iOS-provided security mechanisms and 1Password

A rather disturbing article was posted on Macworld.com on March 7, "Is Apple finally getting serious about security?" (See http://bit.ly/fSRc8N ) The author, Kenneth van Wyk, details serious flaws in Apple's 256-bit hardware AES encryption module. The key is protected by the device's PIN, which can be easily disabled with jailbreaking and other software. Same goes with the API for protecting sensitive files. In short, any developer using Apple's built-in security mechanisms in iOS isn't getting the security they think they are. My question is, does 1Password use Apple's security mechanisms? Is Agile aware of the flaws?

Comments

This discussion has been closed.