Apple Publishes New Apple Platform Security Guide

by

Coinciding with the launch of its public bug bounty program, Apple today published its new Apple Platform Security guide, offering users details about the security technology and features that are implemented within Apple platforms – including sections on Mac for the first time.

apple platform security site
The documentation has been updated to reflect changes in iOS 13.3, iPadOS 13.3, macOS 10.15.2, tvOS 13.3, and watchOS 6.1.1. The Apple Platform Security site also covers hardware and services, providing comprehensive information in a readable format on the following topics:

  • Hardware Security and Biometrics: The hardware that forms the foundation for security on Apple devices, including the Secure Enclave, a dedicated AES crypto engine, Touch ID, and Face ID.
  • System Security: The integrated hardware and software functions that provide for the safe boot, update, and ongoing operation of Apple operating systems.
  • Encryption and Data Protection: The architecture and design that protects user data if the device is lost or stolen, or if an unauthorized person attempts to use or modify it.
  • App Security: The software and services that provide a safe app ecosystem and enable apps to run securely and without compromising platform integrity.
  • Services Security: Apple’s services for identification, password management, payments, communications, and finding lost devices.
  • Network Security: Industry-standard networking protocols that provide secure authentication and encryption of data in transmission.
  • Developer Kits: Frameworks for secure and private management of home and health, as well as extension of Apple device and service capabilities to third-party apps.
  • Secure Device Management: Methods that allow management of Apple devices, prevent unauthorized use, and enable remote wipe if a device is lost or stolen.
  • Security Certifications and Programs: Information on ISO certifications, Cryptographic validation, Common Criteria Certification, and the Commercial Solutions for Classified (CSfC) Program.

The site can be browsed from the Table of Contents at the top of the page, or a PDF of the documentation can be downloaded here.

Alongside its Platform Security site, Apple maintains a separate site covering the company's approach to privacy, privacy controls on Apple devices, and the Apple privacy policy.

If users believe they have discovered a security or privacy vulnerability that affects Apple devices, software, services, or web servers, Apple encourages them to report it by sending an email to product-security@apple.com along with any relevant videos, crash logs, and system diagnosis reports. More information on reporting a security or privacy vulnerability can be found here.

Tag: Apple Security

Popular Stories

iPhone SE 4 Vertical Camera Feature

iPhone SE 4 Rumored to Use Same Rear Chassis as iPhone 16

Friday July 19, 2024 7:16 am PDT by
Apple will adopt the same rear chassis manufacturing process for the iPhone SE 4 that it is using for the upcoming standard iPhone 16, claims a new rumor coming out of China. According to the Weibo-based leaker "Fixed Focus Digital," the backplate manufacturing process for the iPhone SE 4 is "exactly the same" as the standard model in Apple's upcoming iPhone 16 lineup, which is expected to...
Read Full Article135 comments
iPhone 16 Pro Sizes Feature

iPhone 16 Series Is Just Two Months Away: Everything We Know

Monday July 15, 2024 4:44 am PDT by
Apple typically releases its new iPhone series around mid-September, which means we are about two months out from the launch of the iPhone 16. Like the iPhone 15 series, this year's lineup is expected to stick with four models – iPhone 16, iPhone 16 Plus, iPhone 16 Pro, and iPhone 16 Pro Max – although there are plenty of design differences and new features to take into account. To bring ...
Read Full Article129 comments
iphone 14 lineup

Cellebrite Unable to Unlock iPhones on iOS 17.4 or Later, Leak Reveals

Thursday July 18, 2024 4:18 am PDT by
Israel-based mobile forensics company Cellebrite is unable to unlock iPhones running iOS 17.4 or later, according to leaked documents verified by 404 Media. The documents provide a rare glimpse into the capabilities of the company's mobile forensics tools and highlight the ongoing security improvements in Apple's latest devices. The leaked "Cellebrite iOS Support Matrix" obtained by 404 Media...
Read Full Article66 comments
tinypod apple watch

TinyPod Turns Your Apple Watch Into an iPod

Wednesday July 17, 2024 3:18 pm PDT by
If you have an old Apple Watch and you're not sure what to do with it, a new product called TinyPod might be the answer. Priced at $79, the TinyPod is a silicone case with a built-in scroll wheel that houses the Apple Watch chassis. When an Apple Watch is placed inside the TinyPod, the click wheel on the case is able to be used to scroll through the Apple Watch interface. The feature works...
Read Full Article133 comments
bsod

Crowdstrike Says Global IT Outage Impacting Windows PCs, But Mac and Linux Hosts Not Affected

Friday July 19, 2024 3:12 am PDT by
A widespread system failure is currently affecting numerous Windows devices globally, causing critical boot failures across various industries, including banks, rail networks, airlines, retailers, broadcasters, healthcare, and many more sectors. The issue, manifesting as a Blue Screen of Death (BSOD), is preventing computers from starting up properly and forcing them into continuous recovery...
Read Full Article480 comments
Apple Watch Series 9

2024 Apple Watch Lineup: Key Changes We're Expecting

Tuesday July 16, 2024 7:59 am PDT by
Apple is seemingly planning a rework of the Apple Watch lineup for 2024, according to a range of reports from over the past year. Here's everything we know so far. Apple is expected to continue to offer three different Apple Watch models in five casing sizes, but the various display sizes will allegedly grow by up to 12% and the casings will get taller. Based on all of the latest rumors,...
Read Full Article38 comments

Top Rated Comments

bobob Avatar
bobob
60 months ago
Android/Windows users: Denial ain't just river in Eygpt.
Score: 4 Votes (Like | Disagree)
Puppuccino Avatar
Puppuccino
60 months ago
It's great that it exists, but clear communications from Apple regarding bugs need to be established. I don't expect a heartfelt letter of thanks when I submit bugs, but something more than them sitting in a list without any kind of status indication puts me off.

Apple is great at marketing but their 'PR' is non-existent.

They need to talk more.
Score: 2 Votes (Like | Disagree)
Puppuccino Avatar
Puppuccino
60 months ago

[...]

Not sure what this is, but PR is definitely the wrong word for it. Maybe Developer Relations?
DR then ?
Score: 2 Votes (Like | Disagree)
sdf Avatar
sdf
60 months ago

I don't expect a heartfelt letter of thanks when I submit bugs, but something more than them sitting in a list without any kind of status indication puts me off.
I totally agree with this. I've reported two vulnerabilities to them in the past. Both times they credited me, but neither time did they acknowledge receipt of the bug, the vulnerability, that they had figured it out, or that they were going to fix it until just before the public release of the fix when they asked me how I wanted to be credited.

That was several weeks (months in one case) of stress worrying if I'd really got it in front of them in a way that they understood it.


Apple is great at marketing but their 'PR' is non-existent.
Not sure what this is, but PR is definitely the wrong word for it. Maybe Developer Relations?
Score: 1 Votes (Like | Disagree)
madmin Avatar
madmin
60 months ago
This is very welcome, but unfortunately is an exception to the usual lack of decent, up to date documentation coming from Apple in recent years.
Score: 1 Votes (Like | Disagree)
Lalatoon Avatar
Lalatoon
60 months ago
Good that they now include macOS.


Android/Windows users: Denial ain't just river in Eygpt.
Without even blinking you want this topic to be Android/Windows vs iOS/macOS. I pity you.
Score: 1 Votes (Like | Disagree)
Read All Comments