How did the iPhone become so secure? YT

Description

Are you a security researcher or reverse engineer?

For 50% off IDA Products use promo code BILLY50, https://hex-rays.com/pricing *
For 30% off IDA Training use promo code BILLY30, https://hex-rays.com/training **

*License discounts are only valid for individuals, not corporations. Cannot be combined with any other promo code or discount.
** Cannot be combined with any other promo code or discount.

/////////////////////////////////////

Hey guys,
Today we're taking a step back and looking at the history of iOS exploit mitigations & security features that Apple has added over the years. We'll look at the most important mitigations at a high level, and explore how they each help to prevent iOS exploitation.

I've focused on the main features designed to counter kernel exploitation. These include the basics like user-mode and kernel-mode ASLR, first added in versions 4.3 and 6.0 respectively. Then we move on to look at Apple's first attempt at preventing kernel code tampering with the original Kernel Patch Protection (KPP), and how they evolved their approach to this in subsequent versions.
We go all the way up to the modern day iPhone 17 lineup which includes the new Memory Integrity Enforcement.
I have glossed over the TXM and SPTM features here, as these require their own videos once I have found the time to study them myself in depth.

Lemme know what you think of the current state of iOS security in the comments down below.

Thanks for watching and happy new year,
~ Billy

References:
https://blog.siguza.net/KTRR/
https://blog.siguza.net/APRR/
https://info.lookout.com/rs/051-ESQ-475/images/pegasus-exploits-technical-details.pdf
https://theapplewiki.com/wiki/Kernel_Patches
https://bazad.github.io/presentations/BlackHat-USA-2020-iOS_Kernel_PAC_One_Year_Later.pdf
https://xerub.github.io/ios/kpp/2017/04/13/tick-tock.html
https://projectzero.google/2020/07/the-core-of-apple-is-ppl-breaking-xnu.html
https://theapplewiki.com/wiki/LibTiff_Exploit