Apple and app developers don’t make enough use of the security features available in iOS. Renowned IT security experts at Johns Hopkins University are convinced of this. According to the US magazine Wired They criticized the current procedure, in some cases sharply. He was "really shocked", said crypto expert Matthew Green, because he had thought that these devices would protect "protect user data well". He wondered why there was a need for the much-demanded backdoors for law enforcement.
Gradations in security
Specifically, Green and his colleague Maximilian Zinkus, who specializes in iOS security, are concerned with the fact that hierarchical locking is simply not used in broad strokes. When an iPhone boots up, it is initially in what is called "Complete Protection"-mode before the user unlocks it. Then the unlocking takes place.
Problem Quick Access
After that a large part of the data of the system and apps ends up in the area "Protected Until First User Authentication" (protected until first user authentication). This state is less secure, according to the Johns Hopkins researchers, because the keys necessary for decoding the device data automatically move to the quick-access memory area. This is to allow applications to have faster access.
Use by hacker tools
Although this is not fundamentally unsafe. However, this means that attackers who manage to bypass basic iOS security can access it significantly more easily than in the "Complete Protection"-Mode. The researchers believe that hacking tools used by security agencies, such as Grayshift, exploit this decision by Apple. They can completely "open" and often use still openly unknown gaps for it.
Apple: Continue to develop
Johns Hopkins researchers call on Apple to address the problem. Opposite Wired the company said Apple devices are equipped with several "with several layers of security" layers to protect against "against a wide range of potential threats" threats. They are "We are constantly working to add additional protections for our users’ data". Whether this means Apple is responding to criticism from Green Co. remains to be seen. The company also said that the attacks described above are very "very expensive" and attackers had to have the device physically in front of them. Apparently, Apple sees its current strategy as a compromise between security and ease of use.