Apple and Google harden its smartphones against hackers and governments

Google and Apple regularly make changes to Android and iOS to improve the integrity of the hardware running those operating systems, making it less likely that an unauthorized party could gain access to data stored on them. Two changes, one in beta and one in a shipping device, up the ante for criminals, companies, and governments who have found ways or might force ways of bypassing protections.

Google stops trusting itself

Apple and Google both use secure components within their devices to store critical data in a manner that prevents extraction and deters physical tampering. For Apple, that’s all modern iOS devices; for Google, that’s currently only its Pixel 2 models, though Android P will allow other device makers to built this in. The secure module stores elements like credit-card numbers for payment, and the characteristics derived from fingerprints that are used to validate access to a device. Apple calls its module Secure Enclave, while Google doesn’t have a capitalized term for it.

With the Pixel 2, Google recently added a measure to protect users against a significant and potential threat that could led to the theft of critical cryptographic data that Google keeps under extremely tight security. Google, like Apple and other OS and hardware makers, has cryptographic signing keys that it uses to provide a layer of validation around software and firmware updates for its devices. There’s no effective way to forge a valid signature without possession of those keys. But if someone were to obtain the keys, an unauthorized entity could create software and firmware that a device would accept as valid. Such updates could suborn the hardware, and cause the device to send data to other parties or let them gain access to stored information that should otherwise be unavailable.

Google Pixel 2 phoneGoogle

Google Pixel 2

This would prevent a scenario such as the one during the 2015 San Bernadino shooting investigation, where the FBI demanded that Apple create a special version of iOS that the agency could install into a locked iPhone recovered the killers.The special version of iOS would let police bypass protections and delays in guessing passwords. (The FBI ultimately withdrew its request, claiming it had found another way in.) It’s unclear from Apple’s security guide and public statements whether it has removed that capability since then.

Google stated the concern in a blog post describing its new mitigation by noting that the few employees who have the ability to access the keys could be “open to attack by coercion or social engineering.” The post doesn’t mention government involvement.

Obtaining the signing keys is many orders of magnitude more significant than having a single phone or set of phones unlocked, and thus opens all Android users engaged in no criminal or suspect activity to examination and risk.

With the Pixel 2, the hardware security module the phone relies on to validate a user’s password cannot have its firmware upgraded without the correct entry of the user’s password even with a properly signed firmware update. Previously, Google trusted that it was the only party that could present such a thing; now, it no longer even trusts itself.

No more “Gray” area with USB port locking

On Apple’s side, the company has pushed out a feature that would deter the use of USB-based phone cracking devices, like the GrayKey. As previously reported, the firm Grayshift makes this device available to authorized law-enforcement agencies, with no warrant required, to crack iPhones with relatively short PINs. It relies on an unknown approach that bypasses Apple’s typical lockout for excessive password retries.

Be the first to comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.