Nov 26, 2017

See this blackhat paper for some detail. https://www.blackhat.com/docs/us-16/materials/us-16-Mandt-De...

Nov 25, 2017

Maybe for a casual reader, but nothing is misleading about the headline unless you don’t understand how Apple’s Secure Enclave Processor (SEP) works.

For more on that, as mentioned in the linked page, there’s the “Demystifying the Secure Enclave Processor” talk from Blackhat:

https://www.youtube.com/watch?v=7UNeUT_sRos

Or here’s the PDF:

https://www.blackhat.com/docs/us-16/materials/us-16-Mandt-De...

Sep 21, 2017

The prerequisite for mounting this attack is kernel code execution already [0]:

> We show that a malicious kernel driver ...

As per [1] the Power management unit is shared between the Application Processor (AP) and the Secure Enclave Processor (SEP) so this attack might work against iPhones as well.

[0] https://www.usenix.org/conference/usenixsecurity17/technical... [1] https://www.blackhat.com/docs/us-16/materials/us-16-Mandt-De...

Jul 24, 2017

There was a nice in-depth analysis of the SEE at [0]. Furthermore, Apple has been very fast in fixing security issues, and rolling out updates to all of their user base, as opposed to the "These issues probably will never be fixed, buy an S8 instead" mentality shown from the Android vendors.

[0] https://www.blackhat.com/docs/us-16/materials/us-16-Mandt-De...

Mar 25, 2017

TrustZone was announced 2012 (?). The Security Enclave is a separate very Apple designed chip. They've patented aspects of it, dated also 2012:

https://www.blackhat.com/docs/us-16/materials/us-16-Mandt-De... https://www.google.com/patents/US8832465