Apple publishes guide to iOS security
Security on iOS devices is becoming more of a hot topic these days, what with security notables like Eugene Kaspersky warning of future malware attacks that could take down the immense monoculture operating system. Apple's not ignoring the threat; in fact, the company has published a 19-page iOS security document outlining the company's commitment to security on the mobile platform.
The free PDF document, available here, describes Apple's approach to security. The system architecture section details the integration of hardware and software on the devices and how it allows for the validation of activities through all processes.
For example, when an iOS device is first turned on it goes through a cryptographically signed boot up process, each step of which proceeds only after verifying the chain of trust. There's a description of how app code signing and sandboxing are used to ensure that apps can't compromise the system or other apps.
I personally found the hardware security features built into every iOS device to be fascinating -- a dedicated AES256 crypto engine lodged between flash storage and system memory, using the device's UID and a group ID to cryptographically tie data to a particular device. There's also a fully detailed description of device access and network security.
The document should be of great interest (and comfort) to those deploying large numbers of iOS devices in enterprises and government settings.
Deals of the Daymore deals
Software Updatesmore updates
- Agile Partners releases Lick of the Day 2.0
- Microsoft Office for Mac 2011 Update 14.3.4
- Pixelmator 2.2 available with over 100 new features and improvements
- DabKick for iPhone lets you share photos, watch videos and now listen to music in real-time
- Google Now added to search app on iPhone, iPad
- GateGuru for iPhone has been updated and greatly improved