
iOS 10 Security White Paper [pdf] - IBM
https://www.apple.com/business/docs/iOS_Security_Guide.pdf
======
floatboth
This is really cool:

> Securely erasing saved keys is just as important as generating them. It’s
> especially challenging to do so on flash storage, where wear-leveling might
> mean multiple copies of data need to be erased. To address this issue, iOS
> devices include a feature dedicated to secure data erasure called Effaceable
> Storage. This feature accesses the underlying storage technology (for
> example, NAND) to directly address and erase a small number of blocks at a
> very low level.

I guess that means separate storage, as the main storage in recent iPhones is
an NVMe SSD and not raw NAND attached to the processor.

BTW, is there a good / easy way to connect raw NAND to a normal desktop PC?

~~~
pkaye
What purpose do you want to access raw NAND? If you are okay with just a basic
low speed connection to read the NAND, there is a fairly standardized async
protocol which you could achieve with a dozen GPIO pins. You could also use a
FPGA or and NAND flash programmer (like of like the old EPROM programmers)

However beyond this, you need to know a bit more information to interpret this
raw data. This includes any data framing structure, error correction,
scrambling, encryption and read error recovery algorithms. A lot of this
information is non-standard or only available under NDA from the manufacturer.

~~~
floatboth
I just want it to show up in the OS as MTD so e.g. I could use it with JFFS2
like OpenWrt does on routers. But on a desktop PC.

~~~
pkaye
In that case, I'm not familiar of any practical way to to interface to the
NAND flash except that which comes with some embedded controllers boards. But
let me add that even if you interface to the NAND, you still need to solve
some of the things I mentioned above if the NAND is any technology node below
20nm or so. If you don't do it right, even with decent error correction you
will get a high bit error rate.

------
dguido
@computerality extracted the sections that changed between the iOS 9 and 10
security white papers here:

[https://gist.github.com/computerality/3e0bc104cd216bf0f03f8d...](https://gist.github.com/computerality/3e0bc104cd216bf0f03f8d3aa8fbf081)
<\--- only the new parts

tl;dr:

[https://twitter.com/computerality/status/844652877058625536](https://twitter.com/computerality/status/844652877058625536)

[https://twitter.com/computerality/status/844654500141060096](https://twitter.com/computerality/status/844654500141060096)

[https://twitter.com/computerality/status/844655868377550848](https://twitter.com/computerality/status/844655868377550848)

~~~
wikibob
And here's a direct link to the computerality diff in plain text for easy
viewing on mobile:

[https://gist.githubusercontent.com/computerality/3e0bc104cd2...](https://gist.githubusercontent.com/computerality/3e0bc104cd216bf0f03f8d3aa8fbf081/raw/31b8ebf1cbe6b716e0eb51ad1b1fbb403d18f2e9/gistfile1.txt)

------
CalChris
Its previous edition was required reading for CS 161 at Berkeley. Would that
it were required reading in Mountain View.

[http://www-inst.cs.berkeley.edu/~cs161/fa16/](http://www-
inst.cs.berkeley.edu/~cs161/fa16/)

(Yeah, it says optional on the syllabus but Weaver said _required_ in
lecture.)

~~~
AsyncAwait
Do they don't know/care about security, or is it simply the case that it is
hard to have something like the secure enclave across all Android devices?
Genuine question.

~~~
izacus
Mmm? Secure enclave is present on most Android devices and is mandatory since
Android 6.0.

(It's just called something else.)

Historically Android has been lagging behind a bit from iOS devices when it
comes to security, but Pixels and their software have a very similar security
model and design (with some exceptions - less granularity with file-based
encryption and some other mostly minor details).

Non Google devices however are usually significantly less secure - not so much
due to Android design, as due to manufacturers deliberately disabling
Android's security featuers (e.g. only Pixel actually uses dm-verity at this
moment if I remember correctly), refusing to update them, building devices
with bad trustzone drivers... etc.

If you keep to the 1st party (Google-branded) devices like in iOS world,
you're mostly ok.

~~~
CalChris
Yes, they're using the ARM Trusted Execution Environment rather than a
separate Enclave chip with its separate OS (L4). Apple is an ARM architecture
licensee, designing their own compatible chips. So the TEE would have been an
available path (compatibility is still required, no?) but they instead went
the extra yard with a separate Enclave chip. As their white paper details,
they also go to insane levels with that chip and moreover with its
communications rather than just trust the TEE within an ARM chip and call it a
day.

~~~
Cyph0n
More recent ARM chips (A9+) come bundled with ARM TrustZone[1]. In a nutshell,
the processor has two (hardware) isolated execution environments each running
a different OS and different software. By default, the secure environment of
TrustZone runs an L4 kernel (edit: this is incorrect, see reply below).

Could it be the case that Apple is leveraging TrustZone but with a customized
L4 kernel? Or is it confirmed that the Secure Enclave is a custom IC designed
by Apple? I wouldn't be surprised if it's the former as it becomes much
cheaper to implement the required security features.

 __Edit: __Check out this previous discussion on this exact
topic:[https://news.ycombinator.com/item?id=8410700](https://news.ycombinator.com/item?id=8410700)

[1]: [https://www.arm.com/products/security-on-
arm/trustzone](https://www.arm.com/products/security-on-arm/trustzone)

~~~
bryanbuckley
> By default, the secure environment of TrustZone runs an L4 kernel.

By default no SW runs on HW. "Mobicore" (now called "Kinibi" from Trustonic)
is based on L4.

~~~
Cyph0n
I know that mate, no need to get snarky. What I meant is that it was bundled
with the core by default, but thanks for the correction. I thought I read it
somewhere, but judging by a quick search, it seems I'm mistaken.

~~~
bryanbuckley
Depends on the HW manufacturer and SKU on what is bundled or not.. Even ROM
code can be different per SKU.

------
camdenlock
This is one of the reasons why Apple is still great. Their designs are
thoughtful and deeply-considered. They may disappear up their own asses with a
fair amount of regularity, but that doesn't stop them from excelling in
certain areas (such as, indeed, privacy and security).

~~~
bjelkeman-again
It is sad that something like the iCloud Keychain is so poorly implemented
across the different devices.

~~~
alphabettsy
How so? You mean from user access and usability standpoint?

I know I certainly wish there was a Keychain access app like on macOS
available for iOS rather than only being able to access passwords via Safari
settings.

~~~
comex
Probably referring to the key distribution process, where to enable iCloud
Keychain you have to approve from another device. It's a sound design in
theory - the keys are only stored locally, so even Apple can't access them -
but I've personally experienced issues several times where the approval
notification wouldn't show up on my other devices, or the UI was in an
inconsistent state, etc.

~~~
haikuginger
It's true- I think one of Apple's main stumbling points lately has been
failing to consider the user experience in cases where, for example, a good
Internet connection isn't available, or a particular piece of data has an
unexpected attribute.

------
Animats
What's lacking is a requirement that Apple Store apps must cooperate with user
privacy settings. If the user denies an app access to location services,
contacts, or calendars, Apple should require that the app still run. For
example, if the user denies the Uber app location information when the app is
not being used, Uber car ordering should still work. Apps should not be
allowed to demand access they do not need to serve the user.

~~~
djrogers
You picked a bad example, as Uber car ordering does work with location
services disabled.

Any better examples come to mind of apps that refuse to run unless hey have an
unreasonable feature granted?

~~~
bigiain
Signal won't run without access to your contacts (at least on iOS). Whether
that's considered "unreasonable" is being actively argued on Twitter at the
moment...

~~~
Esau
Personally, I don't consider using a phone number as reasonable. Usernames
should be allowed for those who don't have or don't want phones.

~~~
bigiain
I dunno. It's hard.

If you allow user-generated usernames, what's to stop me signing up as Linus
Torvalds or Hillary Clinton, and creating drama for the lulz?

Using the phone number as a unique and verifiable identifier seems like a
pragmatic - if not perfect choice. By using the SMS confirmation it makes it
much more difficult for me to impersonate Linus or Hilary - because I'd need
to impersonate their phone number _and_ respond to an SMS sent to it. Not
nation state secure, but better than nothing...

The other problem Moxie's trying to solve is the discoverability problem -
which jwz _doesn't_ want solved (nor do people with abusive exes or other
categories of users Signal if often very vocally advocated for "Use TOR. Use
Signal. Use a VPN!!!"). Moxie wants to be able to calculate the intersection
of your contact list with every other Signal user's contact list, so it can
prompt you to let you know you can use Signal to communicate with them which
you'd otherwise probaby no know. And as he says, to be most valuable, e2e
encrypted messaging needs to become the default messaging channel under normal
use, so it'll not need to be installed/setup/learned under stress when it's
need becomes critical.

I think Signal's got the "soundbite message" of what they do very carefully
crafted and it's very enticing, but by nature soundbite sized or elevator
pitch sized message inevitably leave out the complexity of edge cases.

I'm 99.99% sure Moxie isn't lying about what we could all read in the
sourcecode if we cared enough to spend the time reading it - all the people
jwz is concerned about sending him Signal messages already had his phone
number in their contact list so could have already been sending him text
messages. Moxie's view is jwz is better off having all those people know they
can _also_ contact him using e2e encrypted messaging as well. jwz doesn't
agree, and doesn't think letting all those people know he has installed an
encrypted messaging app is "privacy protecting". There's certainly merit in
both points of view.

------
zaytoun
I really do respect Apple's attention to security and privacy, however I was a
little disappointed when I came across an Apple ID leak from their login form
[0] last week. They patched a fix a couple days after I reported it, but still
haven't responded to my initial report. It's quite concerning given how easy
this simple flaw could have been used for malicious purposes to potentially
collect millions of Apple ID's.

[0] [https://github.com/zaytoun/Apple-ID-Data-
Leak](https://github.com/zaytoun/Apple-ID-Data-Leak)

~~~
chatmasta
That looks like extremely irresponsible disclosure? Publishing to GitHub and
then "edit: I contacted apple"

????

~~~
sillysaurus3
There's nothing wrong with disclosing a security bug immediately.

[https://hn.algolia.com/?query=author:tptacek%20responsible%2...](https://hn.algolia.com/?query=author:tptacek%20responsible%20disclosure%20&sort=byDate&prefix&page=0&dateRange=all&type=comment)

~~~
chatmasta
Wow, he's nothing if not consistent... you gotta respect that. Same opinion
and phrasing going back 4+ years!

~~~
tptacek
Closer to 24.

[http://www.securityfocus.com/blogs/906](http://www.securityfocus.com/blogs/906)

------
rimliu
There is also this:
[https://www.youtube.com/watch?v=BLGFriOKz6U](https://www.youtube.com/watch?v=BLGFriOKz6U)

------
Esau
Did they never release an iOS 10 security paper before now? I'm asking because
iOS 10 has been out for a while and iOS 11 is just around the corner.

------
locacorten
Microsoft's paper: [https://www.microsoft.com/en-us/research/wp-
content/uploads/...](https://www.microsoft.com/en-us/research/wp-
content/uploads/2016/02/msr-tr-2015-84.pdf)

~~~
tra3
Slightly offtopic, that cant be a wordpress instance can it? I've only seen
`wp-content` paths on wordpress blogs...

~~~
chuckdries
wordpress is _popular_ man

~~~
tra3
Amazing. Microsoft running wordpress on the main corporate site.

------
qrbLPHiKpiux
Their LEO guide is just as good, but not updated in a while.

~~~
zsmizzle
Link?

------
tmsldd
Is there any similar document about macOS ?

~~~
archvile
The only one I could find provided from Apple applies to 10.6 Snow Leopard.
Strange there isn't a similar security guide for Mac OS like they have for
iOS.

------
gwu78
[http://www.cultofmac.com/280189/icloud-hacker-calls-
apples-r...](http://www.cultofmac.com/280189/icloud-hacker-calls-apples-
response-little-late/)

[http://www.mirror.co.uk/news/technology-
science/technology/a...](http://www.mirror.co.uk/news/technology-
science/technology/apple-warned-icloud-vulnerability-months-4326913)

~~~
IBM
"There have not been any breaches in any of Apple’s systems including iCloud
and Apple ID," the spokesperson said. "The alleged list of email addresses and
passwords appears to have been obtained from previously compromised third-
party services."

[http://fortune.com/2017/03/22/apple-iphone-hacker-
ransom/](http://fortune.com/2017/03/22/apple-iphone-hacker-ransom/)

