Apple's Platform Security guide details how customer data is protected

Posted:
in General Discussion
Apple has published its guide to Platform Security for Fall 2019, outlining how the company's products and services work to ensure the security of the user, including explanations of how key technologies like the Secure Enclave, biometric security systems, secure booting, and core operating system security measures protect its customers.




The Apple Platform Security guide is a 157-page document that gives an overview of how Apple treats security across its entire ecosystem. The guide which details how security technology and features are implemented on the platforms, is Apple's way to reassure curious and concerned users that its products are secure as they can be.

The documentation is also intended to help organizations combine Apple's platform security technology with "their own policies and procedures to meet their specific security needs," the guide mentions.

"Every Apple device combines hardware, software, and services designed to work together for maximum security and a transparent user experience in service of the ultimate goal of keeping personal information safe," Apple writes. "Apple devices protect not only the device and its data, but the entire ecosystem, including everything users do locally, on networks, and with key Internet services."

Apple splits the lengthly document into a number of broad topic areas, titled Hardware Security and Biometrics, System Security, Encryption and Data Protection, App Security, Services Security, Network Security, Developer Kits, Secure Device Management, and Security Certifications and Programs.

The document is in fact a merging of other security guides Apple has produced, including the iOS Security Guide, macOS Security Overview, and the Apple T2 Security Chip Overview. While those documents would have also covered elements relating to Privacy Controls, Siri and Siri Suggestions, and Safari Intelligent Tracking Prevention, these have been excluded from the guide, with readers informed to visit Apple's privacy site for information about those features.
watto_cobra

Comments

  • Reply 1 of 9
    mobirdmobird Posts: 752member
    Do they mention whether background and security checks are completed on all employees that come in contact with all of these services and systems?
  • Reply 2 of 9
    Yet apps Little Snitch, pihole, etc all show my Apple devices pinging 100’s of different Apple servers even when those devices are idle. So much for Apple privacy.  I guess that’s Apple privacy vs my privacy.
  • Reply 3 of 9
    ralphie said:
    Yet apps Little Snitch, pihole, etc all show my Apple devices pinging 100’s of different Apple servers even when those devices are idle. So much for Apple privacy.  I guess that’s Apple privacy vs my privacy.
    Examples? What makes you believe there are privacy implications for such hits?
    watto_cobra
  • Reply 4 of 9
    ralphie said:
    Yet apps Little Snitch, pihole, etc all show my Apple devices pinging 100’s of different Apple servers even when those devices are idle. So much for Apple privacy.  I guess that’s Apple privacy vs my privacy.
    Examples? What makes you believe there are privacy implications for such hits?
    Should we even have to ask or deal with such questions...?
    edited December 2019
  • Reply 5 of 9
    rob53rob53 Posts: 3,241member
    This publication and all the other Apple documents are what allows Apple products to be used by the US government, its contractors and many corporations. They are used to help justify the security measures implemented by the various IT staff when configuring Apple computers. Without these documents, Apple products would have a difficult time being configured to meet the various government security requirements. As for those people who scoff at Apple's documentation, I could care less about your comments. Try supporting several hundred people's computers without any technical documentation and see how far you get. 

    As for 100's of different Apple servers being pinged what's wrong with that? I have an Apple ID so of course I'll be pinging Apple servers all the time. I would be more concerned about servers not related to apple.com like anything related to google and microsoft.
    watto_cobrabakedbananas
  • Reply 6 of 9
    ralphie said:
    Yet apps Little Snitch, pihole, etc all show my Apple devices pinging 100’s of different Apple servers even when those devices are idle. So much for Apple privacy.  I guess that’s Apple privacy vs my privacy.
    Examples? What makes you believe there are privacy implications for such hits?
    I will leave this as a learning opportunity for you. Install a logger and see for yourself. Anything that’s doing callbacks on an idle device is clearly data gathering, and CLEARLY not in the best interest of my privacy.
  • Reply 7 of 9
    Rayz2016Rayz2016 Posts: 6,957member
    ralphie said:
    ralphie said:
    Yet apps Little Snitch, pihole, etc all show my Apple devices pinging 100’s of different Apple servers even when those devices are idle. So much for Apple privacy.  I guess that’s Apple privacy vs my privacy.
    Examples? What makes you believe there are privacy implications for such hits?
    I will leave this as a learning opportunity for you. Install a logger and see for yourself. Anything that’s doing callbacks on an idle device is clearly data gathering, and CLEARLY not in the best interest of my privacy.
    In other words, you don't know.

    To begin with, just because you're not doing something on the device, that doesn't mean it's idle. Computing 101

    Here's a couple of things that I've noticed happen when I'm not doing anything on the device.

    App updates
    Playlist syncing
    Backups
    iCloud syncing (yes, that's right, Apple stores your address book and calendars on servers so that they can reach your other devices and accessed on line)

    It's fine to install logging software to fuel your paranoia, but it's also important to understand the infrastructure they relate to, so you can interpret what is happening.

    I guess this is why they say a little knowledge is a dangerous thing.
    edited December 2019 watto_cobrabakedbananasjony0
  • Reply 8 of 9
    ivanhivanh Posts: 597member
    You can dump that document now.  

    Yesterday Hong Kong Police has given the court of Joshua Wong’s iPhone XR WhatsApp and Telegram messages without unlocking it.
  • Reply 9 of 9
    badmonkbadmonk Posts: 1,285member
    ivanh said:
    You can dump that document now.  

    Yesterday Hong Kong Police has given the court of Joshua Wong’s iPhone XR WhatsApp and Telegram messages without unlocking it.
    That may not be an Apple issue.  More likely possibilities-

    the Chinese company that replaced Apple for iCloud backups

    the What’s App server

    the Telegram server

    or deencryption of cellular or internet traffic


    jony0
Sign In or Register to comment.