The efforts that the manufacturer of a device puts into making it secure and inaccessible by unauthorized parties never seem to be enough. In the field of IT security, is a bit of a challenge without conclusion, which is renewed day after day. This is why, in a secret laboratory near Paris, a team made up of technicians appointed by Apple uses hacking techniques advanced to try to violate the company’s devices, even those not yet released on the market.
Apple continually faces sophisticated threats from companies offering “cyber weapons” to the highest bidder. Think for example of Pegasus, one spyware designed to attack high-profile individual victims. Pegasus is cited as an example of a threat that requires complex efforts to protect devices.
Hacking techniques to discover hardware vulnerabilities, which are even more complex to resolve
Unlike software, where the security flaws can be easily fixed with updates, the hardware remains out of Apple’s control once a customer buys, for example, a new iPhone. Apple’s technicians must therefore test the hardware well in advance before actually placing it on the market, identifying and resolving any possible weaknesses before starting the production process.
Using a range of advanced technologies, including lasers and highly sensitive sensors, Apple engineers working in Paris try to identify and fix vulnerabilities at level hardware.
The chip security it is a crucial part of the process. THE chip Apple must guarantee data encryption, preventing unauthorized access to their content. However, the chip itself could show signs of its activities: Apple experts from the Parisian laboratories work precisely on these aspects. Side-channel attacks are now widely known and small variations in behavior of the chips can be exploited to trace data that should remain confidential and protected.
It is a silent effort led by those who are considered among the best”hacker” of Apple products in the world. The work is complex and expensive, but necessary to protect devices from more sophisticated attacks.
Lockdown Mode is the answer to the most advanced attacks
Presented in 2022, Lockdown Mode it is a novelty that Apple has begun to integrate into its iPhones and which aims to ensure extreme protection that can be activated optionally in case of strict necessity.
When Lockdown Mode is enabled, your Apple device prevents you from performing various tasks that could pose a security risk. For example, FaceTime calls from strangers are blocked, opening attachments is not possible, and many other features are severely limited. There ratio is to stop operations that could be exploited by potential people threats.
Before activating Lockdown Modeusers receive an explicit warning alerting them to the extreme nature of the restrictions and encouraging them to activate them only in situations where this appears absolutely necessary.
The feature is a response to threats developed to target journalists, activists, diplomats and other figures who could be the recipients of unusual cyber attacks, which exploit for example zero-day vulnerability not even known to Apple.
Apple will open to sideloading but criticism remains
Apple, like other companies, finds itself in a situation geopolitics difficult having to balance security with the request for greater openness. The DMA (Digital Markets Act) European, for example, forced the company led by Tim Cook – as well as other gatekeepers – to make i interoperable products with those designed, manufactured and marketed by the competition.
Among the various requirements there is also the one that provides for the activation of the sideloading on Apple devices. That is, users must be able to install the apps they deem most appropriate, including from third-party stores or in any case from sources other than the Apple App Store. An epochal change which, however, Apple believes could fundamentally undermine the security of its devices.
Ivan Krstić, responsible for the security of Apple devices, is categorical: his company has done well to oppose sideloading, up until now. The idea that sideloading guarantees greater choice would be absolutely false, according to Krstić, who shows some frustration.
The images in the article are from Apple.