The Secure Enclave is a security coprocessor included with almost every Apple device to provide an extra layer of security. All data stored on iPhone, iPad, Mac, Apple Watch, and other Apple devices is encrypted with random private keys, which are only accessible by the Secure Enclave. These keys are unique to your device and they're never synchronized with iCloud.
[...] It's important to note that although the Secure Enclave chip is built into the device, it works completely separately from the rest of the system. This ensures that apps won't have access to your private keys, since they can only send requests to decrypt specific data such as your fingerprint to unlock an app through the Secure Enclave.
[...] Now, Chinese hackers from the Pangu Team have reportedly found an "unpatchable" exploit on Apple's Secure Enclave chip that could lead to breaking the encryption of private security keys.
[...] The only thing we know so far is that this vulnerability in Secure Enclave affects all Apple chips between the A7 and A11 Bionic [...] Apple has already fixed this security breach with the A12 and A13 Bionic chips
(Score: 2) by driverless on Monday August 03 2020, @01:39AM
We've (industry security group) ran into that problem as well when doing analyses of secure firmware update. Why do we need to keep updating the firmware? The vast majority of the time it's to patch holes in the crypto/security code that manages the secure firmware update. We were vastly more secure when firmware update was handled by someone moving a jumper and reflashing via USB, but apparently remote update is what all the cool kids are doing nowadays.