tech

'Unpatchable' flaw found in iPhone's Secure Enclave: Here’s what it means for the user

Hackers claim to have found a permanent vulnerability in this Secure Enclave chip that could compromise iPhone, iPad and even Mac user data.

The Secure Enclave chip is a security processor that comes with almost all Apple devices. This provides an added layer of security. All data that is stored on the iPhone, iPad, Apple Watch, Mac etc is encrypted with random private keys that are only accessible by this Secure Enclave chip.
The Secure Enclave chip is a security processor that comes with almost all Apple devices. This provides an added layer of security. All data that is stored on the iPhone, iPad, Apple Watch, Mac etc is encrypted with random private keys that are only accessible by this Secure Enclave chip. (REUTERS)

Apple’s Secure Enclave Chip is one of the most important security advancement features the company has introduced over the last few years. This Secure Enclave chip encrypts and protects all sensitive data that is stored on the device.

Last month hackers claimed to have found a permanent vulnerability in this Secure Enclave chip that could compromise iPhone, iPad and even Mac user data.

What exactly is the Secure Enclave chip?

The Secure Enclave chip is a security processor that comes with almost all Apple devices. This provides an added layer of security. All data that is stored on the iPhone, iPad, Apple Watch, Mac etc is encrypted with random private keys that are only accessible by this Secure Enclave chip. These keys are unique to your device and thus they are never synced with the iCloud.

Besides encrypting your files, the Secure Enclave chip is responsible for storied keys that manage sensitive data like passwords, credit card information and biometric id that enables Touch ID and Face ID on these devices. This essentially makes it harder for hackers to get access to your personal data without your password.

Now, as 9to5Mac explains, while the Secure Enclave chip is built into the device, it works separately from the rest of the system and assures that apps don’t have access to your private keys since they can only send requests to decrypt specific data like fingerprint etc to unlock an app through this Secure Enclave.

Even in a jailbroken device that has full access to the system’s internal files, everything that is managed by the Secure Enclave chip remains protected.

Here’s a list of the devices that come with the Secure Enclave chip -

- iPhone 5s and later

- iPad (5th Gen) and later

- iPad Air (1st Gen) and later

- iPad Mini 2 and later

- iPad Pro

- Apple TV HD (4th Gen) and later

- Mac computers with T1 or T2 chip

- Apple Watch Series 1 and later

- Apple HomePod

What is this flaw and what can be affected?

This is not the first time that hackers have discovered a vulnerability related to the Secure Enclave chip. Back in 2017, some hackers were able to decrypt the Secure Enclave firmware to explore how it works. They, however, could not get access to private keys so users were not at risk.

This time around, according to reports, Chinese hackers from the Pangu Team have found an ‘unpatchable’ exploit on the Secure Enclave chip that could break the encryption of private security keys.

The fact that this is unpatchable means that the issue is a hardware-related one and not connected to software and therefore there is probably nothing Apple can do to fix this on devices that have already been shipped.

While there aren’t enough details about what exactly hackers can do with this particular vulnerability but having access to the Security Enclave could mean having access to passwords, credit card information etc. Reports state that this vulnerability in the Secure Enclave chip affects all Apple chips between the A7 and the A11 Bionic and is similar to the checkm8 exploit that allows jailbreak for all iOS devices up to the iPhone X.

Apple has fixed this security issue with the A12 and the A13 Bionic chips, so if you are using a newer Apple device then you have nothing to worry about. However, there are still millions of Apple devices out there that are on the A11 Bionic and older chips that could be affected.

Since this a hardware issue, very little can be done without Apple getting physical access to the device. So it remains to be seen how the company will fix it. 

Follow HT Tech for the latest tech news and reviews, also keep up with us on Twitter, Facebook, and Instagram. For our latest videos, subscribe to our YouTube channel.