Apple’s impenetrable security chip is penetrated by hacker


Touch ID
But don't worry — Face ID isn't going anywhere.
Photo: Apple

Apple’s supposedly impenetrable security chip found inside iOS devices has been penetrated.

A hacker has released what is claimed to be a decryption key for the Secure Enclave Processor (SEP) that handles things like Touch ID and password verification. But we shouldn’t worry about the security of our Apple devices being compromised… yet.

Introduced with the A7 processor and iPhone 5s, the SEP is where Apple stores your Touch ID fingerprint data. It’s used to verify passwords and Apple Pay transactions, and manages all kinds of other security processes in iOS.

Using a dedicated chip for this separates the processes from the rest of the system, making everything more secure. Even if iOS is hacked and hackers gain access to your data, they cannot access the information stored on the SEP.

The SEP generates a Unique ID (UID) for your device for authentication purposes, and changes it every time your device reboots. However, this is about as much as we know about it so far; Apple is understandably tight-lipped about exactly how it works.

But a hacker, known as Xerub on Twitter, claims to have obtained the SEP’s decryption key, and has uploaded it to GitHub — along with the code required to process it. Don’t freak out just yet!

This key cannot be used to hack into an SEP and retrieve the data from it. It could be used to monitor how the SEP works and to find out all the information Apple won’t tell us. In turn, this information could be used to reverse-engineer the chip and gain access to its data.

Xerub explains, however, that a lot of work would have to go into making this happen, and then exploiting the decrypted firmware. For now, the key cannot be used for much, and Apple is confident our data is secure. An unnamed source told TechRepublic:

There are a lot of layers of security involved in the SEP, and access to firmware in no way provides access to data protection class information. It’s not an easy leap to say it would make getting at customer data possible.

The fact that the SEP was decrypted in the first place is a worry, Xerub says. It suggests Apple isn’t as confident in it as it is in iOS itself, which has shipped with a decrypted kernel since iOS 10.

“He added that while SEP is amazing tech the fact that it’s a ‘black box’ adds very little, if anything to security,” reports TechRepublic. “‘Obscurity helps security — I’m not denying that,’ he said, but added that relying on it for security isn’t a good idea.”

Public scrutiny, which is enabled by releasing the decryption key or shipping the SEP decrypted in the first place, only enhances its security in the long-run, he added. Making it easier for hackers to find flaws in turn makes it easier for Apple to identify and eliminate them.


Daily round-ups or a weekly refresher, straight from Cult of Mac to your inbox.

  • The Weekender

    The week's best Apple news, reviews and how-tos from Cult of Mac, every Saturday morning. Our readers say: "Thank you guys for always posting cool stuff" -- Vaughn Nevins. "Very informative" -- Kenly Xavier.