Full Video of Apple Engineer's Black Hat Security Talk Now Available
Earlier this month, Apple's head of security engineering Ivan Krstic gave a talk at the Black Hat Conference, an annual event designed for the global InfoSec community. During the event, Krstic spoke about Apple security and unveiled the company's new bug bounty program.
Krstic's briefing is now available in full on YouTube, shared this morning on the Black Hat YouTube channel in a video entitled "Behind the Scenes of iOS Security."
In the talk, Krstic covers three major iOS security mechanisms -- HomeKit, Auto Unlock, and iCloud Keychain -- in "unprecedented technical detail," along with other iOS security measures.
HomeKit, Auto Unlock and iCloud Keychain are three Apple technologies that handle exceptionally sensitive user data - controlling devices (including locks) in the user's home, the ability to unlock a user's Mac from an Apple Watch, and the user's passwords and credit card information, respectively. We will discuss the cryptographic design and implementation of our novel secure synchronization fabric which moves confidential data between devices without exposing it to Apple, while affording the user the ability to recover data in case of device loss.
Data Protection is the cryptographic system protecting user data on all iOS devices. We will discuss the Secure Enclave Processor present in iPhone 5S and later devices and explain how it enabled a new approach to Data Protection key derivation and brute force rate limiting within a small TCB, making no intermediate or derived keys available to the normal Application Processor.
Traditional browser-based vulnerabilities are becoming harder to exploit due to increasingly sophisticated mitigation techniques. We will discuss a unique JIT hardening mechanism in iOS 10 that makes the iOS Safari JIT a more difficult target.
The most notable moment of Krstic's briefing features the unveiling of Apple's first ever bug bounty program, which will see the company paying out up to $200,000 to researchers who discover vulnerabilities in Apple software. Apple's bug bounty program, initially limited to a few dozen researchers, launches this September.
Popular Stories
While the iPhone 17 Pro and iPhone 17 Pro Max are not expected to launch until September, there are already plenty of rumors about the devices.
iPhone 17 Pro's alleged design via Front Page Tech
Below, we recap key changes rumored for the iPhone 17 Pro models as of March 2025:
Aluminum frame: iPhone 17 Pro models are rumored to have an aluminum frame, whereas the iPhone 15 Pro and iPhone...
Apple today announced refreshed 13- and 15-inch MacBook Air models, now featuring the M4 chip, an upgraded camera, and a new "Sky Blue" color option.
"Sky Blue" is an all-new blue finish that joins Midnight, Starlight, and Silver. Apple describes it as a "beautiful, metallic light blue that creates a dynamic gradient when light reflects off of its surface." Space Gray is no longer available. ...
Apple today announced the 11th-generation iPad, now featuring the A16 chip and more storage.
The announcement came alongside the debut of the new iPad Air, which now features the M3 chip. From Apple's press release:
The A16 chip provides a jump in performance for everyday tasks and experiences in iPadOS, while still providing all-day battery life. Compared to the previous generation, the...
Apple today introduced new 11-inch and 13-inch iPad Air models with the M3 chip, along with an updated Magic Keyboard for the device.
With the M3 chip, the new iPad Air should offer up to 20% faster performance compared to the previous-generation model with the M2 chip, which was released in May 2024. In addition, the M3 chip brings hardware-accelerated ray tracing to the iPad Air for the...
The upcoming iOS 18.4 update for the iPhone includes two smaller but meaningful improvements for Apple's in-car iPhone mirroring system CarPlay.
First, CarPlay now shows a third row of icons, up from two rows previously. However, this change is only visible in vehicles with a larger center display. For example, a MacRumors Forums member noticed the change in a Toyota Tundra with a 14-inch...
The new MacBook Air has a useful upgrade: it natively supports up to two external displays, in addition to the laptop's built-in display.
In other words, the latest MacBook Air can be used with a pair of external displays without needing to keep the laptop's lid closed.
Apple's tech specs for the new 13-inch and 15-inch MacBook Air:Simultaneously supports full native resolution on the...
Apple today announced that it has updated the Mac Studio with M4 Max and M3 Ultra chip options, Thunderbolt 5 ports, and more.
The M4 Max chip was already released last year in the 14-inch and 16-inch MacBook Pro. It can be configured with up to a 16-core CPU, up to a 40-core GPU, and up to 128GB of unified RAM. Geekbench 6 benchmark results indicate that the M4 Max is up to 75% faster than...
Apple today updated the MacBook Air with the M4 chip, and the laptop is also available in an all-new Sky Blue finish alongside Silver, Starlight, and Midnight.
YouTuber Andru Edwards has showed off the Sky Blue color in a few real-world photos.
Keep in mind that the Sky Blue finish is not very saturated. However, the color's appearance will vary based on lighting conditions.
View ...
Apple today announced a completely redesigned Magic Keyboard accessory for the iPad Air.
The new keyboard features a larger built-in trackpad, a 14-key function row, and a new aluminum hinge. From Apple's press release:
The all-new Magic Keyboard for iPad Air expands what users can do at an even lower price. The larger built-in trackpad brings greater precision for detail-oriented...
