Daniel Hruska Are you concerned about your safety while using your iDevice? Apple has just prepared a guide for you in the form of PDF document. If you're interested in Apple's security solution, be sure to read this document, hopefully you'll sleep better.
The server first reported the existence of the manual ThreadPost, which belongs under the wings of a well-known company Kaspersky Lab. The document is aimed at individuals and companies to understand the built-in security features of iOS and how they work together to ensure comprehensive system security.
"iOS Security," as the guide is called, is the first real public documentation of the security architecture implemented in iOS that protects iPhones, iPads, and iPod touches. Security researchers have been trying to reverse engineer the entire operating system for a long time. Now everything is described in the manual.
One of the most discussed topics in the manual is the implementation of ASLR (Address space layout randomization), which serves as a prevention against an attack by modifying part of the memory. Although the researchers found the presence of ASLR, Apple did not comment on it. A significant part of the manual also includes code signing.
Accuvant researcher and consultant Charlie Miller says that the iOS security guide does not contain much information but only general facts. "Apple doesn't reveal much about its security mechanisms in detail," explains Miller, co-author of the book iOS Hacker's Handbook. “When they introduced ASLR, they didn't let anyone know. They never explained how code signing works. There is essentially nothing new in the manual, which means that the reverse engineering has worked great in this case. We figured it all out on our own.”
