What’s New in Apple’s Platform Security Guide

Originally published at: What’s New in Apple’s Platform Security Guide - TidBITS

In January 2026, Apple updated the Apple Platform Security Guide, bringing it up to date with operating system and technology changes since the December 2024 release and adding a few new sections. In March 2026, it released another small update.

Although the Platform Security Guide can be dense reading for those of us who are not security experts, it’s an essential resource for answering questions or correcting misconceptions about how Apple technologies protect our data.

For instance, if you know someone who won’t use Face ID because they believe it allows Apple to collect pictures of their face, you can point to the Biometric Security page that explains that Face ID data is actually a mathematical representation of a 2D infrared image plus depth maps and is only stored and processed in the dedicated Secure Enclave subsystem within the device.

Sadly, what the Platform Security Guide can’t help with is conspiratorial beliefs that Apple is intentionally lying. That’s possible—anything is possible—but radical theories require tangible, verified evidence to be accepted as anything more than fevered paranoia. Given Apple’s position in the world, it’s safe to assume that every facet of the Apple experience is under nonstop scrutiny by security researchers and malicious hackers alike. If Apple were lying about its security efforts, there would be no way to cover up all the breaches.

New Sections

In the updated Platform Security Guide, Apple has added several interesting sections.

• Mac on-screen camera indicator light is the only change in the March 2026 version, explaining how the MacBook Neo provides additional security for the camera feed to ensure that the on-screen camera indicator light can’t be disabled or obscured by software. This change was necessary because the MacBook Neo, unlike other MacBook models, doesn’t have a hardware indicator light to show when the camera is in use. Mac iSight webcams prior to 2008 could be reprogrammed to operate without turning on the LED indicator, a fact that came out in the Lower Merion school laptop spying scandal and in a blackmail attempt against a Miss Teen USA. Apple’s mention of the MacBook Neo in the Platform Security Guide suggests the company is confident that the switch to a software-involved indicator won’t be vulnerable to hacking. John Gruber has more on this at Daring Fireball.
• Automatically Unlock Apple Devices explains all the ways that one Apple device can unlock another and how that process happens securely. If you’ve worried that it’s not safe to have your iPhone unlock your Apple Watch, your Apple Watch unlock your Mac, or your Apple Watch unlock your iPhone when you’re wearing a mask, this page should set your mind at rest. It also explains the security behind iPhone Mirroring, which lets you use your iPhone from your Mac.
• Communicating emergency information using satellites provides more details about Apple’s satellite communication systems and how they maintain security. No matter what communication type you’re employing—Emergency SOS, Roadside Assistance, SMS, or iMessage—Apple establishes a secure connection between the device and an Apple datacenter. Apple then forwards the communication on to emergency services and roadside assistance partners, or to SMS carriers. The guide reveals a time-based refinement on a little-known detail: when you connect to the satellite in Messages, Apple intentionally doesn’t send you incoming SMS messages unless you have sent the sender an off-grid message in the last 24 hours, or they are an approved sender in your emergency contacts or iCloud family members. Apple holds other SMS messages until you’re back online with the cellular network.
• Quantum-secure cryptography in Apple operating systems outlines how Apple is preparing for a future with quantum computers that can quickly solve the mathematical problems at the heart of traditional cryptography. Although it’s too early to know how quantum computing will power attacks against encrypted data, Apple and others assume that attackers have adopted a “harvest now, decrypt later” approach where they collect massive amounts of encrypted data now with the expectation that a future quantum computer will enable them to decrypt it later. The cryptographic community has begun developing post-quantum cryptographic protocols, something Apple first mentioned in the context of iMessage several years ago (see “New iMessage PQ3 Encryption Protocol Protects Against Post-Quantum Attacks,” 23 February 2024).

Apple is famously secretive, but the Platform Security Guide is a notable exception. It’s a detailed, public accounting of how Apple’s security systems actually work. I don’t expect many people to read it cover to cover, but keep it in mind. The next time you’re trying to explain why Face ID is safe, or wondering whether some Apple security claim holds up, it’s where to start looking.

Notably, the guide reveals a previously unknown detail: when you connect to the satellite in Messages, Apple intentionally doesn’t send you incoming SMS messages unless you have sent the sender an off-grid message in the last 24 hours, or they are an approved sender in your emergency contacts or iCloud family members. Apple holds other SMS messages until you’re back online with the cellular network.

I think this was previously partly disclosed. The 24-hour period might be new? But the rest was known in 2024. How to get ready for Messages by satellite and go off the grid | Macworld :

Apple allows a limited set of people to message you when you have satellite connectivity before you reach out to them. They have to be part of your Family Sharing group or listed in your emergency contacts. Make sure you’ve added the appropriate people before you leave a regular coverage area.
People in those categories can text you using SMS whenever you’re connected via satellite. If they qualify to use iMessage, the conversation should “upgrade” to iMessage after you reply.

Interesting. This can only work because Apple doesn’t support third-party video cards (like eGPUs). Otherwise, a video device driver could be developed with hacks to block the indicator.

But if new video drivers can’t be installed, and (presumably), the Apple ones are in the locked system volume, then that shouldn’t be an attack vector.

I assume that this guarantee can not be made on a Mac Pro with PCIe slots, because third-party video cards using third-party device drivers could defeat this capability. Of course, Mac Pros don’t have built-in cameras either, so if you care, you could just buy a camera with a hard-wired in-use indicator.

But all that having been said, I think the hardware indicator is still better. Even if the on-screen indicator truly can not be bypassed, a user is more likely to notice a green LED in the computer’s bezel next to the camera, than a green dot next to a menu-bar icon.

I’ve used Micro Snitch, from the developer that also makes Little Snitch, for may years as a second, deliberately intrusive notice (pop ups) that my Macs’ camera or mic are active.

https://www.obdev.at/products/microsnitch/index.html

Objective-See (makers of many macOS security applications) has something similar:

I haven’t compared the two so don’t know if one is better than the other, but it’s another choice.

(Aside to @ace: The URL included there is clearly to Oversight, yet the preview shown is to a different Objective-See product. Odd.)

I also have used several Objective-See utilities for many years. I think both Objective Development and Objective-See deserve their good reputations among Mac users.

Yeah, it was the 24-hour period that caught my attention.

Thank you Adam for the security pointers.