You’ve read the book; now see the movie. Ivan Krstić’s presentation is as solid as any Apple WWDC presentation, and it’s packed with much more information than the company usually reveals about its security protocols.
Though this is a very easy watch, even for someone — like myself — with only a cursory understanding of security and software engineering, I’ve picked out a few key parts that are worth paying attention to:
Right off the top, there’s a rationale for why the kernel cache is no longer encrypted. In light of this news, which broke in mid-June, these slides were likely inserted after the presentation was considered complete.
At about 8:21, Krstić touches on the Secure Enclave’s multitude of protections. Some of this is known, but because it’s the root of the entire security system on iOS, it’s good to hear it reiterated.
At 18:57, Krstić explains how the Update Later feature, introduced in iOS 9, is made secure.
My guess for why I was asked for my iPad passcode when setting up Sierra — as referenced in my post on these slides — appears to be correct (24:55).
At 26:37, Krstić launches into a long explanation of how Apple protects their own encryption secrets and cloud synchronization technologies. From my perspective, this is the most dense part of the whole presentation, but it’s also the most important: Apple proving their own security protocols to the security community — and the community verifying it by looking for holes in it; see also the bug bounty program introduction at 36:14 — is critical to maintaining the company’s position as the tech company that values user security and privacy.
There’s a pretty funny explanation of Apple’s “physical one-way hash function” at 34:08.
At 39:40, Krstić kicks off the Q&A period. All questions are worth watching, but the first one is particularly telling, as is the question at 49:37. As you might expect from Apple, there are a lot of non-answers within the Q&A, but that’s also because of the kinds of questions that were asked.
I was surprised by Krstić’s answer to the second audience question regarding seeing a list of devices granted user data syncing permissions for the purpose of revoking those credentials. Krstić said that there isn’t currently a way to do that, but the list of devices on the iCloud Settings page seems to serve that purpose. I’ve reached out to the company for an explanation and will update this post if I hear back.