“I am constantly referring to that guide, and have been for years,” says Sarah Edwards, a longtime Apple security researcher. “I use it for all aspects of my research, my day job, my teaching gig, everything. About once a year or so I sit down with it on my iPad and read it page by page to see what I might have missed before or what happens to 'click' when I review it again after learning something through my research.”
This year's edition contains significantly expanded information about hardware like M1, new details about the secure enclave, and an accounting of a host of software features.
Researchers and hackers alike glean a lot through reverse engineering, the process of determining how something is built by examining the finished product. That "security through obscurity" helps keep attackers at bay to a degree, but by releasing the Platform Security Guide, Apple can help its customers take advantage of its defensive features while also providing guideposts for security researchers, in hopes that they can find vulnerabilities before the bad guys do.“Everything can be reverse engineered. That’s a lot of fun, at least for me,” says Will Strafach, a longtime iOS researcher and creator of the Guardian Firewall app for iOS . “But having a verbose and well-detailed authoritative document from Apple is helpful, as it allows folks to know the intentions and limitations associated with certain security capabilities. Apple always does a great job with it, even if it doesn’t dive too deeply in the weeds."
Researchers say they always have some “wish list” items that they want Apple to include in future guides. Strafach wants to know more about how M1 chips securely handle booting other operating systems, always a question for jailbreakers when Apple releases new processors. And he is curious about Apple's iOS 14 enhancements that were meant to negate a ubiquitous jailbreak exploit but can be circumvented in some cases.Researchers each have specific, even esoteric hopes and dreams for new guides based on their specialities. Patrick Wardle, an independent Apple security researcher, said he was hoping to see more details on Apple's own antivirus and malware detection tools, something the company added in today's report. He still hopes to get more insight, though, into how to control some macOS features more granularly.