Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
Processing registration... Please wait.
This process can take up to a minute to complete.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
In a surprising move, Apple has gone public with its iOS security features releasing a detailed guide that highlights the technical specs of its products.
The 18-page document, considered the computing giant's first public address of its security engineering, covers system architecture, encryption, data protection and network security for devices running on iOS, which includes the iPhone, iPad and iPod Touch.
Although a majority of the features discussed in the report have been uncovered by researchers through reverse engineering, one notable topic covered by the document is the multiple security layers implemented into each iOS device.
“The combination of required code signing, sandboxing and entitlements in apps provides solid protection against viruses, malware and other exploits that compromise the security of other platforms,” states the manual.
Additionally, the report includes insight into the mobile operating system's use of address space layout randomization (ASLR), a feature designed to mitigate exploits and stifle saboteurs from corrupting a device's memory with malware.
ASLR was previously assumed to be in use by researchers, but the topic was never publicly discussed by Apple.
“Built-in apps use ASLR to ensure that all memory regions are randomised upon launch,” the security report stated. "Additionally, system shared library locations are randomized at each device startup."
Although Apple has primarily played its cards close to its chest when it comes to security, the information in the guide could signify a shift in its communication with the public. Charlie Miller, principal research consultant at Accuvant Labs, believes the company may be more concerned with its “acceptance in the enterprise market.”
“[The guide] is located on the enterprise portion of the website,” Miller said in an email to SCMagazine.com.
While the guide is a sign that Apple is coming out of its security shell, Miller says that this shouldn't be seen as a new stance on the topic.
“I've thought that a few times…and have been proven wrong, so from now on I need more convincing before I say that again.”
A spokesperson for Apple was not available for comment.
This article originally appeared at scmagazineus.com
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.
