Apple is very well known for its value of security and the advanced security mechanisms. I personally found it hard sometimes to understand specific technical controls. This is why I am writing this little article. Smartphones are known to be more secure than desktops for they are also more MOBILE and tend to get lost a lot. That’s why MacBooks tend to get closer and closer to smartphones in terms of security.
Hardware
Every software needs a hardware to run on. Maybe that’s going to change sometime or the hardware turns into something different like bioware. Who knows?
Imagine a security guard who makes sure only authorised folk enter the building. He’s tough, he’s often blunt and ready to engage in a tussle if it ever comes to it. He’s there to keep miscreants with their pesky delinquent thoughts from passing through. He’s not a bigot though. He is on his heels to hunt down anyone indulging themselves in any sort of felony. No culprit will be able to talk his way out of this. The only problem is that once the authorised person is inside, it may turn malicious and may do lots of different bad stuff. For example, this slimy git may take the keys and mess them up, or even use those keys to bust into the rooms he was not supposed to be in. What do we do to protect those keys? We can’t allocate a guard to each person coming in, that would be a disaster!
So, here is a crazy idea: keep keys in a separate place and don’t let anyone in! The key-keeper inside will give out and take the keys, managing this particular problem himself. So, that’s what Secure Enclave is for and that’s exactly the reason why it has its own CPU and key generator. To keep things even more secure, we have an option to ask SE (Secure Enclave) to generate the keys and