What do you think about embedding a per-device, unique key somewhere inside the hardware such that extracting it requires destroying the device and expensive gear? It would be nice if you could do this with deniability so the recovered data can't be used as evidence.
-
-
Hold on a second Steve. Before we start talking about what *could* be done, let me try to understand what Nick is saying. Apple has a secure processor that erases the key after 10 failed login attempts. It is now, by all evidence, completely broken.
1 reply 2 retweets 4 likes -
This Tweet is unavailable.
-
The Ozzie proposal doesn’t necessarily destroy the key or the phone. It’s unclear from the patent, but it seems to place it into a working forensic mode.
2 replies 1 retweet 0 likes -
I'm just thinking out loud of making physical key recovery both more reliable and destructive.
1 reply 0 retweets 0 likes -
Replying to @sweis @matthew_d_green and
And not via software. I mean etching key material in silicon with x-rays or something.
1 reply 0 retweets 0 likes -
Well, for one thing, the problem with the SEP right now may be way above the hardware layer. If the “destroy key” hardware call can be skipped over, it doesn’t matter how good your hardware is.
0 replies 0 retweets 1 like -
This Tweet is unavailable.
-
Software has to touch this. The Ozzie proposal has the key written every time the user changes passcodes. The attacker has to enter data into a UI that runs on software (which they’ve compromised) that accesses NVRAM.
0 replies 1 retweet 0 likes -
This Tweet is unavailable.
Hardware is just software that's more expensive to patch.
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.