eridius is right. Apple cannot update the firmware of the backend HSM clusters without data loss. (If you believe what they say.) They literally throw the signing keys into a blender. The article refers to device firmware not the iCloud backend.
Yeah, I got confused by HSM and Secure Enclave. I still think it is crackable given it is all secured by a user’s pin which can be verified on device by software Apple controls.
Of course Apple controls the software. Apple or any manufacturer could push an update overnight that disables all encryption and transmits your data to Donald Trump or whoever they want the next time you enter your passcode. There’s exactly zero “security researcher insight” in observing that.
The question is, if you trust that iOS and iCloud work the way Apple says they do (under oath), how vulnerable are they to an adversarial cloud. They have designed a system to keep your keychain safe under these conditions.
The attack is that you force Apple to update the OS for a person’s device w/ evil firmware. Then you crack the device by guessing the pin in a brute force manner. Then you unlock the data from the HSM with that guessed pin.
The conversation is about recovery of data stored off-device e.g.: on Apple's servers. There wasn't a discussion about recovery of information when the physical device is present.
HSM is a term used exclusively for server hardware, I believe. I know Apple devices (and some Android) use secure enclaves, but I don't believe they are referred to as "HSM"s.
I know. I conflated HSM and Secure Enclave incorrectly.
I agree Apple does well in the security arena, but they should do more to prevent software updates without erasing the device if the security key is not available.
Also, the article stated this:
“In short: Apple has designed a key vault that even they can’t be forced to open. Only customers can get their own keys.”
That was the part I was arguing with. Apple can get the keys if they were compelled to.
If Apple has access to the data, the government can compel them to turn it over. The whole point of this setup is that Apple doesn't have access to the data, because they can't get the keys, and they can't reconfigure the HSM to give it to them.
Now yes, they could in theory change iOS and push out an update to everyone that breaks the security model. But the government¹ can't compel them to do that. The government cannot compel them to materially change their product and break one of the major advertised features of the device.
¹I'm assuming US government here. The rules would be different in China, but I guess China knows that even they can't compel Apple to break the security model of the device in this way, Apple would rather leave China than do it.
