Page 2 of 2
Apple's code signing applies to all iOS apps, including Mail, Safari and third party apps on its App Store. This, De Atley said, lets Apple ensure that all software running on the device is coming from a known location.
"This fundamentally represents the first line of defense against malware on the device. It means we can sidestep an entire class of malware," he said.
With sandboxing, the goal is to physically separate processes from one another so a vulnerability in one portion of the system can't wreak havoc on the entire OS. In the iOS world, all third party apps live in their own secure container, which is itself randomly assigned at the time of each install, in a random location, De Atley said.
"This means apps are not hard coded where they live on the device," he said. It's building a layer of abstraction between user data and other apps on the system."
With so much personal and sensitive corporate data residing on iOS devices, Apple has spent a great deal of time figuring out ways to protect that data, de Atley said. Nand Flash makes it difficult to delete data, so Apple developed a technology called "effaceable storage" that reliably erases data, allowing for local and remote wiping of data, he said.
"These devices know an awful lot about how we live our lives," he said.
De Atley did not take Q&A after his presentation, and he and the rest of the Apple security team slipped hastily out a side door as Black Hat attendees approached the stage afterwards.
Apple certainly broke ground by presenting at Black Hat this year, but whether it will continue to engage and work closely with security researchers remains to be seen.