Zilele trecute v-am spus ca in cadrul Black Hat 2012 Apple va tine o prezentare despre securitatea iOS-ului si iata ca in cursul acestei zile un reprezentant Apple au vorbit despre felul in care va evolua iOS-ul. Din pacate prezentarea tinuta de catre Dallas De Atley nu a reusit sa uimeasca audienta, majoritatea celor prezenti parand a fi plictisiti dupa acultarea informatiilor pe care majoritatea le stiau deja. Timp de o ora reprezentantul Apple a vorbit, apoi a parasit scena si nu a raspuns intrebarilor celor prezenti, insa faptul ca Apple a fost reprezentata acolo este un inceput.
Mai jos aveti cateva detalii cu privire la eveniment, asa cum le-a vazut un trimis al New York Times.
“Our attitude is: security is architecture. It has to be built in from the very beginning,” Mr. De Atley said. In building the iPhone, he said, Apple took a bare-bones approach and sought to use the minimum number of components. Apple purposefully decided not to ship the phone with a shell, or support remote log-in access. “There’s an entire set of attack vectors we don’t have to fundamentally worry about on iOS,” he said.
Mr. De Atley highlighted a number of “sandboxing” technologies Apple had in place. “The goal is to physically isolate and separate processes from each other so that if one has a flaw, it can’t easily wreak havoc on the rest of the system.”
As examples, he noted that all third-party apps were stored in their own container on users’ devices. User data is kept partitioned from the device’s operating system so that any updates to the system do not affect the user’s personal data. He added that every single file created on the iPhone gets its own encryption key and is wrapped in the user’s passcode.
