Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Endpoint Security

Apple Platform Security Guide Updated With Details on Authentication Features

Apple Platform Security Guide updated

Apple this week updated its Platform Security Guide to provide more details on a couple of recently announced authentication features.

Apple Platform Security Guide updated

Apple this week updated its Platform Security Guide to provide more details on a couple of recently announced authentication features.

Apple’s Platform Security Guide contains detailed technical information on the security technologies and features implemented in its products. The first guide was released in 2015, but it only covered the iOS operating system. In its current form, the guide also provides information on macOS and hardware.

The May 2021 update to the Platform Security Guide focuses on two topics: Touch ID on the iMac’s Magic Keyboard, and the iPhone unlock with Apple Watch feature in iOS 14.5. Both these authentication features were announced by Apple in April.

In the case of Touch ID on the Magic Keyboard, the security guide update specifies how the secure channel is established between the Magic Keyboard with Touch ID and the Secure Enclave in iMac with M1 chips.

As for the iPhone unlock with Apple Watch feature in iOS 14.5, the guide provides more details on the cryptography behind the feature, as well as more information on the security parameters that govern its use.

In February, Apple announced the biggest update ever to its Platform Security Guide — the company added nearly 50 pages to the document compared to the previous version.

Related: Apple Patches Under-Attack iOS Zero-Day

Related: Apple Patches Security Bypass Vulnerability Impacting Macs With M1 Chip

Related: Researchers Abuse Apple’s Find My Network for Data Upload

Related: Apple Patches macOS Security Bypass Vulnerability Exploited by ‘Shlayer’ Malware

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Expert Insights

Related Content

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

Mobile & Wireless

Technical details published for an Arm Mali GPU flaw leading to arbitrary kernel code execution and root on Pixel 6.

Mobile & Wireless

Apple’s iOS 12.5.7 update patches CVE-2022-42856, an actively exploited vulnerability, in old iPhones and iPads.

Mobile & Wireless

Two vulnerabilities in Samsung’s Galaxy Store that could be exploited to install applications or execute JavaScript code by launching a web page.

Audits

Out of the 335 public recommendations on a comprehensive cybersecurity strategy made since 2010, 190 were not implemented by federal agencies as of December...

Mobile & Wireless

South Dakota Gov. Kristi Noem says her personal cell phone was hacked and linked it to the release of documents by the January 6...

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...