Week 12 - iPhone Overview Flashcards
List the iPhones and date of release
- iPhone 2007 (4, 8 & 16GB models). OS 1
- iPhone 3G 2008 (8 & 16GB models). OS 2
- iPhone 3GS 2009. OS 3.0 (device encryption available). 8, 16 & 32GB
all had mini SIM at top
- iPhone 4 2010. iOS 4.0. device encryption standard. Micro sim at side. Still 8,16 & 32GB models.
- iPhone 4S 2011. iOS 5. Now 16, 32 & 64GB. Micro SIM at side.
- iPhone 5. 2012. iOS 6.0.nano SIM at side. Still 16, 32 & 64GB. First to start using CDMA in addition to GSM
-iPhone 5C 2013. iOS 7.0. Still 16, 32 & 64GB. Nano SIM at side. First to use the smaller lightening connector - iPhone 6 / 6+. 2014. iOS 8. Apple Pay introduced. No longer able to obtain data from these devices if password protected (iOS 8 and above). nano SIM. Now 16, 64 & 128 GB
- iPhone 6s / 6s+. iOS 9.Now 16, 32, 64 and 128 GB. 2016
- iPhone SE. 2016. iOS 9.3. 16 and 64 GB
- iPhone 7 / 7+. iOS 10.0. 2016. Now 32, 128 and 256GB. Apple File System introduced.
-iPhone 8 / 8+. 2017. iOS 11.0 64 or 256GB. Touch ID
-iPhone X. 2017. 64 or 256GB. face ID
-iPhone XS/Max. iOS 12.0 2018. 64, 128, 256 & 512GB.
-iPhone XR. 2018. iOS 12.0
-iPhone 11 / Pro / pro Max. iOS 13.0. 2019
- iPhone SE (2nd generation). 2020. iOS 13.0
-iPhone 12 / 12 Pro / Max / 12 mini. 5G. iOS 14.0. 2020. USB C
-iPhone 13 / 13 Pro / Max / 13 mini. 2021. IoS 15.0
- iPhone SE (3rd generation). 2022. iOS 15.0
-iPhone 14 / 14 Pro / Pro Max. 14 Plus. 2022. iOS 16.0 Now 1TB option.
Emergency SOS and crash detection
-iPhone 15 / 15 Pro / Pro Max / 15 Plus. iOS 17.0
USB C. 2023
-iPhone 16 / 16 Pro / Pro Max / 16 Plus. 2024. iOS 18 Remains at 1TB as biggest storage option.
What is the HFSX File System
The HFSX (Hierarchical File System X) is a variant of the HFS+ (Mac OS Extended) file system used by macOS. Used on iOS devices up to version 10.2 (10.3 onwards used APFS)
The “X” in HFSX refers to the case-sensitive nature of the file system, meaning that file names are case-sensitive.
HFS+ uses 32 bit block addresses which means it can access 2 to the power of 32 allocation blocks.
Unicode is used for file system naming extending the range of characters that can be used.
HFS+ volumes are allocation blocks containing 1 or more sectors that are commonly 512 bytes.
By using a small block size HFS+ is more efficient at space utilisation
What is the structure of the HFSX File system?
From top down. 6 major data structures
reserved 1024 bytes (Boot load info)
- Volume Header. Always located at block 2 (or 1024 bytes after the volume beginning). usually 512 bytes in size.
The volume header contains important metadata about the volume, such as the size of the volume, the location of critical structures, and the number of file system blocks.
It holds pointers to the main Catalog File, Allocation File, and Extents File, which are the key data structures of the file system.
The volume header also contains information like the volume’s name, its creation time, and modification time. - Allocation File / Table
Tracks which blocks on the disk are in use and which blocks are free.
It uses a bitmap (a binary representation) to mark whether a block is allocated (used) or free (unused).
Each bit in the bitmap corresponds to a block on the volume. If the bit is set, the block is in use (bit has a value of 1); if it is clear (bit has a value of 0), the block is free. - Extents Overflow File. Maintains a record of allocated blocks when the file size is greater than 8 blocks or when the data is fragmented over more than 8 contiguousblocks
Assists in locating the data and also includes bad blocks. - Catalog File
has hierachical info about files and folders used to locate them within a volume. Also contains various metadata about the files and folders including the user who crfeated them, creation, modification and accessed times and permissions - Attributes File
Contains records of inline data, fork data and extentions. - Start Up File. Contains info required for booting which does not have HFS support
- Alternate Volume header - a copy of the volume header file. located 1024 bytes before the end of the volume. Can be used for disk repair.
Reserved 512 bytes. used by apple at manufacture
What is the Apple File System (APFS)
- Used from iOS 10.3 onwards
- Improved file system
- Optimised for Flash / SSD
- efficient application loading / faster boot
- offers full disk encryption and file based encryption
- has directory Cloning / snapshots and space sharing. File sharing / shared free space and Cloning allows for a copy of a file or directory to be made with no additional space being taken up. A significant feature compared to HFSX.
- uses checksums for data integrity of metadata
- shared free space. means that the free space can be shared as needed with it using as much space as needed - changing with needs. In HFSX the partition sizes are set and can only increase into it’s predefined size.
- AES-XTS or AES CBC Encryption
What are the iOS Partitions (file paths)
- System Partition.
Contains the OS and pre-installed applications. Read only by default to the user. Changes to write permissions when updates to OS is required then it returns to read only state. May become write enabled if device is jail broken. Smallest partition - growing in size, currently approx 4GB. SMall in size tho compared to overall size
– /dev/disk0s1 or /dev/disk0s1s1. - Data Partition. User generated data and user obtained applications. Larger area of memory storage.
– /dev/disk0s2 or /dev/disk0s2s2
Describe the iOS Architecture
iOS architecture consists of 4 layers.
This provides a structured method of communication during device operation.
For example an application cannot communicate directly with hardware but must instead communicate via the predefined layers.
4 layers are:
COCOA TOUCH
MEDIA LAYER
CORE SERVICES
CORE OS
Each layer contains defined frameworks which are dynamic shared libraries and associated shared resources in order to function
iOS Architecture (cont). What is the COCOA TOUCH?
The Cocoa Touch layer contains frameworks for the visual appearance of an application on screen to a user.
Frameworks incl multi tasking and touch inputs
iOS Architecture (cont). What is the MEDIA LAYER
The media layer contains frameworks for multimedia, which assist in optimising graphics, sound and vision in applications for users.
iOS Architecture (cont). What is the CORE SERVICES layer?
The core services layer has fundemental frameworks that supports different technologies such as social media, location based services and the iCloud.
iOS Architecture (cont). What is the CORE OS layer?
The core OS layer is the lowest layer and communicates with the hardware. This provides low level functionality such as memory managemenment, networking and inter processes communications.
iOS Security Architechture
Apple has complete control over the hardware and software it implements. Allows them to strictly implemet complience with how they protect the device and data. Eg. device encryption by default has been implemented for a number of years. The user has no control over whether to use it or not.
Apple implements system security both at the hardware and software level. Secure boot processes occur. From A7 processor onwards it includes a secure enclave co processor (SEP) and secure enclave OS. Which runs it’s own secure boot process.
This handles data and access security and assists with anti replay attacks.
Any failure in the boot process means it will fail to start up and will go into recovery mode.
If bootrom cannot load or verify then it enters DFU mode (Device Firmware Upgrade mode) black screen. Needs to be connected by cable and restored to factory settings in both these modes.
iOS Security Architechture (cont)
From 3GS devices onwards a dedicated AES 256 bit crypto engine has been installed between the flash memory and the main system memory meaning that user data remains encrypted on the flash memory by default and the crypto engine assists with on the fly encryption and decryption.
A unique ID UID is associated with every iOS device and is burned into memory. It acts as the AES 256 bit key to allow user data to be encrypted. If this key is deleted then the user data remains encrypted which cannot be easily defeated.
Data protection was turned on with iOS 8 making no data available to LE without passcode.
Other security features
Developers of applications must have an apple signed security certificate before it can be authorised for downloading.
Applications run in a sandbox environment - limiting applications access to files and other applications.
Passcodes - Features
- Can be 4 digit or 6 digit or Alphanumeric (arbitrary length)
- passcodes can be used for some Encryption Key Entropy
- As well as Device Unlocking
*attacking the Passcode must take place on the device itself. Each password attempt takes approx 80 milliseconds.
Various methods to stop passcode attacking incl:
* Incorrect Passcode Time Delay
* These time delays are enforced by the SEP. First 4 incorrect attempts give no time delay. Between 5th and 6th attempt there is 1 min delay. then 5 mins between 6th and 7th attempt.
Delay between 7th 8th and 9th attempt is 15 mins each.
After 9th attemopt there is a delay of 1 hours.
* Additional optional device wipe after 10 incorrect passcode attempts
Passcode security - when is passcode required?
- The device has just been turned on or restarted
- The device hasn’t been unlocked for more than 48 hours
- The passcode hasn’t been used to unlock the device in the
last 156 hours (six and a half days) and Touch/Face ID has not
unlocked the device in the last 4 hours - The device has received a remote lock command
- After five unsuccessful biometric match attempts
- After initiating power off or Emergency SOS
- Software updates
- Device Erasure
- Viewing or changing passcode settings
- Installing iOS configuration profiles
