Apple Platform Security
- Welcome
- Intro to Apple platform security
-
- System security overview
- Signed system volume security
- Secure software updates
- Operating system integrity
- Activating data connections securely
- Verifying accessories
- BlastDoor for Messages and IDS
- Lockdown Mode security
- System security for watchOS
- Random number generation
- Apple Security Research Device
-
- Services security overview
-
- Apple Pay security overview
- Apple Pay component security
- How Apple Pay keeps users’ purchases protected
- Payment authorisation with Apple Pay
- Paying with cards using Apple Pay
- Contactless passes in Apple Pay
- Rendering cards unusable with Apple Pay
- Apple Card security
- Apple Cash security
- Tap to Pay on iPhone
- Secure Apple Messages for Business
- FaceTime security
- Glossary
- Document revision history
- Copyright
Memory safe iBoot implementation
In iOS 14 and iPadOS 14 or later, Apple modified the C compiler toolchain used to build the iBoot bootloader to improve its security. The modified toolchain implements code designed to prevent memory- and type-safety issues that are typically encountered in C programs. For example, it helps prevent most vulnerabilities in the following classes:
Buffer overflows, by ensuring that all pointers carry bounds information that is verified when accessing memory
Heap exploitation, by separating heap data from its metadata and accurately detecting error conditions such as double free errors
Type confusion, by ensuring that all pointers carry runtime type information that’s verified during pointer cast operations
Type confusion caused by use after free errors, by segregating all dynamic memory allocations by static type
This technology is available on iPhone with the A13 Bionic chip or later, and on iPad with the A14 Bionic chip or later.