The other day it became known that an information security specialist with the nickname xerub was able to gain access to Secure Enclave protection. The hacker has already laid out the appropriate decryption key, with which other experts will be able to study in detail the features of cryptographic protection of Apple devices. "Anyone can now browse and poke into SEP," said xerub.
Apple has not yet confirmed the authenticity of the key laid out by the hacker. Nevertheless, company representatives have already stated that even if this is true, the data of users of the company's gadgets will not be threatened.
Secure Enclave is a technology that is part of the processor of devices equipped with a Touch ID sensor. The sensor itself does not store any images of fingerprints. Instead, he preserves their mathematical notions. According to representatives of Apple, it is impossible to get a real image of the print from the mathematical view. But in order to avoid even the slightest opportunity to do this to an outside person, the company created Secure Enclave. Data for all prints is encrypted and protected with a key that is only available for Secure Enclave. They are used only by this system to check the coincidence of the print with the saved data. It (the system) is separated from the rest of the processor and the operating system itself. So the data that is in the repository can not be used by iOS and any other programs that are stored on Apple servers and copied to iCloud or other repositories.
Other information security specialists believe that accessing Secure Enclave does make Apple devices vulnerable to hackers, so that no matter what Apple says. "I hope Apple will work to strengthen the protection of users, once hide the SEP is no longer possible," said xerub.
Unfortunately, he did not disclose the methods used to decrypt the security key. He also did not say anything about whether any vulnerabilities were found in the SEP system or not.
"In my opinion, there is nothing terrible here," said Partick Wardle, head of cybersecurity at Synack and founder of Objective-See. "It only means that the specialists on the infobase and yes, hackers, will now be able to analyze the firmware for the presence of bugs. Previously, it was encrypted, so there was nothing to be done. But now the protection is less strong, so that third-party users will be able to analyze the software. "
The question of whether the xerub can somehow use the decryption key to exploit any vulnerabilities (in the event that they exist) Remains open. In addition, another important question is whether Apple will be able to solve the problem and develop a new encryption key for Secure Enclave.
Until now, information about this technology has not been so much. The company talked about it, but did not disclose the basic details. Last year, a group of cybersecurity specialists made a presentation on this protection. Experts have learned a lot, but much has remained hidden. Now there is no secret anymore. It remains to wait for Apple's reaction and further actions by both the company and outside experts, including burglars.
TouchID first appeared on the iPhone 5S and iPad Air 2. With the help of a fingerprint, users can not only unlock their phones, but also confirm transactions in various programs, including Apple Pay, Apple App Store, iBooks and other applications.
And a little more About burglary
On this trouble, Apple does not end there. Another group of specialists was able to find a new way to bypass the protection of password-locked phones. This method of hacking was shown by the author of the YouTube channel Youtube EverythingApplePro.
The method based on the search of variants of the pin-code is based, and it works in the recovery mode, where there is no restriction on the number of attempts to enter the password. It takes about 20 hours to select a 4-character code. This is not so much, considering that earlier the selection of the password was impossible. In general, Apple will have to try to solve all the problems with the safety of its devices.