WWDC 2016 recently took place and Apple impressed again with a bunch of new features introduced across their suite of products. With over 5,000 attendees at Bill Graham Civic Auditorium in San Francisco and millions watching the live stream, WWDC 2016 was considered a huge success.
Ivan Krstic introduced us to iOS security fundamentals, urging the developers to go through the 63-page iOS security white paper and build more secure applications while Lucia Ballard and Simon Cooper presented what is new in Security.
If we had to pick the most important security related excerpt from this presentation it would be: “HTTPS is the new HTTP and not all HTTPS is created equally”.
Still, the biggest news related to iOS 10 came a few days later. Security researchers discovered that the core of the the operating system was left unencrypted. Of course this does not mean that devices running iOS 10 are less secure. Researchers are already hard at work trying to discover flaws and as long as they follow ethical disclosure, the vulnerabilities will be patched quicker than in the past.
Wandera is a vociferous advocate of mobile security and data privacy. We recently brought to light that the most popular business apps are leaking personal data! So naturally, we were thrilled to learn about Apple’s push to reduce app data leaks. In combination with Wandera’s advance data leak detection and blocking mechanisms, we will be able to completely eliminate data leaks for our corporate clients.
In addition, Apple’s push for “differential privacy” aligns with our mantra that security need not come at the expense of privacy. At Wandera we allow admins to have complete visibility of their company’s mobile data usage for compliance reasons, while at the same time we are able to obfuscate the end user details in order to respect their privacy requirements.
App Transport Security (APS) which was introduced last year during the iOS 9 launch, will now be enforced for all NSURLSession and the older NSURLConnection API calls. In addition, top of line, solid TLS connections (TLS v1.2) and strong cryptography (AES-128 and SHA-2) must be used for the aforementioned API calls.
Furthermore, employing Elliptic Curve Diffie-Hellman Key Exchange (ECDHKE), along with HTTPS and strong cryptography enforcement, Apple believes a secure connection is established to protect the data of its clients. With ECDHKE, even if the server certificate is compromised sometime in the future, the past messages cannot be decrypted. This is what in cryptography is called ‘Forward Secrecy’.
An app developer cannot always force a third party to support HTTPS though; therefore, a per basis exception can be provided for third party hosts with whom an app needs to communicate. Some apps, such as the browser ones, can still use WKWebView to bypass the HTTPS enforcement. For Forward Secrecy, since support is not universal, the exceptions are granted automatically without need for justification.
In other important news, Apple has joined the Certificate Transparency effort to ensure apps communicate with the right server. The Certificate Transparency project fixes several structural flaws in the SSL certificate system, which is the main cryptographic system that underlies all HTTPS connections. The Certificate Transparency makes it possible to detect SSL certificates that have been mistakenly issued by a certificate authority or maliciously acquired from an otherwise unimpeachable certificate authority. It also makes it possible to identify certificate authorities that have gone rogue and are maliciously issuing certificates.
Domain owners are not impacted since the TLS handshake from the server side does not need to change. However, they will now have the ability to monitor their certificates to make sure no other certificates have been issued for their domains or servers, enhancing the security of end-users.
In addition, OCSP (Online Certificate Status Protocol) stapling will be fully supported across all Apple platforms. This will expedite the client-server connection handshake while enhancing privacy.
Certificate Authority simultaneously issues the certificate to the log server and the server operator. With OCSP stapling, the server operator then makes an OCSP query to the CA, and the CA responds with the signed certificate timestamp (SCT), which the server can include in an OCSP extension during the TLS handshake.
Developers may be interested to know that insecure algorithms are being disabled (RC4, SSLv3 in SecureTransport) and others are about to be deprecated (SHA-1, 3DES); therefore, there is a call to adopt stronger security standards on their backends.
In the keynote presentation, we learned that pre-installed default apps can now be removed from iPhones, effectively reducing the attack surface of a device. In addition, the goal for app approvals has been reduced to 24 and 48 hours for 50% and 90% of the apps respectively. We believe this further demonstrates Apple’s trust in the maturity of their automatic security and other testing mechanisms.
Finally, and maybe most important of all, Apple has proved that it continues to be a strong proponent of privacy. After its battle with the Federal Bureau of Investigation and the controversial debate over encryption, Apple revealed that it is heavily investing in “differential privacy”. Differential privacy is a new groundbreaking research topic in the area of statistics and data analytics that can maximize the accuracy of personalized recommendations, while at the same time minimizing the chances of identifying specific individuals. Differential privacy uses a variety of techniques, like hashing, subsampling and noise injection to enable this kind of crowdsourced learning.