I do not know why anybody would believe any claim by Apple with respect to security without overwhelming empirical evidence supporting their claims. The default assumption in commercial software security, supported by literal decades of abject failure by every player, is that commercial software security is atrocious. To claim anything more than trivial security is a extraordinary claim and thus demands extraordinary evidence before being accepted.
Apple has demonstrated no such evidence. In fact, the opposite is the case. Despite decades of assurances that their systems provide meaningful security, every single year we see their security torn apart by individuals and small teams with budgets that do not even constitute rounding errors to a Fortune 500 company. There is exactly no reason to believe they have meaningfully superior technical expertise with respect to security relative to the default standard of the industry.
However, this should be no surprise to anyone as the security certifications that Apple advertises for iOS [1][2] are only “applicable where some confidence in correct operation is required, but the threats to security are not viewed as serious.” [3][4]. I mean, look at [4], the process used to certify their security is that their evaluators typed search terms into the internet and verified that every vulnerability that turned up was patched, that’s it. There is no requirement to even do a independent analysis that it protects against attackers with a basic attack potential, that is done at the next higher level of security that they could have chosen to certify against, but did not.
To be fair, Apple has historically demonstrated the ability to certify against AVA_VAN.3 which demonstrates resistance to attackers with a enhanced-basic attack potential, but they have failed every time they have ever attempted to certify against AVA_VAN.4 which demonstrates resistance to attackers with a moderate attack potential. It should be no wonder that they can not protect against moderate attack potential threats such as individuals or small teams, let alone high attack potential threats such as large organized crime and nations.
If Apple wants their security claims to be taken seriously, they should start by demonstrating their ability to protect against moderate attack potential threats via the internationally recognized security certification process they already use and advertise. Until then, the only thing we should trust is what they certify they can do (protect against script kiddies), not what they have failed to ever achieve in a auditable manner (protect against moderately skilled attackers).
Apple has demonstrated no such evidence. In fact, the opposite is the case. Despite decades of assurances that their systems provide meaningful security, every single year we see their security torn apart by individuals and small teams with budgets that do not even constitute rounding errors to a Fortune 500 company. There is exactly no reason to believe they have meaningfully superior technical expertise with respect to security relative to the default standard of the industry.
However, this should be no surprise to anyone as the security certifications that Apple advertises for iOS [1][2] are only “applicable where some confidence in correct operation is required, but the threats to security are not viewed as serious.” [3][4]. I mean, look at [4], the process used to certify their security is that their evaluators typed search terms into the internet and verified that every vulnerability that turned up was patched, that’s it. There is no requirement to even do a independent analysis that it protects against attackers with a basic attack potential, that is done at the next higher level of security that they could have chosen to certify against, but did not.
To be fair, Apple has historically demonstrated the ability to certify against AVA_VAN.3 which demonstrates resistance to attackers with a enhanced-basic attack potential, but they have failed every time they have ever attempted to certify against AVA_VAN.4 which demonstrates resistance to attackers with a moderate attack potential. It should be no wonder that they can not protect against moderate attack potential threats such as individuals or small teams, let alone high attack potential threats such as large organized crime and nations.
If Apple wants their security claims to be taken seriously, they should start by demonstrating their ability to protect against moderate attack potential threats via the internationally recognized security certification process they already use and advertise. Until then, the only thing we should trust is what they certify they can do (protect against script kiddies), not what they have failed to ever achieve in a auditable manner (protect against moderately skilled attackers).
[1] https://support.apple.com/guide/sccc/security-certifications...
[2] https://www.niap-ccevs.org/Product/Compliant.cfm?PID=11146
[3] https://www.niap-ccevs.org/MMO/Product/st_vid11146-aar.pdf#p...
[4] https://www.commoncriteriaportal.org/files/ccfiles/CCPART3V3...