Page Body

Page Main

Post Main

Post Article

iOS Passcodes and the Security Enclave

Linked by Paul Ciano on February 21, 2016

A few days ago, John Gruber posted an important question regarding the current showdown between Apple and the FBI.

The question of the day is whether the code on the Secure Enclave that enforces these brute force countermeasures can be flash-updated (by Apple) to circumvent them.

That is, are newer Apple devices with a Secure Enclave vulnerable to the same type of attack being proposed for the iPhone 5C in question? Initially, this was not clear.

Then, a few tweets from Rich Mogull and Farhad Manjoo later:

@gruber it is my understanding, from background sources, that all devices are vulnerable.

Rich Mogull

By the way according to Apple it is not true that an iOS rewrite of the sort the FBI is asking for here wouldn't work on newer iPhones.

Farhad Manjoo

I would still like official clarification from Apple, but if this is true, it is, for me, the most important information to come out of this ordeal.

Think about it. After all this time, after all the marketing and Tim Cook's rhetoric, Apple may have the ability to negate strong passwords for their devices. If one had physical access to the device (and whatever credentials they needed from Apple), the restrictions that prevent brute force attacks could be nullified.

Others have proclaimed that if you have a sufficiently long and complicated password, it would still take years to crack it, but this is only true with certain assumptions. For me, the point is that Apple has been hammering home the message that with their newest devices, they removed themselves from the equation, that they had designed a system that not even they could compromise.

If what Mogull and Manjoo's sources say is true, then Apple's prior statements are either patently false, or dubious, at best. Either way, this does not look good.

Even if Apple has not yet created such software, what would stop someone else from making it? Do you think Apple itself could not be compromised? The fact that such a software solution could exist is the problem.

The question remains, if this vulnerability for modern devices exists, why did Apple allow it? More important, are they taking steps for future devices so that not even they can tamper with them? In the new world, the only secure solution is a Trust no one approach.

I hope Apple agrees.

Paul Ciano

Enjoyed this post?

Subscribe to my feed for the latest updates.