Apple's Head of Security Engineering and Architecture Ivan Krstić will be attending the Black Hat 2019 event where he will give a "Behind the Scenes" look at iOS and macOS security.

Black Hat is an annual event that's designed for the global InfoSec community, providing security professionals with a place to meet up and gain training on new techniques.

blackhat2019
According to the webpage for the upcoming event, Krstić will be covering "several key technologies" new to iOS 13 and the Mac, including Pointer Authentication Codes in Apple's latest iPhone chips, the T2 security chip in Macs, and the cryptography behind the Find My feature in iOS 13 and macOS Catalina.

Code integrity enforcement has long been a critical part of the iOS security architecture. Starting with ‌iPhone‌ 7, we began to fortify core pieces of this security mechanism with new features built directly into Apple silicon. We will delve into the history of code and memory integrity technologies in the iOS kernel and userland, culminating in Pointer Authentication Codes (PAC) in the Apple A12 Bionic and S4 chips. PAC prohibits modification of function pointers, return addresses and certain data, preventing traditional exploitation of memory corruption bugs. We will take a close look at how PAC is implemented, including improvements in iOS 13. We will also discuss previously-undisclosed VM permission and page protection technologies that are part of our overall iOS code integrity architecture.

The T2 Security Chip brought powerful secure boot capabilities to the Mac. Comprehensively securing the boot process required protections against sophisticated direct memory access (DMA) attacks at every point, even in the presence of arbitrary Option ROM firmware. We will walk through the boot sequence of a Mac with the T2 Security Chip and explain key attacks and defenses at each step, including two industry-first firmware security technologies that have not been publicly discussed before.

The ‌Find My‌ feature in iOS 13 and macOS Catalina enables users to receive help from other nearby Apple devices in finding their lost Macs, while rigorously protecting the privacy of all participants. We will discuss our efficient elliptic curve key diversification system that derives short non-linkable public keys from a user's keypair, and allows users to find their offline devices without divulging sensitive information to Apple.

The 2019 Black Hat event will take place from August 3 to August 8 at the Mandalay Bay resort in Las Vegas, Nevada. Krstić has hosted similar talks in the past, including a look at new features in iOS 10 back in 2016.

Top Rated Comments

69Mustang Avatar
26 months ago
Apple's Head of Security Engineering and Architecture Ivan Krstic announces the Mac OS bounty program at the Black Hat 2019... that would be a pretty kick ass headline.
Score: 4 Votes (Like | Disagree)
69Mustang Avatar
26 months ago
Does he attend every year? If not, he might in fact introduce a bounty program for the Mac after his “presentation”.
I have no idea. I have never heard of this guy. Apple should have a bounty program for Macs. There's really no reason for it not to exist.
Score: 2 Votes (Like | Disagree)
twinlight Avatar
26 months ago
Will watch 100%. Will understand 25% at best.
Score: 2 Votes (Like | Disagree)
allan.nyholm Avatar
26 months ago
Ever heard of Ivan Krsti? No, I haven't either.. What's his name again? Ivan Krstić. A tip, copy his name off of Wikipedia, insert the last name into TextEdit - Convert to Plain text - copy paste into MacRumors and make everyone believe you have the upperhand.
Score: 1 Votes (Like | Disagree)

Top Stories

EEC Apple iphone 13

Apple Registers iPhone 13 Models in Eurasia Ahead of September Launch

Friday June 11, 2021 2:16 am PDT by
Nashville Chatter Class has discovered a new Russian-language regulatory filing in the Eurasian Economic Commission (EEC) database pointing towards several unreleased iPhone 13 models that Apple will be launching in the fall. Versions of iPhone running iOS 14 are listed with the model numbers A2628, A2630, A2634, A2635, A2640, A2643, and A2645. None of the numbers correspond to Apple's...
ios 15 home screen icons

iOS 15 Lets You Drag and Drop Images and Text Across Apps

Saturday June 12, 2021 3:17 pm PDT by
Apple this week previewed iOS 15, which is available now in beta for developers ahead of a public release later this year. One smaller but useful new feature added is the ability to drag and drop images, text, files, and more across apps on iPhone. MacStories editor-in-chief Federico Viticci demonstrated the new feature in a tweet: Using cross-app drag and drop on iPhone in iOS 15. Finally 🎉 #WW ...
ipad mini 6

Next iPad Mini Will Allegedly Feature Thinner Bezels, USB-C Port, and Touch ID Power Button

Friday June 11, 2021 1:13 pm PDT by
On his newly launched Front Page Tech website, leaker Jon Prosser has shared renders showing off the alleged design of the next-generation iPad mini, which he says are based on schematics, CAD files, and real images of the device. In line with details shared earlier this month by Bloomberg's Mark Gurman and Debby Wu, Prosser claims that the new iPad mini will feature slimmer bezels around...
iphone12protriplelenscamera

Apple's Orders for Key iPhone 13 Camera Component Expected to Outstrip Entire Android Market

Wednesday June 9, 2021 12:47 am PDT by
Major camera upgrades coming to the iPhone 13 series are putting increased pressure on suppliers to meet Apple's demand for key lens components, according to a new DigiTimes report. Apple has reportedly put Taiwan-based makers of voice coil motor (VCM) components on notice to increase their capacity by 30-40% in order to meet the company's demand, which is expected to outstrip the entire...
apple virtual game controller ios 15

Apple Makes New On-Screen Game Controller Available to Developers on iOS 15 and iPadOS 15

Saturday June 12, 2021 12:36 pm PDT by
During the Platforms State of the Union at WWDC this week, Apple unveiled a new API for iOS 15 and iPadOS 15 that enables developers to implement an on-screen virtual game controller in their iPhone and iPad games with just a few lines of code. While many iPhone and iPad games already offer on-screen controls, Apple's new virtual game controller is available to all developers, easy to add,...
macos monterey tidbits feature copy

macOS Monterey Tidbits: Animated Memoji on Login Screen, Change the Color of the Mouse Pointer, and More

Friday June 11, 2021 10:27 am PDT by
We've highlighted several new features coming in macOS Monterey, such as Low Power Mode and the option to erase a Mac without reinstalling the operating system, but there are some smaller tidbits that we wanted to share. Animated Memoji on Login Screen One small but fun new feature in macOS Monterey is the addition of a personalized Memoji on the login screen, complete with animated facial...
mr white ipod touch 5 protoype3

Unreleased iPod Touch 5 With Chamfered Edges and 30-Pin Dock Connector Shared Online

Thursday June 10, 2021 2:05 am PDT by
Occasional leaker Mr White has today shared interesting images on Twitter of what appears to be an old-school fifth-generation iPod touch prototype with chamfered edges and a brushed aluminum finish. The original iPod touch 5 that Apple released in October 2012 had a unibody anodized aluminum chassis with rounded edges, and was available in several colors, including slate. Another...
maxresdefault

Apple Promotes iPad Pro in New Ad With 'The Little Mermaid' Musical Spin

Saturday June 12, 2021 7:01 am PDT by
In a currently unlisted ad on YouTube, Apple is promoting the versatility, portability, and power of the M1 iPad Pro in a fun musical inspired by The Little Mermaid's "Part of Your World" soundtrack. In the ad, which features the main character using an M1 iPad Pro, Magic Keyboard, and Apple Pencil, multiple users can be seen struggling with their old PCs indoors while hoping that they can...
passwords system preferences

macOS Monterey Features Dedicated Password Section in System Preferences, Built-In Authenticator and More

Friday June 11, 2021 2:32 pm PDT by
macOS Monterey makes several improvements to password management, positioning iCloud Keychain as an ideal password service to replace third-party services like Lastpass and 1Password. In System Preferences, there's a new "Passwords" section that houses all of your iCloud Keychain logins and passwords so they're easier to get to, edit, and manage. There's a similar Passwords section that's...
Dark Sky App Featured

Dark Sky iOS App, Website, and API Now Scheduled to Remain Available Until End of 2022

Thursday June 10, 2021 7:34 am PDT by
Last year, Apple acquired the weather app Dark Sky, and shortly after its purchase, Apple shut down the app for Android. Despite the revamped iOS 15 Weather app taking heavy inspiration from Dark Sky, the weather's app standalone iOS app, web app, and API will remain available until the end of next year, compared to the end of this year, as previously planned. Dark Sky announced in an update ...