in

Pangu team demonstrates iOS 14 jailbreak: “unfixable” vulnerability found in Secure Enclave

At the Mosec 2020 conference held a few days ago, the domestic jailbreak team Pangu discovered a “permanent” vulnerability in Apple’s Secure Enclave security coprocessor. This may put iPhone, iPad, Mac, Apple Watch and other Apple devices at risk.

2020080214472868350

The Secure Enclave security coprocessor is almost the standard configuration of Apple products. It can provide additional security protection for Apple devices. It uses random keys to encrypt data, and only Secure Enclave can access it. These keys are unique to your device, and they will never be synchronized with iCloud.

In addition to encrypting your files, Secure Enclave is also responsible for storing keys to manage sensitive data, such as passwords, credit cards used by Apple Pay, and even your biometrics to enable Touch ID and Face ID. This makes it more difficult for hackers to obtain your personal data without a password.

It should be noted that although the Secure Enclave chip is built into the device, its working principle is completely separated from the rest of the system. This ensures that applications will not access your private key, because they can only send requests to decrypt specific data, such as your fingerprint, to unlock the application through the Secure Enclave. Even if your device has been jailbroken, you can fully access the internal files of the system, but everything managed by Secure Enclave is still protected.

The current devices using the Secure Enclave chip include

Share this:

Leave a Reply