Apple has introduced a new setting that's designed to allow users to customize the look of Liquid Glass.
The toggle lets users select from a clear look for Liquid Glass, or a tinted look. Clear is the current Liquid Glass design, which is more transparent and shows the background underneath buttons, bars, and menus, while tinted ...
iOS 26.4 is expected to introduce a revamped version of Siri powered by Apple Intelligence, but not everyone is satisfied with how well it works.
In his Power On newsletter today, Bloomberg's Mark Gurman said some of Apple's software engineers have "concerns" about the overhauled Siri's performance. However, he did not provide any specific details about the shortcomings.
iOS 26.4 will...
Apple's software engineers continue to internally test iOS 26.0.2, according to MacRumors logs, which have been a reliable indicator of upcoming iOS versions.
iOS 26.0.2 will be a minor update that addresses bugs and/or security vulnerabilities, but we do not know any specific details yet.
The update will likely be released by the end of next week.
Last month, Apple released iOS 26.0.1,...
While the new iPad Pro's headline feature is the M5 chip, the device has some other changes, including N1 and C1X chips, faster storage speeds, and more.
With the M5 chip, the new iPad Pro has up to a 20% faster CPU and up to a 40% faster GPU compared to the previous model with the M4 chip, according to Geekbench 6 results. Keep in mind that 256GB and 512GB configurations have a 9-core CPU,...
With the fourth beta of iOS 26.1, Apple added a toggle that makes Liquid Glass more opaque and reduces transparency. We tested the beta to see where the toggle works and what it looks like.
Subscribe to the MacRumors YouTube channel for more videos.
If you have the latest iOS 26.1 beta, you can go to Settings > Display and Brightness to get to the new option. Tap on Liquid Glass, then...
Even though we're at the fourth beta of iOS 26.1, Apple is continuing to add new features. In fact, the fourth beta has some of the biggest changes that we'll get when iOS 26.1 releases to the public later this month. We've rounded up what's new below.
Liquid Glass Transparency Toggle
Apple added a toggle for customizing the look of Liquid Glass. In Settings > Display and Brightness,...
Apple on Wednesday updated the 14-inch MacBook Pro, iPad Pro, and Vision Pro with its next-generation M5 chip, but previous rumors have indicated that the company still plans to announce at least a few additional products before the end of the year.
The following Apple products have at one point been rumored to be updated in 2025, although it is unclear if the timeframe for any of them has...
