Conversation

This especially affects used phones. How does a non-technical buyer know whether it is pre-rooted/jailbroken or not?

Quote Tweet

Jan 24, 2019

The 'returned product attack' here - buy, replace the firmware, return and hope someone else buys it - is a real-world evil maid attack, and speaks very much to why we need secure boot on IoT systems. Supply chain security is more complex that 'just' up to FOB delivery. twitter.com/CANcrypt/statu…

Replying to

Thought about doing this as a research project many many years ago, but decided it didn't have research value and would likely be a lot of trouble to actually do. This was after buying heaps of used Android phones on eBay and finding all kinds of things on them.

Replying to

and

attestation.app/about is able to check for that kind of tampering. If it's a sophisticated attack, they could have a verified boot bypass via an exploit triggered during the verification process on boot, but attestation can detect the device isn't updated if it's only OS level.

Replying to

and

Nice new domain for this (or at least, new to me)! Would be great to see some iOS support for this kind of thing also.

Replying to

and

The ideal case would be for sending a phone through the mail, where the person sending it sets up pairing with the person receiving it before sending it. That gives it the full strength it's meant to have and something similar could be done for iOS with hardware-backed keys.

Replying to

and

I don't think iOS has something like key attestation or a way to do remote attestation though. It's just not one of the APIs that's available, so an equivalent to the app can't really be made for it. The Android APIs for it aren't perfect but they're useful and getting better.

Replying to

and

I bet they do just not exposed to the developer/user.

Replying to

and

Apple has some useful primitives like key generation inside secure enclave, but there is no key attestation. DeviceCheck is a new API to verify validity of an iOS device, but it doesn't cover device integrity.

Replying to

and

A nice thing about the Android key attestation is that it includes a bunch of other useful information like verified boot status for the OS and the OS version / patch level so it's the generic hardware-based remote attestation implementation, and being tied to keys is useful.

Replying to

and

I'd really like to see them make some improvements to it. The main focus seems to have been apps wanting remote attestation to implement anti-cheat, DRM, etc. It could be better for more important security-based cases for it. It improved a little bit in Android 9 already though.

Replying to

and

I'm surprised SafetyNet doesn't incorporate key attestation in a way that actually enforces having it passing. It works very well already and it's strange that they aren't using it themselves. It wouldn't be as strong as pairing and a legacy device could be spoofed, but still...

3:11 PM · Jan 24, 2019Twitter Web Client