back to agenda

on this page

The Evolution of iOS Security

  • 17:20
  • Thu
  • 17 Nov
Technical Focus
Briefing Stage 2


In the last few years Apple has reached its highest install base ever with almost 2 billion active devices in use by customers around the world. As a result, it has become a prevalent target for attackers and spywares. Apple, on the other hand has implemented in-depth security measure from the hardware to software, and implemented several modern memory level mitigations that raise the bar for exploitation. In this talk, we will discover some of the most important security mitigations put in place by Apple, along with the bypasses that led to further evolution of such mitigations. We will discuss mitigatons such PAC, PAN, AMCC, KTRR, PPL, Code Signing, Sandboxing, zone require etc in iOS along with some browser mitigations such as JIT hardening and discuss some of its previous bypass techniques. We will then look at how an iOS Researcher can get started with understanding the implementation of such vulnerabilities, and provide insight on high-level exploit flow and list the exploit primitives and techniques used in-the-wild to achieve it.