Lost iDevices security?

The trouble about Apple (in)Secure Enclave

Finally they did it!

Chinese team Pangu found a security flaw that allows access to content stored on Apple Secure Enclave, the coprocessor charged to store credentials, credit card numbers and other sensible informations on your iDevice.

More details can be found on this article of MacWorld and affects all devices starting iPhone 5s to iPhone X, iPads of 5th, 6th and 7th generation and iPad mini 2, 3 and 4.

So, plenty of devices!

The great news is that to violate your device’s security enclave, crooks has to physically access your iDevice: An attack cannot be performed remotely; once again please be very careful about how to use your device!

Cellphone charging station by NSA...
Please be careful about WHO touch your iDevice!

The bad news is that this flaw cannot be repareid: It’s an hardware problem.

New devices are not affected by such issue.

I’d like to spend some words about AnoniCloud.

Since the beginning, here at AnoniCloud, we believed that the safest place to store your credentials is your brain. In the early beta we voluntarily avoided to support storing credentials in your keyring (so into secure enclave) but user’s feedback was clear: Provide biometric access, provide automatic login when app open, so store credentials on device.

We satisfied user’s requests providing the best of both worlds: Our users can explicitly choose to store their credentials on keyring to allows such login comforts or disable everything (it’s our default!) and manually insert username and password.

Trust your mind only
We strongly believe that your brain is the safest place in the world! Comfort has a price.

Just be warned and aware that your device is a very complex machine, built above billions of transistors (hardware) and lines of code (software) that is the result of the job of several engineers spread around the world: The matter is not if it’s contains bugs but how many bugs it contains.

In 1982, when I was 11, for the first time I’ve seen live a computer. It was an IBM/360; in 1983, for the first time in my life, I’ve turned on my own computer. In 1985 on my desk appeared a mouse and a box with some 5” 1/4 floppy disk. Now I’m about 50; every morning I open the lid of my MacBook Pro, that is n times powerful, faster and smaller than the IBM/360, the VIC-20 and the Apple //c together. But nothing can overcome the emotion I felt entering that noisy machine room, of writing on such ridicolous, small screen and of smelling the plastic of my earlier, outdated, mass memory supports.