In August 2016, at the Black Hat security conference in Las Vegas, well-known security researcher Mathew Solnik dangled an answer in front of an audience of security pros, hackers, and iPhone-cracking researchers who wanted to know: How did his team become the first to disembowel the iPhone to get at its data-encryption processor?
He dangled, but he didn’t deliver. As Motherboard’s Lorenzo Franceschi-Bicchierai recalls, Solnik only had this zero-calorie snack packet of air to give to his extremely inquisitive listeners:
Well, you get to ask us next time we talk.
Solnik said the same to Franceschi-Bicchierai after his talk, which was about the work done by his team on the iPhone’s Secure Enclave Processor (SEP) – the processor that handles data encryption on the device that oh, so many law enforcement and hacker types spend so much time complaining about… or, as the case may be, cracking for fun, fame and profit.
Motherboard, for which Franceschi-Bicchierai writes, did not simply sit and chew over Solnik’s evasion. Rather, it launched a months-long investigation that found what the publication thinks is the answer (but which, mind you, Solnik says is based on nothing but rumor).
Motherboard’s sources say that Solnik and his former colleagues – David Wang and Tarjei Mandt, a team who are all well-known in the iPhone jailbreaking community – got their hands on prototype phones.
Such devices are called “dev-fused” iPhones, and they’re created for internal use at Apple in order to extract and study the SEP software. The iPhones have either not completed the production process, or they’ve been reverted to a development state.
As such, these rare, “pre-jailbroken” iPhones have many security features disabled – a convenient feature for researchers looking to see how they tick and to discover previously unknown iPhone vulnerabilities known as zero days, which can be worth millions of dollars.
The supply chain goose that keeps laying “golden eggs”
These phones are, in fact, “golden eggs,” as one iPhone jailbreaker who asked to be identified as Panaetius told Motherboard. They’re the key to getting around the wall of encryption Apple puts around the SEP and other key components to (try to) ensure that the SEP operating system can’t be extracted or reverse-engineered.
Give a cracker an inch, and they’ll take a mile – exactly what some researchers have done when, following Solnik’s talk, they got their hands on dev-fused iPhones. Motherboard quoted Panaetius, who says he’s bought and re-sold several dev-fused devices:
It’s kind of the golden egg to a jailbreaker. Here’s a device where you can slap all the security mechanisms out of the way. Because there are still security mechanisms on a development fused device, but you can kind of just push them.
For sale: Keys to the kingdom
These golden eggs aren’t supposed to slip out of the production pipeline, but they do. They’re sold by “smugglers and middlemen” for thousands of dollars to hackers and security researchers, Motherboard reports.
Sometimes, they’re stolen from Apple’s factories in China, or from its development campus, according to what one person who sells the devices on Twitter told Motherboard.
Another source, Andrew “Bunnie” Huang, a hardware security researcher, told the publication that he sometimes sees the devices being sold by people who don’t realize how valuable they are:
The gray market guys don’t even know what they sit on half the time. They are just trading trash for cash.
It gives you a new attack surface that’s not as heavily fortified. They don’t put the metaphorical lock on the door until the walls are built on the house, so to speak.
Apple knows what’s up but can’t seem to stop it
Several sources from inside Apple or in the jailbreaking community told Motherboard that they believe that Apple is trying to crack down on these devices escaping the production pipeline and that it’s putting more effort into going after people who sell them. The company would have to be living under a rock not to be aware, given that Solnik teased his Black Hat talk by Tweeting a screenshot of a terminal window that showed that he’d obtained the SEP firmware.
How, exactly, did Solnik and his team decrypt and reverse-engineer the firmware? They still aren’t saying. What we do know: everybody except Apple is loving the dev-fused iPhones. Motherboard quoted Viktor Oreshkin, an iOS security researcher:
To be honest everyone benefits from Apple’s lousy supply chain management. Except Apple, obviously.
Matt Parkes
So are we saying that all the hype around the Apple SEP is BS and that to store your credit card in Apple Pay is not so good after all?
Paul Ducklin
Doesn’t sound like that to me. For example, there aren’t any jailbreaks that I know of for the last two iOS versions yet – not even tethered, as far as I can see – so for all that some of the secrets of the SEP may now be known, that alone doesn’t mean that the SEP itself is “broken” or easily breakable on the phones the rest of us get.
Anonymous
Good to know, Paul. Thank you.
nightFlight
Tools of this nature are only valuable if they remain out of the public knowledge. Once we’ll known it’s generally available and patched.