Apple is hacking its own devices to strengthen hardware security



iPhones sold by Apple are exposed to threats such as spyware on a daily basis. In response to these threats, Apple's engineers are leveraging various types of technology to break through the security of devices.

iPhone: Why Apple is working hard to break into its own phones | The Independent

https://www.independent.co.uk/tech/why-apple-is-working-hard-to-break-into-its-own-iphones-b2449242.html



Apple's Paris engineers work to break iPhone security

https://appleinsider.com/articles/23/11/18/apple-uses-paris-engineers-to-break-and-harden-iphone-security

Apple's head of security speaks out against iPhone app sideloading in new interview - 9to5Mac
https://9to5mac.com/2023/11/18/apple-head-of-security-iphone-app-sideloading/

Spyware such as the smartphone monitoring software Pegasus uses vulnerabilities hidden in iPhone and Android software to infiltrate users' devices. Such software-related vulnerabilities can be countered by distributing security patches. On the other hand, hardware-based vulnerabilities require physical replacement, so methods such as 'fixing' them cannot be used. Therefore, Apple is conducting an initiative in Paris, France, in which its engineers physically attack various hardware, including devices that have not yet been released.

In Apple's research conducted in Paris, security holes are detected by capturing signals emitted from the hardware with various sensors while applying loads such as irradiating the hardware with laser light, heating it, and cooling it. trying to discover. If a problem is found by putting a load on the hardware, that information will be shared within Apple and various efforts will be made to fix it.



Apple has been doing this on numerous devices, including unreleased iPhones, and is said to have been testing it for years before large-scale production began. 'As technology advances and becomes more widespread, security attack vectors are increasing,' said Ivan Krstic, chief of security engineering and architecture at Apple. 'The nature of the battle for security is to continue to advance security protections and take steps to address not only current attacks, but also what future attacks will look like.' It’s about continuing to strive to stay ahead of the curve.”

Krstic also mentioned that Apple will allow `` sideloading ,'' which is the installation of apps from sources other than Apple's official app store. It's possible that the software you need will only be available from an app store other than the App Store, in which case you'll be using third-party apps, but from a security perspective, these apps should only be available from the App Store. It is not as secure as apps distributed on ``.'', expressing a negative opinion about the introduction of sideloading.

Apple releases a report stating that it is ``for user safety'' to prevent apps from being available outside of the App Store - GIGAZINE



Craig Federighi , Apple's senior vice president of software engineering, also stated in 2021 that ``sideloading is closely tied to cybercrime.'' However, Mr. Federighi admitted in January 2023 that he has no choice but to comply with the European Union's (EU) Digital Market Law, which allows sideloading.

in Software,   Hardware,   Security, Posted by log1r_ut