When cryptographers looked at iOS and Android security, they weren’t happy

In recent years, the feds have stopped asking for a workaround to get past Apple security. Why? It turns out that iOS, along with Android, is simply not as secure as those companies suggested.

CSO > Security automation
Vertigo3D / Getty Images

For years, the US government begged Apple executives to create a backdoor for law enforcement. Apple publicly resisted, arguing that any such move for law enforcement would quickly become a backdoor for cyberthieves and cyberterrorists.

Good security protects us all, the argument went.

More recently, though, the feds have stopped asking for a workaround to get through Apple security. Why? It turns out that they were able to break through on their own. iOS security, along with Android security, is simply not as strong as Apple and Google suggested.

A cryptography team at John Hopkins University just published a frighteningly detailed report on both of the major mobile operating systems. Bottom line: Both have excellent security, but they do not extend it far enough. Anyone who really wants to get in can do so — with the right tools.

For CIOs and CISOs, that reality means all of those ultra-sensitive discussions happening on employee phones (whether company-owned or BYOD) could be easy pickings for any corporate spy or data thief.

Time to drill into the particulars. Let’s start with Apple’s iOS and the Hopkins researchers' take.

“Apple advertises the broad use of encryption to protect user data stored on-device. However, we observed that a surprising amount of sensitive data maintained by built-in applications is protected using a weak ‘available after first unlock’ (AFU) protection class, which does not evict decryption keys from memory when the phone is locked. The impact is that the vast majority of sensitive user data from Apple’s built-in applications can be accessed from a phone that is captured and logically exploited while it is in a powered-on but locked state. We found circumstantial evidence in both the DHS procedures and investigative documents that law enforcement now routinely exploits the availability of decryption keys to capture large amounts of sensitive data from locked phones.”

Well, that’s the phone itself. What about Apple’s ICloud service? Anything there?

Oh yes, there is.

“We examine the current state of data protection for iCloud, and determine, unsurprisingly, that activation of these features transmits an abundance of user data to Apple’s servers, in a form that can be accessed remotely by criminals who gain unauthorized access to a user’s cloud account, as well as authorized law enforcement agencies with subpoena power. More surprisingly, we identify several counter-intuitive features of iCloud that increase the vulnerability of this system. As one example, Apple’s ‘Messages in iCloud’ feature advertises the use of an Apple-inaccessible end-to-end encrypted container for synchronizing messages across devices . However, activation of iCloud Backup in tandem causes the decryption key for this container to be uploaded to Apple’s servers in a form that Apple — and potential attackers, or law enforcement — can access. Similarly, we observe that Apple’s iCloud Backup design results in the transmission of device-specific file encryption keys to Apple. Since these keys are the same keys used to encrypt data on the device, this transmission may pose a risk in the event that a device is subsequently physically compromised.”

What about Apple’s famed Secure Enclave processor (SEP)?

“iOS devices place strict limits on passcode guessing attacks through the assistance of a dedicated processor known as SEP. We examined the public investigative record to review evidence that strongly indicates that, as of 2018, passcode guessing attacks were feasible on SEP-enabled iPhones using a tool called GrayKey. To our knowledge, this most likely indicates that a software bypass of the SEP was available in-the-wild during this timeframe.”

How about Android security? For starters, its encryption protections appear to be even worse than Apple’s.

“Like Apple iOS, Google Android provides encryption for files and data stored on disk. However, Android’s encryption mechanisms provide fewer gradations of protection. In particular, Android provides no equivalent of Apple’s Complete Protection (CP) encryption class, which evicts decryption keys from memory shortly after the phone is locked. As a consequence, Android decryption keys remain in memory at all times after ‘first unlock,’ and user data is potentially vulnerable to forensic capture.”

For CIOs and CISOs, this means that you have to trust either Google or Apple or, much more likely, both. And you must also assume that thieves and law enforcement can also access your data when they want, as long as they can access the physical phone. For a well-compensated corporate espionage agent or even a cyberthief with an eye on a specific executive, this is a potentially massive problem.

Copyright © 2021 IDG Communications, Inc.

It’s time to break the ChatGPT habit
Shop Tech Products at Amazon