Hackers Found An Unpatchable Weakness In A Security Feature That Has Protected Apple Users For Years

Dhir Acharya - Aug 05, 2020


Hackers Found An Unpatchable Weakness In A Security Feature That Has Protected Apple Users For Years

Even iPhone users may haven’t of this term, but Apple has a padlock that protects almost all of its products called the Secure Enclave.

Even iPhone users may haven’t of this term, but Apple has a padlock that protects almost all of its products called the Secure Enclave. The tech giant described the feature as a secure coprocessor consisting of a hardware-based key manager that’s isolated from the main processor, providing an additional security layer.

Security Enclave
Security Enclave is a security feature that protects almost every Apple device

This feature is used on many models of the iPad, iPhone, Apple Watch, Mac, Apple TV, and HomePod product lines. All the data on such devices is encrypted with random private keys that can only be accessed through the Secure Enclave. Then, the coprocessor stores the keys that manage sensitive data like passwords. The company writes:

“The Secure Enclave also maintains the integrity of its cryptographic operations even if the device kernel has been compromised. Communication between the Secure Enclave and the application processor is tightly controlled by isolating it to an interrupt-driven mailbox and shared memory data buffers.”

Simply speaking, here’s how the Secure Enclave works, when storing a private key in the hardware, you don’t directly deal with the key. In fact, the Secure Enclave is assigned to generate the key, store it securely, and perform operations with it. Eventually, you receive the output of this process only, making it extremely difficult for the key to be compromised.

Security Enclave
The weakness affects the iPhone, iPad, Appl Watch, Mac, and Apple Tv

However, hackers have made a lot of attempts to compromise the key for a long time. In 2017, a group of hackers was able to decrypt the Secure Enclave firmware but they couldn’t access the private keys, so users remain safe.

Unfortunately, a group of Chinese hackers named Pangu Team has found the hardware’s weakness that could allow them to decrypt the private security keys, according to 9to5Mac. With this unpatchable exploit, Apple users now have a reason to worry about their privacy and security.

The exploit in the hardware instead of the software, so Apple cannot fix it remotely with a patch as it does with bugs. So far, there haven’t been any details revealed regarding what the hackers may do with this exploit but they would likely need physical access to a device to make it happen.

So, for now, at least Apple users can hope that as long as they keep their devices secure. Never leaving their eyesight, they will be safe.

>>> Hackers Reportedly Earn 120,000$ From Hacking Major Twitter Accounts

Comments

Sort by Newest | Popular

Next Story

Read more

Inside A Click Farm With Hundreds Of Phones - Where Million-View YouTube Videos Are Born

Features- Sep 21, 2020

Inside A Click Farm With Hundreds Of Phones - Where Million-View YouTube Videos Are Born

YouTubers can make a lot of money if they get many views and subscribers. But instead of investing in quality, some cheat to get there through click farm.

Lawmaker Watched P.o.r.nographic Content On His Phone During Parliament Session

Features- Sep 21, 2020

Lawmaker Watched P.o.r.nographic Content On His Phone During Parliament Session

The incident was recorded by the reporters who were in the gallery of the House while the man was scrolling through the p.o.r.nographic photos.

Realme Narzo 20, Narzo 20A, Narzo 20 Pro Go Official In India: Price & Specifications

Mobile- Sep 21, 2020

Realme Narzo 20, Narzo 20A, Narzo 20 Pro Go Official In India: Price & Specifications

The new Realme Narzo 20 series price in India starts at Rs. 8,499 for the low-end model and goes as high as Rs. 16,999 for the top-end option.

POCO X3 India Launch Date Revealed, To Come With Even Bigger Battery

Mobile- Sep 21, 2020

POCO X3 India Launch Date Revealed, To Come With Even Bigger Battery

The POCO X3 will be announced in India on September 22nd with several changes compared to the global version.

LG Styler Review: Offer You Crease-Free And Fresh Clothes But For A Premium Price

Gadgets- Sep 21, 2020

LG Styler Review: Offer You Crease-Free And Fresh Clothes But For A Premium Price

LG Styler review is recently sought after as these smart steam closets are getting popular in South Korea and the U.S

iPhone 12 Leaked Video Revealed Secret Magnetic Wireless Charger Apple Is Developing

ICT News- Sep 21, 2020

iPhone 12 Leaked Video Revealed Secret Magnetic Wireless Charger Apple Is Developing

AirPower might be hibernating, or dead, but Apple doesn’t give up on its effort to make a wireless charger for iPhone 12