• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: [Fed-Talk] Charlie Foxtrot for iOS devices in US Government?
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Fed-Talk] Charlie Foxtrot for iOS devices in US Government?

  • Subject: Re: [Fed-Talk] Charlie Foxtrot for iOS devices in US Government?
  • From: William Cerniuk <email@hidden>
  • Date: Thu, 31 Mar 2016 12:36:23 -0400
>> Does anyone know which iPads have the secure enclave
http://bfy.tw/51oj

Those that got an “A” in security per-se…A6, A7, A8, A9

:->

--
R/Wm.

Ph: 703.594.7616
AppleID: email@hidden




> On Mar 31, 2016, at 11:38 AM, Miller, Timothy J. <email@hidden> wrote:
>
> Any model that has the A7 CPU or later, I believe.  The iOS secure enclave is based on ARM TrustZone, a.k.a. Trusted Execution Environment (TEE).  TrustZone was integrated into the A7 chip.
>
> -- T
>
>> -----Original Message-----
>> From: fed-talk-bounces+tmiller=email@hidden [mailto:fed-talk-
>> bounces+tmiller=email@hidden] On Behalf Of Marcus, Allan B
>> Sent: Thursday, March 31, 2016 10:27 AM
>> To: Dave Schroeder <email@hidden>
>> Cc: Apple Fed-Talk List <email@hidden>
>> Subject: Re: [Fed-Talk] Charlie Foxtrot for iOS devices in US Government?
>>
>> Thanks. Does anyone know which iPads have the secure enclave?
>>
>> --
>> Thanks,
>>
>> Allan Marcus
>> Los Alamos National Laboratory
>> 505-667-5666
>> email@hidden
>>
>>
>>
>>
>>
>>
>>
>>
>> On 3/29/16, 2:02 PM, "Dave Schroeder" <email@hidden> wrote:
>>
>>> Yes, just using "attacker" in the generic sense.
>>>
>>> I think the issue here is more that when a device is an an "attacker's"
>> physical possession, there are a lot more possible mechanisms of defeat.
>> Here, the iPhone 5c and earlier really came from an era when there was a
>> different overall priority placed on the security of iOS hardware and
>> software, e.g., from government intrusion.
>>>
>>> So we have a situation where deficiencies or shortcomings in devices
>> without the hardware-based security enclave may be susceptible to
>> additional attack vectors. It appears that DOD, for example, considers any iOS
>> device that has the capability to run iOS 9.x to meet the overall requirements
>> for their managed mobility programs.
>>>
>>> Without knowing the specific attack vector or exactly what was defeated,
>> it's difficult to know if it was just the fact that it had a 4-digit PIN, a
>> vulnerability in the particular version of iOS 9.x the device was running, a
>> deficiency in the iPhone 5c hardware, a more generic flaw, or a combination
>> of any/all of the above.
>>>
>>> I am operating under the assumption that it's likely due to the fact that it's
>> 1. older hardware (without HW enclave) and 2. in physical possession. I think
>> the main issue protecting against device loss, and having policies and
>> procedures which support quick identification and remote wiping of lost,
>> stolen, or misplaced devices.
>>>
>>> Dave
>>>
>>>> On Mar 29, 2016, at 2:26 PM, Marcus, Allan B <email@hidden> wrote:
>>>>
>>>> Of course. In this case the “attacker”, from the perspective of the iPhone,
>> was the FBI. They got into the phone rather quickly (once they found people
>> that knew what they were doing). It seems the conventional wisdom is that a
>> short password combined with an older phone allowed for a relatively easy
>> crack. That said, in 3 years our current iPhone 6s will be an “old phone”. I
>> wonder if by then firms like Cellebrite will have figured out how to break into
>> an iPhone 6s.
>>>>
>>>> I’m just looking for lessons learned here. We manage our devices and
>> require a 8 character complex password and we allow TouchID. Sure, I know
>> TouchID can be spoofed, but there is the two day timeout to contend with.
>> I’m just wondering if even an 8 character complex password is sufficient on
>> “older” devices? Also, what constitutes and “older” iPad?
>>>>
>>>> --
>>>> Thanks,
>>>>
>>>> Allan Marcus
>>>> Los Alamos National Laboratory
>>>> 505-667-5666
>>>> email@hidden
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> On 3/29/16, 12:21 PM, "Dave Schroeder" <email@hidden>
>> wrote:
>>>>
>>>>> I can tell you that DOD, for its part, considers any/all iOS devices capable
>> of running iOS 9.x -- even including the older devices -- to be "safe", when
>> properly managed.*
>>>>>
>>>>> My own personal opinion is that the biggest challenge with mobile
>> devices, even with encryption and so on, is losing them, or an attacker
>> gaining physical access to devices.
>>>>>
>>>>> Dave
>>>>>
>>>>> * This implies things like enrollment in MDM, PIN/passcode
>> enforcement, etc.
>>>>>
>>>>>> On Mar 29, 2016, at 1:03 PM, Marcus, Allan B <email@hidden> wrote:
>>>>>>
>>>>>> What iPad versions are "safe", including the Mini?
>>>>>>
>>>>>>
>>>>>> ---
>>>>>> Thank you,
>>>>>>
>>>>>> Allan Marcus
>>>>>> Los Alamos National Laboratory
>>>>>> 505-667-5666
>>>>>> email@hidden
>>>>>>
>>>>>>
>>>>>> From: Dave Schroeder <email@hidden>
>>>>>> Date: Tuesday, Mar 29, 2016, 9:59 AM
>>>>>> To: Marcus, Allan B <email@hidden>
>>>>>> Cc: Apple Fed-Talk List <email@hidden>
>>>>>> Subject: Re: [Fed-Talk] Charlie Foxtrot for iOS devices in US
>> Government?
>>>>>>
>>>>>> On Mar 29, 2016, at 10:37 AM, Marcus, Allan B <email@hidden> wrote:
>>>>>>
>>>>>>> So, the FBI, with the help of a third party (probably Israeli firm
>> Cellebrite) seem to have decrypted an older iPhone. Another assumption is
>> that the iPhone only had a 4 digit passcode.
>>>>>>
>>>>>> It wasn't an assumption, for what it's worth; it was openly stated that
>> the device had a 4-digit PIN.
>>>>>>
>>>>>>> Assuming we use 8 character complex passcodes and TouchID, and
>> assuming most of our phone are 5s or newer, does the US government have
>> anything to worry about here?
>>>>>>>
>>>>>>> What version of the iPhone and the iPad are “safe” from this type of
>> cracking, although it’s a given we don’t know exactly what they did. Anyone
>> know anyone in the FBI to get a lessons learned on how to protect Govt. iOS
>> devices?
>>>>>>
>>>>>> Yes. Keep your device patched. Use modern devices (iPhone 5s or 6
>> and newer).
>>>>>>
>>>>>> *** Don't lose your device, or lose physical control of your device. ***
>>>>>>
>>>>>> DISA/DOD, for instance, doesn't do anything "special" in this regard for
>> iOS devices.
>>>>>>
>>>>>> Dave
>>>
>
> _______________________________________________
> Do not post admin requests to the list. They will be ignored.
> Fed-talk mailing list      (email@hidden)
> Help/Unsubscribe/Update your Subscription:
>
> This email sent to email@hidden


 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden
  • Follow-Ups:
    • Re: [Fed-Talk] Charlie Foxtrot for iOS devices in US Government?
      • From: "Miller, Timothy J." <email@hidden>
References: 
 >[Fed-Talk] Charlie Foxtrot for iOS devices in US Government? (From: "Marcus, Allan B" <email@hidden>)
 >Re: [Fed-Talk] Charlie Foxtrot for iOS devices in US Government? (From: "Marcus, Allan B" <email@hidden>)
 >Re: [Fed-Talk] Charlie Foxtrot for iOS devices in US Government? (From: "Miller, Timothy J." <email@hidden>)

  • Prev by Date: Re: [Fed-Talk] Charlie Foxtrot for iOS devices in US Government?
  • Next by Date: Re: [Fed-Talk] Remediating & Patching Macs
  • Previous by thread: Re: [Fed-Talk] Charlie Foxtrot for iOS devices in US Government?
  • Next by thread: Re: [Fed-Talk] Charlie Foxtrot for iOS devices in US Government?
  • Index(es):
    • Date
    • Thread