1. Apple Reduced Attack Surface:
    1. Apple reduced the risks by not allowing Java & Flash: those 2 have history of security vulnerabilities
    2. Mobile Safari doesn’t handle .psd, & .mov are partially supported, .pdf only parse some features
  2. No Shell (/bin/sh) -> Stripped-Down iOS
  3. Privilege Separation: 
    1. web browser/ mail / third party -> run as user “mobile” -> even if attacker has full control of web browser -> still can’t make sys.config change
  4. Code Signing: One of the most important security mechanisms!
    1. All binaries and libraries must be signed by kernel to allow execution.
  5. Data Execution Prevention (DEP) : 
    1. Normally, hackers use ROP (Return-oriented programming) – to reuse existing valid code in a way not intended by the process. The hackers use that to create a section of memory that is writable & executable. However as iOS forces that every page has to be code signed to be executed -> no payload, attackers must use ROP only.
  6. Address Space Layout Randomization: 
    1.  If the hackers want to reuse existing code snippets – they need to know where the code segment is. But in iOS, binary/ libraries/ dynamic linker/ stack/ heap memory address are all randomized so it’s much safer.
  7. Sandboxing: 
    1. Sandbox specifies exactly what permissions are necessary for apps (like SMS doesn’t need access to browser cookies): it limits damage & makes exploitation harder.
Advertisements