قالب وردپرس درنا توس
Home / Technology / Apple Updates Platform Security Guide states that kernel extensions are not supported on future Apple Silicon Macs

Apple Updates Platform Security Guide states that kernel extensions are not supported on future Apple Silicon Macs



Apple today shared an updated version of the Platform Security Guide [PDF], which provides a comprehensive overview of the latest security developments across iOS 14, iPadOS 14, macOS Big Sur, tvOS 14, watchOS 7 and more.

apple devices mac iphone ipad see collage


For example, the guide provides security details about Safari’s optional password monitoring feature on iOS 14 and macOS Big Sur, which automatically keeps track of any stored passwords that may have been involved in a data breach. Apple also outlines the security of the new digital car keys feature on the iPhone and Apple Watch.

Apple updated the introduction to “commitment to security” and announced the security benefits of Apple-designed chips on iPhone, iPad, Apple Watch and Mac:

Apple continues to push the boundaries of what is possible in terms of security and privacy. This year, Apple devices using Apple SoC across the product range from Apple Watch to iPhone and iPad, and now Macs, use custom silicon to drive not only efficient computing but also security. Apple’s silicon forms the basis for secure boot, Touch ID and Face ID, and data protection, as well as system integrity features never before introduced on Mac, including Kernel Integrity Protection, Pointer Authentication Codes and Fast Permission Restrictions. These integrity features help prevent common memory attack techniques, manipulate instructions, and use javascript online. They combine to ensure that even if the attacker code is somehow executed, the damage it can do is dramatically reduced.

New sections have been added for Apple Silicon Macs, describing boot security, boot modes, boot disk, Rosetta 2 translation process for running Intel-based Mac apps, FileVault, Activation Lock and more.

As expected, the guide confirms that kernel extensions will not be supported on future Mac Silicon Macs (highlight ours):

In addition to allowing users to run older versions of macOS, Reduced Security is required for other actions that could compromise the user’s system security, such as introducing third-party kernel extensions (kexts). Kexts have the same privileges as the kernel, and thus any vulnerabilities in third-party kexts may lead to complete compromise with the operating system. This is why developers are strongly encouraged to adopt system extensions before kext support is removed from macOS for future Mac silicon computers.

macOS Catalina was the latest version of macOS to fully support core extensions. Apple says that kernel extensions are no longer recommended for macOS, and notes that they pose a risk to the integrity and reliability of the operating system.

Starting with macOS Catalina, developers have been able to use system extensions that run in the user area instead of at the core level. System extensions running in the user area are only granted the privileges needed to perform their specified function, which increases the stability and security of macOS, according to Apple.

Apple includes a Document Revision History section of the Platform Security Guide with a list of all new and updated information.

Apple also has a new Security Certification and Compliance Center.


Source link