Your IT Consultant

Information Technology Blog
by John W. Simek, Vice President of Sensei Enterprises, Inc.

Apple Secure Enclave Firmware Hacked

August 21, 2017

Last week a hacker published the decryption key for the Apple iOS Secure Enclave Processor (SEP) firmware. Apples stated that if the key is legitimate, user data would not be at risk. Touch ID uses the SEP to make authentication via a fingerprint scan and was first introduced with the iPhone 5S. Normally, having access to a decryption key is a big deal. In this case, it is not as bad as it sounds. Yes, security researchers will now be able to study the SEP more fully. The exposure will allow access to the firmware, but does not allow a third-party to decrypt and access TouchID or other data passing through SEP. However, it would allow the Touch ID to be bypassed. BGR reported that "Even if malicious hackers find security holes to exploit in the software that governs it, they'll probably need physical access to your iPhone 5s to update the Secure Enclave's software and then abuse it."

E-mail: Phone: 703.359.0700
Digital Forensics/Information Security/Information Technology
https://www.linkedin.com/in/johnsimek
https://amazon.com/author/johnsimek
https://www.senseient.com