Marius Schober

Embracing the Mysteries, Unveiling the Realities

The Real Highlight Isn’t the iPhone 7 itself

Photo: Apple Inc. 

Yesterday was the Apple Keynote Event – the world’s best-known press conference where Apple is announcing yearly their new products and software. Apple announced a new Apple Watch, which now is swim proof, and a new shiny iPhone 7 which was presented as the world’s best smartphone ever. Whether or not the new iPhone 7 is the world’s best smart phone or not Apple professionally talked around its most important new feature: the improved and most advanced security of Apple’s new operating system iOS 10.

The Real Highlight: Security & Encryption

So far no one really talked about the enhanced security of the new iOS 10 while the FBI and other law enforcement’s hair around the world probably stood on end. Everyone who will buy the new iPhone 7 will buy a phone which is everything but impossible to hack. Apple will start shipping its new flagship phone the coming week and with its launch millions of people will drop their old phone and switch to the new iPhone 7 or iPhone 7 Plus. But an upgrade to the most secure mobile operating system will not only be able by buying a new iPhone, it will also be available as an update to all other iPhones, iPads, and the iPod. On the 13th of September, basically overnight, law enforcements all over the world will have no access to any data of any iOS 10 device anymore.

A few months have passed since the FBI was grabbing headlines in all major newspapers around the world as they tried Apple to build a backdoor into its operating systems. This case started a large discussion about how far citizen’s rights for privacy and secure data reach and how far the law enforcements of the government should be allowed to access our private data.

When Apple refused to make the data of the encrypted iPhone of the San Bernardino terrorist available to the FBI it paid hackers to do so. Of course, this put Apple – the world’s largest tech company – in a pretty miserable situation. Apple’s customers need to trust Apple as it already collects millions of credit card details and of course, stores the most sensitive data in the iCloud Keychain. In the iCloud Keychain, users can store their sensitive user data, health data, passwords, and credit cards.

Trust is essential for Apple’s success, especially as it is rolling out Apple pay in more and more countries: to Japan in October.

Since the FBI incident, Apple has increased and even doubled their efforts for encryption and security in its new iOS. Tim Cook, Apple’s CEO, has not talked a lot about security yesterday. The announcement of iOS 10 ‘s security features happened more around multiple events in the last couple of weeks and months.

Ivan Krstic Apple’s head of security engineering gave a talk over 50 minutes at the Black Hat Conference. The Black Hat Conference is an annual event for the global Information Security community.

“HomeKit, Auto Unlock, and iCloud Keychain are three Apple technologies that handle exceptionally sensitive user data – controlling devices (including locks) in the user’s home, the ability to unlock a user’s Mac from an Apple Watch, and the user’s passwords and credit card information, respectively. We will discuss the cryptographic design and implementation of our novel secure synchronization fabric which moves confidential data between devices without exposing it to Apple while affording the user the ability to recover data in case of device loss. Data Protection is the cryptographic system protecting user data on all iOS devices. We will discuss the Secure Enclave Processor present in iPhone 5S and later devices and explain how it enabled a new approach to Data Protection key derivation and brute force rate limiting within a small TCB, making no intermediate or derived keys available to the normal Application Processor. Traditional browser-based vulnerabilities are becoming harder to exploit due to increasingly sophisticated mitigation techniques. We will discuss a unique JIT hardening mechanism in iOS 10 that makes the iOS Safari JIT a more difficult target.” Ivan Krstic

Ivan Krstic even announced Apple’s bug bounty program where invited researchers (you can call them hackers) can earn up to $200,000 when finding security vulnerabilities in Apple’s iOS.

Also, Craig Federighi who is a senior vice president of software engineering at Apple reassured in June 2016 to all developers that Apple is committed to the highest level of encryption.

No matter how you like the new hardware features of the new iPhone 7 or iPhone 7 Plus, don’t underestimate the powerful operating system behind it. iOS 10 is the nightmare of FBI agents and you as a consumer and citizen should cherish the hard work of Apple to make the new iOS the most secure operating system so far.


Discover more from Marius Schober

Subscribe to get the latest posts to your email.

100% free. No spam ever. Unsubscribe anytime.

Leave a Reply

Discover more from Marius Schober

Subscribe now to keep reading and get access to the full archive.

Continue reading