BT

Dan Guido: Modern iOS Application Security

| by Ralph Winzinger Follow 0 Followers on Jun 17, 2016. Estimated reading time: 3 minutes | NOTICE: The next QCon is in San Francisco Nov 5 - 9, 2018. Save an extra $100 with INFOQSF18!

As mobile applications still gain in popularity and more and more transactions are carried out via mobile devices, security is topic of growing importance. In his talk "Modern iOS Application Security" at QCon New York 2016, Dan Guido takes a closer look at iOS security.

Guido starts by explaining the security mechanisms in place for iOS applications. The security model consists of various levels from securing communication channels down to hardware based device specific encryption:

  • Transport Layer Security: iOS provides support for securing network connections.
  • Data Protection: iOS offers strong encryption for nearly all files used by applications.
  • Code Signing: Since Apple requires every piece of code to be signed, memory contents in a granularity of 4kB pages can be traced down to an individual developer.
  • Runtime Process Security: iOS isolates processes via strong sandboxing. Processes are not able to access the memory of other processes.
  • Secure Enclave: Newer iOS devices with fingerprint sensor feature hardware based encryption keys that are uniquely generated for every device at manufacturing time and reside outside the operating system.

While these mechanisms provide very secure environments for apps, Guido continuous showing the threads that still have to be kept in mind.

Transport Layer Security is not mandatory for all network connections but without proper data encryption and certificate checking, information is vulnerable to man in the middle attacks. All necessary mechanisms can be activated while configuring network connections or even easier by embedding libraries like TrustKit that will handle security in the background.

Data Protection is a very powerful mechanism which also lead to the recent dispute between Apple and the FBI. If data is encrypted using the internal hardware key, it cannot be encrypted outside the device. Thus, sensitive data should always be encrypted with passcode and device id. Though, developers still would have to avoid data leakage. There are apps and tools which try to find data in places where it is not highly secure like the pasteboard or preferences and cookies. Furthermore, sensitive data should be minimized - developers should avoid to backup or sync that data, background screen shots and logging should exclude sensitive data and keyboard caches need to be deactivated.

According to Guido, following those guidelines provides a high level of application security but there is one more thing that developers need to take care of: Jailbreaks. As soon as a device is jailbroken, all of the above security mechanisms might get rendered useless - no matter if the jailbreak was installed voluntarily or maliciously. If a developer needs to provide high security she or he has to ensure that no jailbreak is active:

  • Jailbreak detection - developers can check for certain traces that are left behind when jailbreaks are installed. This included specific files and processes.
  • Anti-debug protection - developers need to make sure that their application won't run in debug mode because any jailbreak detection would be visible there.
  • Anti-reversing - developers need to make sure that their code can't be re-engineered in a useful way. Usually this is done by artificially making the code larger and more complex.

Guido concludes with hinting at the fact that LLVM only produces bitcode instead of machine code. Apple uses this to actually change or optimize the code for different platforms and developers can use the same concept add automatic security hardening already in the IDE. There are also toolkits like MAST that can be used in this context.

Please note that most QCon presentations will be made available for free on InfoQ in the weeks after the conference and slides are available for download on the conference web site.

Rate this Article

Adoption Stage
Style

Hello stranger!

You need to Register an InfoQ account or or login to post comments. But there's so much more behind being registered.

Get the most out of the InfoQ experience.

Tell us what you think

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Email me replies to any of my messages in this thread
Community comments

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Email me replies to any of my messages in this thread

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Email me replies to any of my messages in this thread

Discuss

Login to InfoQ to interact with what matters most to you.


Recover your password...

Follow

Follow your favorite topics and editors

Quick overview of most important highlights in the industry and on the site.

Like

More signal, less noise

Build your own feed by choosing topics you want to read about and editors you want to hear from.

Notifications

Stay up-to-date

Set up your notifications and don't miss out on content that matters to you

BT