Apple Publishes New Apple Platform Security Guide

Coinciding with the launch of its public bug bounty program, Apple today published its new Apple Platform Security guide, offering users details about the security technology and features that are implemented within Apple platforms – including sections on Mac for the first time.


The documentation has been updated to reflect changes in iOS 13.3, iPadOS 13.3, macOS 10.15.2, tvOS 13.3, and watchOS 6.1.1. The Apple Platform Security site also covers hardware and services, providing comprehensive information in a readable format on the following topics:

  • Hardware Security and Biometrics: The hardware that forms the foundation for security on Apple devices, including the Secure Enclave, a dedicated AES crypto engine, Touch ID, and Face ID.
  • System Security: The integrated hardware and software functions that provide for the safe boot, update, and ongoing operation of Apple operating systems.
  • Encryption and Data Protection: The architecture and design that protects user data if the device is lost or stolen, or if an unauthorized person attempts to use or modify it.
  • App Security: The software and services that provide a safe app ecosystem and enable apps to run securely and without compromising platform integrity.
  • Services Security: Apple’s services for identification, password management, payments, communications, and finding lost devices.
  • Network Security: Industry-standard networking protocols that provide secure authentication and encryption of data in transmission.
  • Developer Kits: Frameworks for secure and private management of home and health, as well as extension of Apple device and service capabilities to third-party apps.
  • Secure Device Management: Methods that allow management of Apple devices, prevent unauthorized use, and enable remote wipe if a device is lost or stolen.
  • Security Certifications and Programs: Information on ISO certifications, Cryptographic validation, Common Criteria Certification, and the Commercial Solutions for Classified (CSfC) Program.

The site can be browsed from the Table of Contents at the top of the page, or a PDF of the documentation can be downloaded here.

Alongside its Platform Security site, Apple maintains a separate site covering the company's approach to privacy, privacy controls on Apple devices, and the Apple privacy policy.

If users believe they have discovered a security or privacy vulnerability that affects Apple devices, software, services, or web servers, Apple encourages them to report it by sending an email to product-security@apple.com along with any relevant videos, crash logs, and system diagnosis reports. More information on reporting a security or privacy vulnerability can be found here.

Top Rated Comments

(View all)
Avatar
15 weeks ago
Android/Windows users: Denial ain't just river in Eygpt.
Score: 4 Votes (Like | Disagree)
Avatar
15 weeks ago
It's great that it exists, but clear communications from Apple regarding bugs need to be established. I don't expect a heartfelt letter of thanks when I submit bugs, but something more than them sitting in a list without any kind of status indication puts me off.

Apple is great at marketing but their 'PR' is non-existent.

They need to talk more.
Score: 2 Votes (Like | Disagree)
Avatar
15 weeks ago


[...]

Not sure what this is, but PR is definitely the wrong word for it. Maybe Developer Relations?


DR then ?
Score: 2 Votes (Like | Disagree)
Avatar
15 weeks ago


I don't expect a heartfelt letter of thanks when I submit bugs, but something more than them sitting in a list without any kind of status indication puts me off.


I totally agree with this. I've reported two vulnerabilities to them in the past. Both times they credited me, but neither time did they acknowledge receipt of the bug, the vulnerability, that they had figured it out, or that they were going to fix it until just before the public release of the fix when they asked me how I wanted to be credited.

That was several weeks (months in one case) of stress worrying if I'd really got it in front of them in a way that they understood it.


Apple is great at marketing but their 'PR' is non-existent.


Not sure what this is, but PR is definitely the wrong word for it. Maybe Developer Relations?
Score: 1 Votes (Like | Disagree)
Avatar
15 weeks ago
This is very welcome, but unfortunately is an exception to the usual lack of decent, up to date documentation coming from Apple in recent years.
Score: 1 Votes (Like | Disagree)
Avatar
14 weeks ago
Good that they now include macOS.
[automerge]1576888438[/automerge]


Android/Windows users: Denial ain't just river in Eygpt.

Without even blinking you want this topic to be Android/Windows vs iOS/macOS. I pity you.
Score: 1 Votes (Like | Disagree)

Top Stories

Seemingly Unreleased Version of Logic Pro X With Live Loops Appears on Apple's Education Site [Updated]

Sunday March 29, 2020 7:23 am PDT by Hartley Charlton
Update: Apple has replaced the Logic Pro X image with an older version. Original story follows. A seemingly unreleased version of Logic Pro X has appeared on Apple's education site, as spotted by a Reddit user. The image from Apple's education products page shows a 16-inch MacBook Pro running Logic Pro X, but with a familiar interface that looks extremely similar to GarageBand's Live Loops ...

Zoom Updates iOS App to Stop Sending Data to Facebook

Friday March 27, 2020 5:35 pm PDT by Juli Clover
Zoom, a video conferencing app that many people are using at the current time to keep in touch with coworkers while working from home, was sending data to Facebook without disclosing the data sharing to customers. As of today, Zoom has updated its iOS app to remove the SDK that was providing data to Facebook through the Login with Facebook feature, according to Motherboard, the site that...

Apple Suppliers Worried About iPhone Demand, Production Ramp-Up for New iPhones Reportedly Postponed

Friday March 27, 2020 5:56 pm PDT by Juli Clover
Most of the factories in China that supply devices and components to Apple are back to churning out products, but Apple suppliers are said to be worried about how much demand there will be for the current iPhone models and the new iPhones expected in the fall. According to Reuters, a senior official at one of Apple's major supply companies said that orders for quarter ending in March are...

2020 iPad Pro Teardown Provides Closer Look at LiDAR Scanner and Confirms Incremental Update

Saturday March 28, 2020 9:56 am PDT by Hartley Charlton
iFixit today shared a video teardown of the new iPad Pro, which Apple unveiled earlier this month. iFixit found that most of the internals of the 2020 iPad Pro are the same as the 2018 model, confirming that the device is a relatively incremental update. The most notable new feature seen inside the new iPad Pro was the LiDAR scanner, which measures the distance to surrounding objects up...

Apple Watch Series 6 Could Feature Touch ID Fingerprint Sensor, Pulse Oximetry and Sleep Tracking Support

Friday March 27, 2020 11:28 am PDT by Juli Clover
The upcoming Apple Watch Series 6 set to be released this fall could include a Touch ID fingerprint sensor built into the crown of the device, according to Israeli site The Verifier, which cites "senior sources" who have worked with its staff for a "number of years" as the source of the rumor. It's not clear how the alleged Touch ID fingerprint sensor would be implemented, as the Digital...

Bloomberg: Apple's 5G iPhone Still on Schedule for Fall Launch, But Future Products Could Be Delayed

Monday March 30, 2020 2:40 am PDT by Tim Hardwick
Apple's 5G iPhone is still on track to launch within the company's typical annual fall release schedule, according to a new Bloomberg report on filed on Monday. Signs are that Apple's Chinese-centric manufacturing -- of which Hon Hai is the linchpin -- is slowly getting back on track. The next iPhones with 5G wireless capabilities remain on schedule to launch in the fall, partly because mass...

Kuo: Apple to Launch Several Macs With Arm-Based Processors in 2021, USB4 Support Coming to Macs in 2022

Thursday March 26, 2020 8:19 pm PDT by Joe Rossignol
Apple plans to launch several Mac notebooks and desktop computers with its own custom designed Arm-based processors in 2021, analyst Ming-Chi Kuo said today in a research note obtained by MacRumors. Kuo believes that Arm-based processors will significantly enhance the competitive advantage of the Mac lineup, allow Apple to refresh its Mac models without relying on Intel's processor roadmap,...

Top Stories: Hands-On With 2020 iPad Pro and MacBook Air, iOS and iPadOS 13.4 Released, iPhone 12 Delay?

Saturday March 28, 2020 6:00 am PDT by MacRumors Staff
After last week's flurry of product launches, Apple's new iPad Pro and MacBook Air have started to make their way into consumers' hands, and we've gone hands-on with both of them this week. Apple this week also released iOS and iPadOS 13.4 (as well as macOS, watchOS, and tvOS updates) with a number of new features and improvements. Subscribe to the MacRumors YouTube channel for more videos. ...

Deals: Huge Refurbished iPhone Sale Discounts iPhone 7, 8, X, XR, and XS (From $120)

Friday March 27, 2020 5:47 am PDT by Mitchel Broussard
Woot is back today with a big sale on refurbished iPhones, including markdowns on the iPhone 7, iPhone 7 Plus, iPhone 8, iPhone 8 Plus, iPhone X, iPhone XR, iPhone XS, and iPhone XS Max. Note: MacRumors is an affiliate partner with Woot. When you click a link and make a purchase, we may receive a small payment, which helps us keep the site running. As with every Woot purchase, those...

Apple Releases ProRes RAW Beta for Windows

Monday March 30, 2020 9:33 am PDT by Juli Clover
Apple today released ProRes RAW for Windows in a beta capacity (via Mark Gurman), with the software designed to allow ProRes RAW and ProRes RAW HQ video files to be watched in compatible applications on Windows machines. According to Apple, the software will let the files be played within several Adobe apps: Adobe After Effects (Beta) Adobe Media Encocder (Beta) Adobe Premiere...