Apple Platform Security
-
Welcome
-
Intro to Apple platform security
-
-
System security overview
-
Secure software updates
-
Operating system integrity
-
-
Additional macOS system security capabilities
-
Signed system volume security
-
System Integrity Protection
-
Trust caches
-
Peripheral processor security
-
Rosetta 2 on a Mac with Apple silicon
-
Direct memory access protections
-
Kernel extensions
-
Option ROM security
-
UEFI firmware security in an Intel-based Mac
-
-
System security for watchOS
-
Random number generation
-
Apple Security Research Device
-
-
-
Encryption and Data Protection overview
-
Passcodes and passwords
-
-
Data Protection overview
-
Data Protection
-
Data Protection classes
-
Keybags for Data Protection
-
Protecting keys in alternate boot modes
-
Protecting user data in the face of attack
-
Sealed Key Protection (SKP)
-
Activating data connections securely in iOS and iPadOS
-
Role of Apple File System
-
Keychain data protection
-
-
Digital signing and encryption
-
-
-
Services security overview
-
-
Apple Pay security overview
-
Apple Pay component security
-
Secure Element and NFC controller
-
Payment authorization with Apple Pay
-
Paying with cards using Apple Pay
-
Contactless passes in Apple Pay
-
Rendering cards unusable with Apple Pay
-
Apple Cash security
-
Apple Card security
-
Adding transit and student ID cards to Wallet
-
-
Business Chat security
-
FaceTime security
-
Apple car keys security
-
-
Glossary
-
Document revision history
-
Copyright

Memory safe iBoot implementation
In iOS 14 and iPadOS 14, Apple modified the C compiler toolchain used to build the iBoot bootloader to improve its security. The modified toolchain implements code to prevent memory- and type-safety issues that are typically encountered in C programs. For example, it prevents:
Buffer overflows, by ensuring that all pointers carry bounds information that is verified when accessing memory
Heap exploitation, by separating heap data from its metadata and accurately detecting error conditions such as double free errors
Type confusion, by ensuring that all pointers carry runtime type information that’s verified during pointer cast operations
Type confusion caused by use after free errors, by segregating all dynamic memory allocations by static type
This technology is available on iPhone with Apple A13 Bionic or later, and iPad with the A14 Bionic chip.