Apple’s Million Dollar Security

Apple inc. often boasts about its security capabilities. As announced at WWDC16, there has still been no malware seen at scale affecting iOS devices. This is vitally important when we consider the sheer volume of personal information stored on our mobile devices. But what gives Apple this secure advantage over other mobile platforms? Per their WWDC16 presentation it comes to three core “iOS Security Pillars”. As my background is as an electrical engineer, I’ll only focus on one of these… the hardware or platform.

iOS Platform Security

The key feature in iOS security lies in the very hardware of the devices. Security is literally built into the silicon at the device core. Every phone stores Apple’s public keys in physical silicon within the device in a section of Boot Rom inside the Application Processor. This key is then used to boot the device in a lock chain starting at the Low-level bootloader, iBoot and then Kernel. If any of these processes are not signed with Apple’s private keys then the device will refuse to boot. This key is also then used to authorise updates for each device as well. If the key is missing, the update doesn’t happen. This ensures that a device remains within the Apple ecosystem and does not fall prey to a man in the middle attack.

IMAGE: Apple’s public key is used to verify each stage of the iOS boot has been digitally signed with Apple’s private key.

The only place this private key is stored is within Apple itself. One can assume that is heavily guarded and secured.

The Apple public key is not the only key used on the device to ensure security. User keys are stored within the physical silicon design of the A7 or later processors. This area of the processor is known as the Secure Enclave (SEP). The SEP setup during manufacturing with unique data that is NOT known to apple. This data is used to then encrypt the storage of the SEP and is used as the basis for the cryptographic functions. This means that users data, such as fingerprint data, is encrypted at the most basic level and cannot even be accessed by Apple. Furthermore, if a device has more than 10 unsuccessful unlock attempts the SEP will refuse to communicate with the device. FBI, eat your heart out.

IMAGE: Apple stores user keys encrypted in the “Secure Enclave” a section of the physical silicon hardware of the A7 Processor.

Another feature of the platform is the fact that applications are run within their own sandbox. This process isolates data between the app and other apps to ensure security should a developer have made a mistake that creates vulnerabilities within the system. Combined with transparent permissions means users know exactly what an app can do. This doesn’t solve developers requesting permissions that are not needed but, that’s a work in progress. Every app is also signed digitally by apple to ensure anything running on the phone is legitimate. An attacker’s first step is usually to execute malicious code. If this code isn’t signed, it won’t be run.

The last key to the platform lies in the Touch ID. Apple didn’t just install a fingerprint sensor. Apple made sure this data was encrypted at the most basic level so that even they can’t access your biometrics. This is stored in the SEP and users report that the fingerprint sensor cannot simply be replaced. The inclusion of Touch ID has seen an increase of users using passcodes on their devices from 1 in 2 to 9 in 10.

Apple highlights the importance of security in the WWDC16 presentation. As with all measures though, people always attempt to circumvent and find flaws. Unlike other platforms though, Apple’s measures generally require exploits from 5-10 vulnerabilities to create a jailbreak. Such a jailbreak is estimated to have a black-market value of over $1million USD.  Comparison exploits on the black-market are estimated to sell from between $5,000 to $15,000 USD.

Is Apple’s security really a million-dollar business? In ten years of functioning they have not seen “any malware at scale” and have even fought off attempts by nation states and others to compromise data. You may not be an Apple “fanboi” but there are certainly lessons we can learn from their approach to security as a process and not a destination. My only hope is that they incorporate the same SEP technology in their other computer products especially with the release of their new Apple File System (APFS).