Craig helps to unravel the mystery behind disk encryption and tells you what you need to know.

For more tech tips, news, and updates, visit – CraigPeterson.com

Trojan Malware Targets Trump Supporters

Nmap 7.90 released: New fingerprints, NSE scripts, and Npcap 1.0.0

Tyler Technologies finally paid the ransom to receive the decryption key

5G in the US averages 51Mbps while other countries hit hundreds of megabits

Apple’s T2 security chip has an unfixable flaw

Verizon Payment Security Report is a Wake-up Call: Time to Refocus on PCI DSS Compliance

Android Ransomware Has Picked Up Some Ominous New Trick

Automated Machine-Generated Transcript:

Craig Peterson: [00:00:00] Hey, welcome back in this hour, we are going to be talking about security, hardware, security. You might not be aware of it. we’re going to be talking about trusted platforms and hardware, encryption, and keys because this is the only thing that’s really going to protect you.

 Thanks for listening. I’m Craig Peterson.

Let’s talk about that security. That’s what we’re going to kick off this hour with. And we’re going to get into our new Verizon security report on payment, and then we’ll get into some Android stuff, but. We had this week and announcement here. And this is about Apple. Apple has built hardware security inside most of its devices that includes the iPhones and include your Macs and Mac pros. You name it, really the iMacs, the Mac minis. They all have the hardware. Inside of them to help provide security. Now in the Apple world, it is a chip that Apple makes it’s called a T2 security chip, and that makes sure that people cannot get onto your computer.

The whole idea is if they have physical access to the computer, they cannot get inside. They can’t make it boot off an external drive. They can’t do just a whole ton of things get real deep system access. Back in the day, you used to boot off of read-only memory. Or proms, programmable read-only memory, those BIOSes that was in so many of the consumer pieces of equipment out there, and even some of the prosumer stuff that many businesses use. Those BIOSes were really cool, but they weren’t secure at all.  The hard disks that machine could easily be removed and put onto another machine, they didn’t even have to be booted up. You could just have another machine of a, for instance, my Mac, I can take a disk from a Windows computer. I have a device sitting there that’s hooked up full time. That allows me to just plug a hard disc. just, you just slide it, And while the machine is up and running and it will Mount that disk. And let me do whatever I need to do investigative work or whatever, it might be very cool devices.

 I can have two of those disks that I just plugin. I also use them for my video, where I am recording directly to SSDs. I move SSDs around, which is much faster than trying to push them over gigabit ethernet. So Apple has decided that this T2 chip is a good thing and it uses the T2 chip for a few different things.

Once we’re talking about your hard disc itself, the newer hard disks at the higher end and have the ability. To encrypt the data on the disc, which is, it’s good. It’s great. But that data that’s encrypted on that disk can be read by the operating system. And that’s the whole idea, right? If you can’t read the disk, what good is it for you?

So any data that’s stored on that encrypted data is still available for your programs and is still available for hackers. So the disc encryption I’m talking about right now at the kind of the low end of all of this security stuff. It’s designed so that when your computer is life it’s over, or maybe the hard disc crashes, there’s a little jumper that you can pull, or maybe there are the jumpers you short out on the disk.

Just look it up online, do it. In fact, go search for your disc model number and you pull that jumper or you short out those terms and what happens at that point is your disk is now complete. Erased, but it’s not really erased. It’s like your iPhone. Have you been to the Apple store? You’re trading in your iPhone.

You want to get a brand new iPhone? Isn’t this great. They have you turn off. Find my iPhone. That’s the first thing they have you do. And then they say to erase the iPhone. And have you noticed it takes what? Five, 10 seconds. To erase the iPhone. How can you possibly erase hundreds of megabytes or gigabytes of data in five to 10 seconds?

You cannot. So what’s happening inside the iPhone is similar to what’s happening with these basic encrypted disks. Okay. Everything that’s written to these disks and everything written to your iPhone is encrypted. So if you want to make all of the data that’s on that disk inaccessible or basically useless.

All you have to do is destroy the key that was used to encrypt it. So think of a door that cannot possibly be breached and a key. There’s only one key. You can’t pick the lock. Okay. Oh, maybe this isn’t the best of analogies, but if that key is destroyed, it’s impossible at that point on to open that door.

It’s not like a real door where maybe you could take blow torches to a metal door or something right there. You can always get in, but it is completely effectively destroyed.  The data that’s on that device. If the encryption is good, looks like just random data. There’s no difference between completely random and.

It has everybody’s social security number, income, and addresses in the whole United States encrypted on it. Okay. So that’s the low end. On your iPhone. When you go ahead and you erase your iPhone when you’re trading it in or. If you have one of these encrypted hard disks where you just pull that jumper, it now destroys the key.

That key now in both cases makes that disk, the data on the disc useless. Now that’s cool. And the next time that disk is powered up, it’s going to generate a brand new key and it’s going to be hopefully pretty darn random. And now you can use it again, assuming the disc isn’t bad. if you took it out, cause it was just totaled.

So that’s a very basic layer, but just like your iPhone, that encrypted disc has data, that’s readable on it up until the time that you destroyed the data by destroying the key. You’re with me so far. That’s the very basics of how this all works. Now there’s something called TPM, which stands for trusted platform module.

This is an international standard that’s been out now. It is a standard that describes a secure cryptoprocessor. That’s what Apple’s T2 security chip is all about. Now, the problem that came up this last week, this week, in fact, is that there is a flaw in Apple’s trusted T2 security chip. And it’s the flaw that apparently researchers have been using for more than a year to jailbreak older models of iPhones.

We’ve heard I heard about this. We’ve heard that the FBI was able to get into iPhone and get at the data that’s in them. There are well, there’s one primary company it’s over in Israel that sells a device that lets the police break into iPhones.  I’m just talking about iPhones right now. Many of the Android devices are very easy to break into as well, but Apple is really trying to make these things secure.

That’s why they came up with this chip of their own, which is really a kind of a trusted platform module. So they have been using this flaw in order to jailbreak into the iPhones. And the way that this T2 chip is vulnerable is a problem. And the slightly bigger problem is that this particular problem is ultimately unfixable.

In every Mac that has a T2 inside, that is a lot that T2 chip launched in 2017 and it created some limitations. Many people have used macs to run Linux for many years. It’s a great little Linux computer. We know that PC magazine had on its front cover or was a PC world. The cover said the best PC for windows is a Mac because they were just that solid. But because of the T2 chip, when it was introduced in 2017, all of a sudden problems started to arise for people. they effectively hacking their Macs.

Apple added the chip so that it had a trusted mechanism to secure the device. The biggest reason for adding this chip or a TPM, this trusted platform module, which is available on many windows, computers is encrypted data storage. Now, in some cases, the TPM or the T2 chip.

Apple is also used for touch ID and activation log that all works with Apples find my iPhone type services. So this vulnerability is known as checkM8 and the jailbreakers as we mentioned, they’ve been exploiting problems with Apples, A5 through A 11 chipsets that’s from 2011 to 2017.

Now the same group that developed the tool for iOS has released support for a T2 bypass. This is not good people. It just plain old is not good. Now we’re going to. Pick this up. When we come back, I’m going to talk about the trusted platform, modules of vendors that are using it over on the windows space, how Apple’s using it, how this whole black box things work works, and we’re going to move up.

We talked about the hardware-based disc encryption. That’s right there on the hard disc. We’re going to move up the stack and talk about other types of encryption, including encryption. On the fly and encryption at rest, both are important concepts to understand when we’re talking about security and system integrity.

Hey, you’re listening to Craig Peterson. Stick around. We’ll be right back.

More stories and tech updates at:

www.craigpeterson.com

Don’t miss an episode from Craig. Subscribe and give us a rating:

www.craigpeterson.com/itunes

Follow me on Twitter for the latest in tech at:

www.twitter.com/craigpeterson

For questions, call or text:

855-385-5553

Listen to this episode