{"id":36248,"date":"2022-06-16T15:38:44","date_gmt":"2022-06-16T19:38:44","guid":{"rendered":"https:\/\/mjtsai.com\/blog\/?p=36248"},"modified":"2023-07-25T15:49:48","modified_gmt":"2023-07-25T19:49:48","slug":"rapid-security-response","status":"publish","type":"post","link":"https:\/\/mjtsai.com\/blog\/2022\/06\/16\/rapid-security-response\/","title":{"rendered":"Rapid Security Response"},"content":{"rendered":"<p><a href=\"https:\/\/eclecticlight.co\/2022\/06\/13\/how-might-venturas-rapid-security-response-work\/\">Howard Oakley<\/a>:<\/p>\n<blockquote cite=\"https:\/\/eclecticlight.co\/2022\/06\/13\/how-might-venturas-rapid-security-response-work\/\"><p>One of the more enigmatic features announced for Ventura [and iOS 16] is Rapid Security Response (RSR), <a href=\"https:\/\/www.apple.com\/macos\/macos-ventura-preview\/features\/\">described as<\/a>:<\/p><blockquote>Get important security improvements to your devices even faster. This isn&rsquo;t a standard software update. These improvements can be applied automatically between normal updates &mdash; without a restart.<\/blockquote>\n<p>[&#8230;]<\/p>\n<p>The only practical way is to install those patches outside the SSV. macOS already does this for some of its bundled components, such as Safari, which has been installed on the Data volume, together with components which are changed with security data updates, such as XProtect data and MRT.<\/p>\n<p>However, the Data volume isn&rsquo;t a good place to keep patches to sensitive parts of macOS.<\/p><\/blockquote>\n\n<p><a href=\"https:\/\/threedots.ovh\/blog\/2022\/06\/a-quick-look-at-macos-rapid-security-response\/\">@never_released<\/a>:<\/p>\n<blockquote cite=\"https:\/\/threedots.ovh\/blog\/2022\/06\/a-quick-look-at-macos-rapid-security-response\/\"><p>The cryptex (CRYPTographically-sealed EXtension) additional images are stored in DMGs and are an extension of an existing volume. There are two cryptex images present on Apple OSes being released this fall, App and OS.<\/p><p>[&#8230;]<\/p><p>As macOS Ventura only supports machines with AVX2, the <code>x86_64<\/code> and <code>arm64e<\/code> dyld shared caches are no longer present on macOS installations for Intel processors, as they are unused there. Apple Silicon installations will also not get an unused <code>x86_64h<\/code> slice anymore.<\/p><p>[&#8230;]<\/p><p>As such, this design allows to save hard disk space in addition of allowing components to be updatable without breaking the seal for the system volume.<\/p><p>[&#8230;]<\/p><p>A new BootPolicy element, spih, representing the Cryptex1 Image4 Hash was added in macOS Ventura. This makes the Cryptex hashes part of the Secure Boot trust chain.<\/p><\/blockquote>\n\n<p>Previously:<\/p>\n<ul>\n<li><a href=\"https:\/\/mjtsai.com\/blog\/2022\/06\/06\/ios-16-announced\/\">iOS 16 Announced<\/a><\/li>\n<li><a href=\"https:\/\/mjtsai.com\/blog\/2022\/06\/06\/macos-13-0-ventura-announced\/\">macOS 13.0 Ventura Announced<\/a><\/li>\n<li><a href=\"https:\/\/mjtsai.com\/blog\/2021\/03\/09\/apple-platform-security-february-2021\/\">Apple Platform Security Guide (February 2021)<\/a><\/li>\n<li><a href=\"https:\/\/mjtsai.com\/blog\/2020\/12\/02\/is-big-surs-system-volume-sealed\/\">Is Big Sur&rsquo;s System Volume Sealed?<\/a><\/li>\n<li><a href=\"https:\/\/mjtsai.com\/blog\/2020\/08\/31\/is-macos-becoming-unmaintainable\/\">Is macOS Becoming Unmaintainable?<\/a><\/li>\n<\/ul>\n\n<p id=\"rapid-security-response-update-2022-09-14\">Update (2022-09-14): <a href=\"https:\/\/www.macrumors.com\/2022\/09\/12\/ios-16-remove-rapid-security-response-update\/\">Juli Clover<\/a>:<\/p>\n<blockquote cite=\"https:\/\/www.macrumors.com\/2022\/09\/12\/ios-16-remove-rapid-security-response-update\/\">\n<p>By default, Rapid Security Responses are installed automatically, but Apple has implemented a way to remove them.<\/p>\n<\/blockquote>\n\n<p id=\"rapid-security-response-update-2022-11-02\">Update (2022-11-02): <a href=\"https:\/\/support.apple.com\/guide\/deployment\/rapid-security-responses-dep93ff7ea78\/1\/web\/1.0\">Apple<\/a>:<\/p>\n<blockquote cite=\"https:\/\/support.apple.com\/guide\/deployment\/rapid-security-responses-dep93ff7ea78\/1\/web\/1.0\">\n<p>In a future update to iOS 16, iPadOS 16.1, and macOS 13, Apple will add a mechanism for shipping security fixes to users more frequently. These responses are included in any ensuing minor update (not upgrade) and, on a Mac, update content appears on the Preboot volume (through symbolic links in <tt>\/System\/Cryptexes\/<\/tt>).<\/p>\n<\/blockquote>\n\n<p id=\"rapid-security-response-update-2023-07-25\">Update (2023-07-25): <a href=\"https:\/\/mastodon.online\/@tclementdev\/110770974425093922\">Thomas Clement<\/a>:<\/p>\n<blockquote cite=\"https:\/\/mastodon.online\/@tclementdev\/110770974425093922\"><p>About the rapid security responses, you can&rsquo;t have them set to just &lsquo;check for updates&rsquo;. Either it&rsquo;s enabled and it will auto-install or it&rsquo;s disabled and you will never hear about it &#x1F914;<\/p><\/blockquote>","protected":false},"excerpt":{"rendered":"<p>Howard Oakley: One of the more enigmatic features announced for Ventura [and iOS 16] is Rapid Security Response (RSR), described as:Get important security improvements to your devices even faster. This isn&rsquo;t a standard software update. These improvements can be applied automatically between normal updates &mdash; without a restart. [&#8230;] The only practical way is to [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"apple_news_api_created_at":"2022-09-15T00:11:11Z","apple_news_api_id":"9450a689-917d-4e93-9cd5-37112df2ff7e","apple_news_api_modified_at":"2023-07-25T19:49:51Z","apple_news_api_revision":"AAAAAAAAAAAAAAAAAAAAAg==","apple_news_api_share_url":"https:\/\/apple.news\/AlFCmiZF9TpOc1TcRLfL_fg","apple_news_coverimage":0,"apple_news_coverimage_caption":"","apple_news_is_hidden":false,"apple_news_is_paid":false,"apple_news_is_preview":false,"apple_news_is_sponsored":false,"apple_news_maturity_rating":"","apple_news_metadata":"\"\"","apple_news_pullquote":"","apple_news_pullquote_position":"","apple_news_slug":"","apple_news_sections":"\"\"","apple_news_suppress_video_url":false,"apple_news_use_image_component":false,"footnotes":""},"categories":[2],"tags":[1396,31,2185,30,2223,2232,48,2277,2087],"class_list":["post-36248","post","type-post","status-publish","format-standard","hentry","category-technology","tag-disk-image","tag-ios","tag-ios-16","tag-mac","tag-macos-13-ventura","tag-rapid-security-response","tag-security","tag-signed-system-volume-ssv","tag-software-update"],"apple_news_notices":[],"_links":{"self":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts\/36248","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/comments?post=36248"}],"version-history":[{"count":6,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts\/36248\/revisions"}],"predecessor-version":[{"id":40146,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts\/36248\/revisions\/40146"}],"wp:attachment":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/media?parent=36248"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/categories?post=36248"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/tags?post=36248"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}