Hacker News new | past | comments | ask | show | jobs | submit login

Then you should read older post by Elcomsoft (1), about Apple consciously degrading several layers of security in iOS11 (compared to iOS10) essentially to a PIN-code. Currently if you know PIN and have iPhone you can extract everything out of it, out of backups and out of iCloud.

(1) https://blog.elcomsoft.com/2017/11/ios-11-horror-story-the-r...




I read the blog post, it shows that if you give up your devices passcode then you give up access to essentially everything on that device. It would be nice to have additional layers of security, but do you think this was done as an anti-user move to support law enforcement? I can't quite see that as being the case.


Graybox should have anyone security conscious ensure that they and all people they care about are using custom alphanumeric passwords for their iOS devices.

Even "999999!" would be hard to guess if the domain space is unbounded.


I recently switched to a 15-character alpha-numeric/special characters passcode after reading an article by a security researcher.

A snippet from that article:

iOS estimated passcode cracking times (assumes random decimal passcode + an exploit that breaks SEP throttling):

4 digits: ~13min worst (~6.5avg) 6 digits: ~22.2hrs worst (~11.1avg) 8 digits: ~92.5days worst (~46avg) 10 digits: ~9259days worst (~4629avg)


source: https://twitter.com/matthew_d_green/status/98588500154278297...


These are easy to calculate, the iOS whitepaper[0] specifies that it uses a PBKDF2 iteration count tuned for 80ms.

The passcode is 'entangled' with a per-device 'UID' that only exists in silicon, not accessible by any firmware.

It seems that the current GrayKey attacks are closer to ~1s/guess.

My last post on the topic: https://news.ycombinator.com/item?id=16833802

[0] Page 15 https://www.apple.com/business/docs/iOS_Security_Guide.pdf


What is SEP throttling?


I believe SEP = Secure Enclave Processor - iOS has it throttle passcode input requests. Visibly this results messages like "iPad is Disabled. Try again in 5 minutes".

I'm not sure how GrayKey bypasses this...


Ah OK sure. Interesting that the rate limiting is done at the hardware layers and not the the OS.


The type of login be changed though, to anything you want; e.g. it can be a long text passphrase.


The point is - it is now a single point of failure and it is probably not very feasible to expect to enter long password every time you unlock the phone. And no, biometrics is not a replacement. Biometrics is a login, not a password. You can't change your compromised biometrics unlike passwords.


But you can disable the biometric logon automatically. Either screwing it up too many times (like touching the wrong finger) or by quick-tapping the power button a number of times - upon which it falls back to the stronger password.

If you're in a position where you know bad guys with guns are coming, you can just power the phone down.

If you know they're coming but don't have much time, or you're unsure, you just thwack the power button a few times.

If you don't know they're coming, you're kind of screwed, but then again you would be anyways.


Can we stop making the iPhone unlock scenarios involve guns? That's a super atypical case.

Snoopy spouse seems like a far more believable user of forced biometric unlocking (e.g. capturing your fingerprint for TouchID while you sleep).


If the bad guys with guns are coming and they want to decrypt your phone, they can beat it out of you - rubber hose decryption is remarkably effective.


What if we could?




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: