Security and privacy of iOS

Last updated

The iOS operating system utilizes many security features in both hardware and software, from the boot process to biometrics.

Contents

Secure Boot

Before fully booting into iOS, there is low-level code that runs from the Boot ROM. Its task is to verify that the Low-Level Bootloader is signed by the Apple Root CA public key before running it. This process is to ensure that no malicious or otherwise unauthorized software can be run on an iOS device. After the Low-Level Bootloader finishes its tasks, it runs the higher level bootloader, known as iBoot. If all goes well, iBoot will then proceed to load the iOS kernel as well as the rest of the operating system. [1]

Secure Enclave

The Secure Enclave is a coprocessor found in iOS devices part of the A7 and newer chips used for data protection. It includes the user data pertaining to Touch ID, Face ID, and Apple Pay, among other sensitive data. [2] The purpose of the Secure Enclave is to handle keys and other info such as biometrics that is sensitive enough to not be handled by the Application Processor (AP). It is isolated with a hardware filter so the AP cannot access it. [2] It shares RAM with the AP, but its portion of the RAM (known as TZ0) is encrypted. The secure enclave itself is a flashable 4 MB AKF processor core called the secure enclave processor (SEP) as documented in Apple Patent Application 20130308838. The technology used is similar to ARM's TrustZone/SecurCore but contains proprietary code for Apple KF cores in general and SEP specifically. It is also responsible for generating the UID key on A9 or newer chips that protects user data at rest.[ citation needed ]

It has its own secure boot process to ensure that it is completely secure. A hardware random number generator is also included as a part of this coprocessor. Each device's Secure Enclave has a unique ID that is given to it when it is made and cannot be changed. This identifier is used to create a temporary key that encrypts the memory in this portion of the system. The Secure Enclave also contains an anti-replay counter to prevent brute force attacks. [1]

The SEP is located in the devicetree under IODeviceTree:/arm-io/sep and managed by the AppleSEPManager driver. [3]

In 2020, security flaws in the SEP were discovered, causing concerns about Apple devices such as iPhones. [4]

Face ID

Face ID is a face scanner that is embedded in the notch on iPhone models X, XS, XS Max, XR, 11, 11 Pro, 11 Pro Max, 12, 12 Mini, 12 Pro, 12 Pro Max, 13, 13 Mini, 13 Pro, 13 Pro Max, 14, and the 14 Plus. On the iPhone 14 Pro, 14 Pro Max, IPhone 15, IPhone 15 Plus, IPhone 15 Pro, and IPhone 15 Pro Max, it is embedded in the Dynamic Island. [5] It can be used to unlock the device, make purchases, and log into applications among other functions. When used, Face ID only temporarily stores the face data in encrypted memory in the Secure Enclave, as described above. There is no way for the device's main processor or any other part of the system to access the raw data that is obtained from the Face ID sensor. [1]

Passcode

iOS devices can have a passcode that is used to unlock the device, make changes to system settings, and encrypt the device's contents. Until recently, these were typically four numerical digits long. However, since unlocking the devices with a fingerprint by using Touch ID has become more widespread, six-digit passcodes are now the default on iOS with the option to switch back to four or use an alphanumeric passcode. [1]

Touch ID

Touch ID is a fingerprint scanner that is embedded in the home button and can be used to unlock the device, make purchases, and log into applications among other functions. When used, Touch ID only temporarily stores the fingerprint data in encrypted memory in the Secure Enclave, as described above. Like Face ID, there is no way for the device's main processor or any other part of the system to access the raw fingerprint data that is obtained from the Touch ID sensor. [1]

Address Space Layout Randomization

Address Space Layout Randomization (ASLR) is a low-level technique of preventing memory corruption attacks such as buffer overflows. It involves placing data in randomly selected locations in memory in order to make it more difficult to predict ways to corrupt the system and create exploits. ASLR makes app bugs more likely to crash the app than to silently overwrite memory, regardless of whether the behavior is accidental or malicious.[ citation needed ]

Non-executable memory

iOS utilizes the ARM architecture's Execute Never (XN) feature. This allows some portions of the memory to be marked as non-executable, working alongside ASLR to prevent buffer overflow attacks including return-to-libc attacks. [1]

Encryption

As mentioned above, one use of encryption in iOS is in the memory of the Secure Enclave. When a passcode is utilized on an iOS device, the contents of the device are encrypted. This is done by using a hardware AES 256 implementation that is very efficient because it is placed directly between the flash storage and RAM. [1]

iOS, in combination with its specific hardware, uses crypto-shredding when erasing all content and settings by obliterating all the keys in 'effaceable storage'. This renders all user data on the device cryptographically inaccessible. [6]

Keychain

The iOS keychain is a database of login information that can be shared across apps written by the same person or organization. [1] This service is often used for storing passwords for web applications. [7]

App security

Third-party applications such as those distributed through the App Store must be code signed with an Apple-issued certificate. In principle, this continues the chain of trust all the way from the Secure Boot process as mentioned above to the actions of the applications installed on the device by users. Applications are also sandboxed, meaning that they can only modify the data within their individual home directory unless explicitly given permission to do otherwise. For example, they cannot access data owned by other user-installed applications on the device. There is a very extensive set of privacy controls contained within iOS with options to control apps' ability to access a wide variety of permissions such as the camera, contacts, background app refresh, cellular data, and access to other data and services. Most of the code in iOS, including third-party applications, runs as the "mobile" user which does not have root privileges. This ensures that system files and other iOS system resources remain hidden and inaccessible to user-installed applications. [1]

App Store bypasses

Companies can apply to Apple for enterprise developer certificates. These can be used to sign apps such that iOS will install them directly (sometimes called "sideloading"), without the app needing to be distributed via the App Store. [8] The terms under which they are granted make clear that they are only to be used for companies who wish to distribute apps directly to their employees. [8]

Circa January–February 2019, it emerged that a number of software developers were misusing enterprise developer certificates to distribute software directly to non-employees, thereby bypassing the App Store. Facebook was found to be abusing an Apple enterprise developer certificate to distribute an application to underage users that would give Facebook access to all private data on their devices. [9] [10] [11] Google was abusing an Apple enterprise developer certificate to distribute an app to adults to collect data from their devices, including unencrypted data belonging to third parties. [12] [8] AltStore, AppValley, Panda Helper, TweakBox and TutuApp have all been abusing enterprise developer certificates to distribute apps that offer pirated software. [13]

Network security

iOS supports TLS with both low- and high-level APIs for developers. By default, the App Transport Security (ATS) framework requires that servers use at least TLS 1.2. However, developers are free to override this framework and utilize their own methods of communicating over networks. When Wi-Fi is enabled, iOS uses a randomized MAC address so that devices cannot be tracked by anyone sniffing wireless traffic. [1]

Two-factor authentication

Two-factor authentication is an option in iOS to ensure that even if an unauthorized person knows an Apple ID and password combination, they cannot gain access to the account. It works by requiring not only the Apple ID and password, but also a verification code that is sent to an iDevice or mobile phone number that is already known to be trusted. [1] If an unauthorized user attempts to sign in using another user's Apple ID, the owner of the Apple ID receives a notification that allows them to deny access to the unrecognized device. [14]

Hardened memory allocation

iOS features a hardened memory allocator known as kalloc_type that was introduced in iOS 15. Since the XNU kernel is primarily written in memory unsafe languages such as C and C++, [15] kalloc_type is designed to mitigate the large amount of vulnerabilities that result from the use of these languages in the kernel. In order to achieve this, kalloc_type implements mitigations such as type isolation in order to prevent type confusion and buffer overflow vulnerabilities. Ultimately, the prevention of privilege escalation is intended. [16]

Related Research Articles

Darwin is the core Unix operating system of macOS, iOS, watchOS, tvOS, iPadOS, visionOS, and bridgeOS. It previously existed as an independent open-source operating system, first released by Apple Inc. in 2000. It is composed of code derived from NeXTSTEP, FreeBSD, other BSD operating systems, Mach, and other free software projects' code, as well as code developed by Apple.

Apple Developer is Apple Inc.'s website for software development tools, application programming interfaces (APIs), and technical resources. It contains resources to help software developers write software for the macOS, iOS, iPadOS, watchOS, tvOS and visionOS platforms.

<span class="mw-page-title-main">XNU</span> Computer operating system kernel

XNU is the computer operating system (OS) kernel developed at Apple Inc. since December 1996 for use in the Mac OS X operating system and released as free and open-source software as part of the Darwin OS, which in addition to macOS is also the basis for the Apple TV Software, iOS, iPadOS, watchOS, visionOS, and tvOS OSes.

<span class="mw-page-title-main">Privilege escalation</span> Gaining control of computer privileges beyond what is normally granted

Privilege escalation is the act of exploiting a bug, a design flaw, or a configuration oversight in an operating system or software application to gain elevated access to resources that are normally protected from an application or user. The result is that an application with more privileges than intended by the application developer or system administrator can perform unauthorized actions.

In computer security, a sandbox is a security mechanism for separating running programs, usually in an effort to mitigate system failures and/or software vulnerabilities from spreading. The isolation metaphor is taken from the idea of children who do not play well together, so each is given their own sandbox to play in alone. It is often used to execute untested or untrusted programs or code, possibly from unverified or untrusted third parties, suppliers, users or websites, without risking harm to the host machine or operating system. A sandbox typically provides a tightly controlled set of resources for guest programs to run in, such as storage and memory scratch space. Network access, the ability to inspect the host system, or read from input devices are usually disallowed or heavily restricted.

<span class="mw-page-title-main">Keychain (software)</span> Password management system in macOS

Keychain is the password management system in macOS, developed by Apple. It was introduced with Mac OS 8.6, and has been included in all subsequent versions of the operating system, now known as macOS. A Keychain can contain various types of data: passwords, private keys, certificates, and secure notes.

iOS Mobile operating system by Apple

iOS is a mobile operating system developed by Apple Inc. exclusively for its smartphones. It was unveiled in January 2007 for the first-generation iPhone, launched in June 2007.

<span class="mw-page-title-main">BootX (Apple)</span> Boot loader developed by Apple Inc.

BootX is a software-based bootloader designed and developed by Apple Inc. for use on the company's Macintosh computer range. BootX is used to prepare the computer for use, by loading all required device drivers and then starting-up Mac OS X by booting the kernel on all PowerPC Macintoshes running the Mac OS X 10.2 operating system or later versions.

Apple ID is a user account by Apple for their devices and software. Apple IDs contain the user's personal data and settings. When an Apple ID is used to log in to an Apple device, the device will automatically use the data and settings associated with the Apple ID.

Rooting is the process by which users of Android devices can attain privileged control over various subsystems of the device, usually smartphones and tablets. Because Android is based on a modified version of the Linux kernel, rooting an Android device gives similar access to administrative (superuser) permissions as on Linux or any other Unix-like operating system such as FreeBSD or macOS.

The following outline of Apple Inc. is a topical guide to the products, history, retail stores, corporate acquisitions, and personnel under the purview of the American multinational corporation Apple Inc.

<span class="mw-page-title-main">Notes (Apple)</span> Software application for Apple platforms

Notes is a notetaking app developed by Apple Inc. It is provided on the company's iOS, iPadOS, visionOS, and macOS operating systems, the latter starting with OS X Mountain Lion. It functions as a service for making short text notes, which can be synchronized between devices using Apple's iCloud service. The application uses a similar interface on iOS and macOS, with a non-textured paper background for notes and light yellow icons, suggesting pencil or crayon. Until 2013, both applications used a strongly skeuomorphic interface, with a lined, textured paper design; the Mountain Lion version placed this inside a leather folder. This design was replaced in OS X Mavericks and iOS 7.

<span class="mw-page-title-main">Touch ID</span> Electronic fingerprint recognition feature by Apple

Touch ID is an electronic fingerprint recognition feature designed and released by Apple Inc. that allows users to unlock devices, make purchases in the various Apple digital media stores, and authenticate Apple Pay online or in apps. It can also be used to lock and unlock password-protected notes on iPhone and iPad. Touch ID was first introduced in iPhones with the iPhone 5s in 2013. In 2015, Apple introduced a faster second-generation Touch ID in the iPhone 6s; a year later in 2016, it made its laptop debut in the MacBook Pro integrated on the right side of the Touch Bar. Touch ID has been used on all iPads since the iPad Air 2 was introduced in 2014. In MacBooks, each user account can have up to three fingerprints, and a total of five fingerprints across the system. Fingerprint information is stored locally in a secure enclave on the Apple A7 and later chips, not in the cloud, a design choice intended to secure fingerprint information from users or malicious attackers.

Remote mobile virtualization, like its counterpart desktop virtualization, is a technology that separates operating systems and applications from the client devices that access them. However, while desktop virtualization allows users to remotely access Windows desktops and applications, remote mobile virtualization offers remote access to mobile operating systems such as Android.

iOS 9 2015 mobile operating system

iOS 9 is the ninth major release of the iOS mobile operating system developed by Apple Inc., being the successor to iOS 8. It was announced at the company's Worldwide Developers Conference on June 8, 2015, and was released on September 16, 2015. It was succeeded by iOS 10 on September 13, 2016.

IPSW, iPhone Software, is a file format used to install iOS, iPadOS, tvOS, HomePod, watchOS, and most recently, macOS firmware for devices equipped with Apple silicon. All Apple devices share the same IPSW file format for iOS firmware and their derivatives, allowing users to flash their devices through Finder or iTunes on macOS or Windows, respectively. Users can flash Apple silicon Macs through Apple Configurator 2.

<span class="mw-page-title-main">Face ID</span> Facial recognition system by Apple

Face ID is a facial recognition system designed and developed by Apple Inc. for the iPhone and iPad Pro. The system allows biometric authentication for unlocking a device, making payments, accessing sensitive data, providing detailed facial expression tracking for Animoji, as well as six degrees of freedom (6DOF) head-tracking, eye-tracking, and other features. Initially released in November 2017 with the iPhone X, it has since been updated and introduced to several new iPhone models, and Many iPad Pro models.

<span class="mw-page-title-main">Apple T2</span> System on a chip (SoC) designed by Apple Inc.

The Apple T2 security chip is a system on a chip "SoC" tasked with providing security and controller features to Apple's Intel based Macintosh computers. It is a 64-bit ARMv8 chip and runs bridgeOS. T2 has its own RAM and is essentially a computer of its own, running in parallel to and responding to requests by the main computer that the user interacts with.

iPadOS 16 2022 tablet operating system by Apple Inc.

iPadOS 16 is the fourth major release of the iPadOS operating system developed by Apple for its iPad line of tablet computers. The successor to iPadOS 15, it was announced at the company's Worldwide Developers Conference (WWDC) on June 6, 2022, along with iOS 16, macOS Ventura, watchOS 9, and tvOS 16. It received numerous new features, improving multitasking and many other aspects of the operating system, most notably on iPads with Apple's M1 SoC and later.

References

  1. 1 2 3 4 5 6 7 8 9 10 11 Apple Inc. (May 2016). "iOS Security Guide" (PDF). Apple.com. Archived (PDF) from the original on February 27, 2016.
  2. 1 2 "Secure Enclave". Apple Support. Retrieved 2023-06-22.
  3. "I/O registry dump". winocm blag. Archived from the original on September 23, 2013. Retrieved August 11, 2020.
  4. Espósito, Filipe (August 1, 2020). "New 'unpatchable' exploit allegedly found on Apple's Secure Enclave chip, here's what it could mean". 9to5Mac . Archived from the original on November 5, 2021. Retrieved November 5, 2021.
  5. "All the apps and features Dynamic Island Supports". techSpark. 9 November 2022. Archived from the original on November 1, 2022. Retrieved November 9, 2022.
  6. "Crypto-shredding using effaceable storage in iOS on stanford.edu". Archived from the original on September 11, 2018. Retrieved September 21, 2018.
  7. "iOS Keychain Services Tasks". Apple Developer. Archived from the original on December 20, 2016. Retrieved December 6, 2016.
  8. 1 2 3 Whittaker, Zack (February 2019). "Everything you need to know about Facebook, Google's app scandal". TechCrunch. Archived from the original on January 11, 2023. Retrieved February 20, 2019.
  9. Constine, Josh (January 29, 2019). "Facebook pays teens to install VPN that spies on them". TechCrunch. Archived from the original on March 7, 2020. Retrieved February 20, 2019.
  10. Owen, Malcolm (January 30, 2019). "Apple has revoked Facebook's enterprise developer certificates after sideload violations [u]". AppleInsider. Archived from the original on February 21, 2019. Retrieved February 20, 2019.
  11. Warren, Tom; Kastrenakes, Jacob (January 30, 2019). "Apple blocks Facebook from running its internal iOS apps". The Verge. Archived from the original on February 3, 2021. Retrieved February 20, 2019.
  12. Whittaker, Zack; Constine, Josh; Lunden, Ingrid (January 30, 2019). "Google will stop peddling a data collector through Apple's back door". TechCrunch. Archived from the original on Dec 16, 2019. Retrieved February 20, 2019.
  13. "Loophole allows pirated apps to be installed on Apple iPhones". NBC News. Reuters. February 14, 2019. Archived from the original on February 20, 2019. Retrieved February 20, 2019.
  14. "Two-factor authentication for Apple ID". Apple Support. Archived from the original on December 20, 2016. Retrieved December 6, 2016.
  15. "XNU". GitHub. Apple OSS Distributions. Archived from the original on November 17, 2022. Retrieved 17 November 2022.
  16. "Towards the next generation of XNU memory safety: kalloc_type". Apple Security Blog. October 27, 2022. Archived from the original on November 16, 2022. Retrieved 17 November 2022.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.