Ivan Krstić
@radian
Followers
11K
Following
744
Media
5
Statuses
73
Head of Security Engineering+Architecture (SEAR) at Apple. I don’t speak for my employer.
San Francisco, CA
Joined March 2011
🔺New on Apple Security Research blog: a deeply comprehensive Private Cloud Compute security guide, and an unprecedented Virtual Research Environment allowing you to run production PCC software right on your Mac with Apple silicon. And up to a $1M bounty!.
security.apple.com
Private Cloud Compute (PCC) fulfills computationally intensive requests for Apple Intelligence while providing groundbreaking privacy and security protections — by bringing our industry-leading...
12
171
585
🔺New on the Apple Security Research blog: introducing Private Cloud Compute! We believe this is the most advanced security architecture ever deployed for cloud AI compute at scale.
security.apple.com
Secure and private AI processing in the cloud poses a formidable new challenge. To support advanced features of Apple Intelligence with larger foundation models, we created Private Cloud Compute...
13
146
413
RT @jacquesgt: Are you excited to use the power of safe modern programming languages like Swift to make software more secure? My SPEAR team….
0
25
0
🔺Now live: the May 2024 update to the Apple Platform Security Guide!
support.apple.com
Learn how security is implemented in Apple hardware, software, apps, and services.
5
41
138
🔺New on the Apple Security Research blog: introducing PQ3, a groundbreaking post-quantum cryptographic protocol for iMessage. To our knowledge, PQ3 has the strongest security properties of any at-scale messaging protocol in the world.
security.apple.com
We are introducing PQ3, a groundbreaking cryptographic protocol for iMessage that advances the state of the art of end-to-end secure messaging. With compromise-resilient encryption and extensive...
7
127
372
RT @hey_pom: With iOS 17.2 and macOS 14.2 now released, Contact Key Verification 🔐 is available for everybody to enable. Very proud of the….
security.apple.com
iMessage broke new ground in 2011 as the first widely available messaging service to provide secure end-to-end encryption by default. Ever since, we’ve been making ongoing improvements to iMessage...
0
34
0
🔺My new op-ed in Lawfare: Personal Data in the Cloud is Under Siege. End-to-end Encryption Is Our Most Powerful Defense.
lawfaremedia.org
Breaches are at an all-time high. Policymakers and technologists must urgently work together to keep data safe, and there is no stronger protection for data in the cloud than end-to-end encryption.
1
21
60
RT @borrello_pietro: If you are interested in uArch Security, we just opened an internship position at @Apple!. The position is focused on….
0
26
0
🔺New on the Apple Security Research blog: a brief technical overview of iMessage Contact Key Verification!
security.apple.com
iMessage broke new ground in 2011 as the first widely available messaging service to provide secure end-to-end encryption by default. Ever since, we’ve been making ongoing improvements to iMessage...
6
83
256
🔺New on the Apple Security Research blog: we pit our hardened kalloc_type XNU allocator against SockPuppet, a powerful vulnerability from the past:
security.apple.com
The next post in our XNU memory safety series examines how our hardened kernel allocator performs in the real world against a previously patched but powerful UAF software vulnerability. In this...
2
85
237
RT @theevilbit: I have been beta testing the new ASB submission portal for over a year. Apple did an awesome job with this! You can:.✅see t….
security.apple.com
Your security research may be eligible for a reward through the Apple Security Bounty. We welcome reports from anyone.
0
13
0
LIVE: Apple Security Research, our new blog and website at We launch with an update on Apple Security Bounty (, and a deep dive into some fundamental XNU memory safety improvements with kalloc_type (. Enjoy!.
security.apple.com
Improving software memory safety is a key security objective for engineering teams across the industry. Here we begin a journey into the XNU kernel at the core of iOS and explore the intricate work...
23
223
603
While the vast majority of users will never be the victims of highly targeted cyberattacks, Apple will work tirelessly to protect the small number of users who are. I’m deeply proud of our next steps, including a groundbreaking feature: Lockdown Mode.
apple.com
Apple today detailed two initiatives to help protect users who may be personally targeted by sophisticated digital threats.
26
168
648
RT @kubamracek: The Security Tools team at Apple is seeking engineers to work on improve security of programming languages, details below….
0
44
0
RT @KimZetter: Never seen anything like this. Apple sues Israeli spy firm NSO Group for hacking Apple devices. "seeks to ban NSO. from fur….
apple.com
Apple today filed a lawsuit against NSO Group to hold it accountable for abusive surveillance and the targeting of a small number of Apple users.
0
136
0
The steps Apple is taking today will send a clear message: in a free society, it is unacceptable to weaponize powerful state-sponsored spyware against innocent users and those who seek to make the world a better place.
apple.com
Apple today filed a lawsuit against NSO Group to hold it accountable for abusive surveillance and the targeting of a small number of Apple users.
24
137
479
RT @FilippoBiga: Passionate about fuzzing? Want to help securing devices by the billion?. We’re looking for a security engineer to join our….
0
47
0
RT @hey_pom: The Security Research Device Program (SRDP) is currently taking applications for its second cohort. This is the last week to a….
security.apple.com
Get an iPhone dedicated to security research through the Apple Security Research Device program. Learn how to apply.
0
64
0
RT @jacquesgt: I’m hiring an engineering manager for the Secure Enclave OS to lead a strong team that sets a higher bar each year for softw….
0
73
0