How Safari and iMessage Have Made iPhones Less Secure

The security reputation of iOS, once considered the world's most hardened mainstream operating system, has taken a beating over the past month: Half a dozen interactionless attacks that could take over iPhones without a click were revealed at the Black Hat security conference. Linus Henze, Security Researcher The problem with making WebKit mandatory, according to security researchers, is that Apple's browser engine is in some respects less secure than Chrome's. Shady References Another specific element of WebKit's architecture that can result in hackable flaws, says Luca Todesco, an independent security researcher who has released WebKit and full iOS hacking techniques, is its so-called document object model, known as WebCore, which WebKit browsers use to render websites. To Apple's credit, iOS has for more than a year implemented a security mitigation called isolated heaps, or "isoheaps," designed to make errors in reference counting impossible to exploit, as well as newer mitigations in the hardware of the iPhone XS, XS Max, and XR. But both Todesco and Burnett note that while isolated heaps significantly improved WebCore's security and pushed many hackers towards attacking different parts of WebKit, they didn't entirely prevent attacks on WebCore.