Conversation

This especially affects used phones. How does a non-technical buyer know whether it is pre-rooted/jailbroken or not?

Quote Tweet

Jan 24, 2019

The 'returned product attack' here - buy, replace the firmware, return and hope someone else buys it - is a real-world evil maid attack, and speaks very much to why we need secure boot on IoT systems. Supply chain security is more complex that 'just' up to FOB delivery. twitter.com/CANcrypt/statu…

Replying to

Thought about doing this as a research project many many years ago, but decided it didn't have research value and would likely be a lot of trouble to actually do. This was after buying heaps of used Android phones on eBay and finding all kinds of things on them.

Replying to

and

attestation.app/about is able to check for that kind of tampering. If it's a sophisticated attack, they could have a verified boot bypass via an exploit triggered during the verification process on boot, but attestation can detect the device isn't updated if it's only OS level.

Replying to

and

If they break verified boot at the firmware level before the OS, it won't be able to catch anything. It's also designed around pairing and an initial verification is a lot easier to bypass due to relying on a chain of trust to a trusted root. Not really what it's meant to handle.

2:28 PM · Jan 24, 2019Twitter Web Client

Retweet