New ‘Unpatchable’ Exploit Allegedly Found on Apple’s Secure Enclave Chip, Here’s What It Could Mean
upstart writes in with an IRC submission for nutherguy:
The Secure Enclave is a security coprocessor included with almost every Apple device to provide an extra layer of security. All data stored on iPhone, iPad, Mac, Apple Watch, and other Apple devices is encrypted with random private keys, which are only accessible by the Secure Enclave. These keys are unique to your device and they're never synchronized with iCloud.
[...] It's important to note that although the Secure Enclave chip is built into the device, it works completely separately from the rest of the system. This ensures that apps won't have access to your private keys, since they can only send requests to decrypt specific data such as your fingerprint to unlock an app through the Secure Enclave.
[...] Now, Chinese hackers from the Pangu Team have reportedly found an "unpatchable" exploit on Apple's Secure Enclave chip that could lead to breaking the encryption of private security keys.
[...] The only thing we know so far is that this vulnerability in Secure Enclave affects all Apple chips between the A7 and A11 Bionic [...] Apple has already fixed this security breach with the A12 and A13 Bionic chips
Read more of this story at SoylentNews.