Sep 13, 2013 (10:09 AM EDT)
Apple Hackers Rate iPhone 5s Security
Read the Original Article at InformationWeek
That's one question on the minds of iOS hackers after Apple CEO Tim Cook this week unveiled the latest version of the iPhone smartphone. The new device includes not only a 64-bit A7 processor but also iOS 7, which features a number of security improvements.
To be clear, the iPhone 5s isn't for sale yet, so few -- if any -- security researchers have gotten their hands on one. But based on product specifications and a healthy dose of guesswork, here are six challenges -- and opportunities -- facing Apple hackers:
1. iOS Security Since iPhone 4s: Tough To Crack
Where smartphones are concerned, recent generations of the iPhone are quite secure, provided they've been correctly configured. "A powered-off iPhone 4s or later with a complex passcode is a freaking vault," tweeted security researcher Dino Dai Zovi, CTO at Trail of Bits and co-author of iOS Hacker's Handbook iOS Hacker's Handbook. "Apple did very well w/ passcodes + on-chip crypto."
[ Is the iPhone 5s's fingerprint scanner more trouble than it's worth? Read iPhone 5s Fingerprint Scanner: 9 Security Facts. ]
2. Security Improvement: 64 Bits
Apple's switch to a 64-bit processor for the iPhone 5s will also have security repercussions, not least for jailbreakers, who combine exploits against various iPhone bugs to gain root access to the devices. "Best part about everyone switching to 64bit ARM, it'll likely invalidate heaps of stockpiled 0days," tweeted the Grugq, a Bangkok-based broker between bug buyers and sellers.
But frustrating current zero-day vulnerability seekers will likely be only a short-term scenario. According to a related Reddit discussion, for example, "since the new iPhone 5s has a different type of chip, it will probably have new, specific bugs and possible exploits in [its] kernel / bootrom / software."
3. Screen Grab: Lifting Fingerprints
One potential -- and potentially elegant -- attack against the fingerprint reader would be to retrieve a user's fingerprint from the touchscreen and repurpose it to unlock the phone, in what's been dubbed a potential "phish finger" attack.
"The first thing I would try would be attacks against the thumbprint reader, like try and take prints from elsewhere on the phone and figure out how to replay those to the sensor to log in to the person's phone without having them around," Zovi told CNN. Another potential attack might be launched against the software used to digitize the thumb image.
Latest-generation fingerprint readers include "vitality" checks -- meaning the RF signal interacts with a finger below the skin layer and works only with "live digits." But reportedly this can also be spoofed. "The capacitance technology is relatively easy to defeat -- it's just a 'dumb' sensor detecting the appropriate Farad change," said Richard Henderson, security strategist and threat researcher for Fortinet's FortiGuard Labs, via email.
4. Biometric Data Secreted In A7 Processor
What about simply grabbing the stored fingerprint scan directly from processor memory and using that to spoof a user? In fact, directly accessing the biometric data could prove difficult: the A7 processor in the iPhone 5s includes a tailor-made area called Secure Enclave, which is designed to encrypt the fingerprint scans made by the device. As a result, the encrypted information reportedly can only be retrieved directly from the processor and can't be exported off of the device.
Despite that secure storage, Trail of Bits' Zovi recommended that security-conscious iPhone 5s users not rely on Touch ID until security researchers have had a chance to give it a full shakedown. "Until I know how data protection is keyed from Touch ID, I'm still recommending complex passcodes," he said.
But for any user who's currently not using a passcode on their phone -- perhaps Yahoo CEO Marissa Mayer, who earlier this week revealed that she doesn't lock her smartphone with a passcode -- Zovi emphasized that using Touch ID is better than nothing at all. "Half of iPhone users don't even enable a four-digit passcode," he said. "If Touch ID makes more people use passcodes and data protection, it's a win."
5. Biometric Security Backup
Further complicating would-be biometric attackers is the fact that Touch ID isn't an all-or-nothing proposition. To use Touch ID you will also have to create a passcode as a backup. Only that passcode can unlock the phone if the phone is either rebooted (for example, in the case of a full battery drain) or hasn't been unlocked for 48 hours, according to an anonymous post to Quora about Apple's new Secure Enclave. "This is a genius feature that is meant to stop set a time limit for criminals if try to find a way to circumvent the fingerprint scanner," the post read.
6. Enterprise Environments: Will Fingerprints Count?
But will business users tap Touch ID? Adoption may be complicated if fingerprints don't pass enterprise muster. As one network operations specialist and InformationWeek reader pointed out in an email, where biometrics fall down is Exchange compatibility. "Those systems with security policies in place to require a passcode on the mobile device will find the fingerprint reader is not compatible with Exchange EAS," he said. "Users will have to use a PIN anyway, much the same way swipe unlock is not supported on Android devices."