A Hacker has decrypted the firmware that manages the Touch ID and other iOS security systems

Within the recent Apple devices there is a “Secure Enclave Processor” that manages iOS security. The firmware of this component has been recently decrypted by a hacker.

The Xerub hacker has decrypted the “Secure Enclave Processor” firmware by publishing parts of his work on  GitHub . Apple security systems remain protected, but hackers may find some vulnerabilities in the operating system they own.

The “Secure Enclave Processor” (SEP) has been plugged into Apple devices since iPhone 5s, the first device equipped with Touch ID. This component is completely separate from the main operating system – iOS, to avoid possible kernel attacks. The SEP is then managed by a dedicated firmware, equipped with various security measures. This operating system was recently discovered, extracted and decrypted by the hacker Xerub.

According to an Apple spokeswoman, this does not imply any danger to the security of iOS devices. The firmware in question has numerous security levels, protected with unique encrypted keys for each device. Despite this, some security flaws in the firmware could be discovered, allowing hackers to access sensitive data such as our fingerprints, security passwords, and so on. The same Xerub has released the decryption key on its Twitter profile, allowing other researchers to unlock the firmware.

We do not know how Apple will react to the issue. Certainly some security hackers will try to “attack” the firmware, trying to find some vulnerabilities. For the time being, however, Apple devices are still safe, thanks to the unique key generated for each device when it is started.

Via | MacRumors

Add Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.