Video of Apple's Black Hat 2016 presentation now available

Posted:
in General Discussion
The full video of Apple's presentation at this year's Black Hat security conference was posted to YouTube on Tuesday, offering viewers a deep dive into iOS security mechanisms, from backbone synchronization service iCloud to new systems like HomeKit.




Apple's Head of Security Engineering and Architecture Ivan Kristić went into surprising detail on a variety of topics during his talk at Black Hat's U.S. conference earlier this month. HomeKit, Auto Unlock and iCloud Keychain were discussed at length, as was hardware technology like the Secure Enclave Processor introduced with the A7 system-on-chip.

Kristić also took the opportunity to announce Apple's first ever bug bounty program. The initiative, which launches in September for a select group of invited researchers, offers cash incentives up to $200,000 for previously undiscovered software and hardware vulnerabilities.

Apple is one of the last major consumer electronics brands to institute a bug bounty program after having relied on internal testing for decades.



Kristić went on to discuss key iOS security features including WebKit data handling, as well as cross-platform features like Auto Unlock, which lets users secure their Mac with an Apple Watch. Server encryption and decrypted kernel caches in iOS 10 were also mentioned in the talk.

The full session of "Behind the Scenes of iOS Security" can be viewed on the Black Hat YouTube channel.

Comments

  • Reply 1 of 4
    It's Krstić.
  • Reply 2 of 4
    jakebjakeb Posts: 559member
    It's awesome to see Apple take steps to share info about the inner workings of their software. 
  • Reply 3 of 4
    welshdogwelshdog Posts: 1,765member
    I guess I don't understand why any company would share any significant details about inner workings of products. Seems risky.
  • Reply 4 of 4
    Happy that apple is participating in black hat now and offering the bounty program. Gives people incentive to fix any issues. 
Sign In or Register to comment.