Apple rolled out an updated version of its ‘Platform Security Guide,’ which offers a comprehensive overview of the latest security changes and improvements across the company’s software ecosystems.
The guide details changes across iOS 14, iPadOS 14, macOS, Big Sur, tvOS 14, watchOS 7 and more.
MacRumors published a breakdown of the changes to the guide. For example, the guide includes security details about Safari’s Password Monitoring feature. Available on iOS 14 and macOS Big Sur, Password Monitoring automatically checks if saved passwords may have been exposed in a data breach.
Additionally, Apple outlined its new M1 chip’s security benefits, touching on boot process, boot modes, startup disk, Rosetta 2 translation process, FileVault, Activation Lock, and more.
Perhaps the most significant new addition covered in the guide is Apple finally confirmed it would stop supporting kernel extensions in future macOS versions. Kernel extensions, or ‘kexts,’ run at kernel privilege as opposed to user privilege. The kernel is essentially the core of a computer’s operating system and controls the whole computer. Thanks to kexts’ elevated privilege, Apple points out that they present a significant security flaw should users run a compromised kext on their system.
Although expected, official confirmation in the Platform Security Guide will, hopefully, encourage developers to move to the new, more secure system extensions. System extensions, unlike kexts, run at the user privilege level. Apple says this helps increase the stability and security of macOS.
macOS Catalina was the last version of macOS to support kexts fully, according to MacRumors. The new Platform Security Guide recommends developers switch to system extensions “before kext support is removed from macOS for future Mac computers with Apple silicon.”
Those interested can check out Apple’s Platform Security Guide here.
Update 02/24/2021 at 9:45am: Added a link to the guide.