Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

The difference being that Tim Cook handed Beijing the iCloud private keys for Chinese users


How did he do that without completely rearchitecting how iOS works? Do you have any citations?


This is about the architecture of iCloud not iOS. Apple has the keys to all encrypted iCloud data (iCloud email is not encrypted at rest).

The only exception is iCloud keychain, but I believe only if you decline the default setting to create an iCloud security code (I'm not entirely sure about that)

https://support.apple.com/en-us/HT202303


I'm not saying that this is what happened and I don't know the background of this story, but it would have been easy (technically speaking) to just push an update to Chinese users that will extract their private key and send it back to Apple without any significant changes.


AFAIK the Secure Enclave chip is specifically designed to make this impossible. There is no planned method to extract the private key from it. ("Planned method" meaning anything that's not an exploit or an electron microscope.)


Maybe generate the key in the normal processor, send it to apple for escrow, and then push the key to the secure enclave? I have no idea whether the secure enclave supports loading existing keys, but generally this is how it's done.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: