We live in a world where all phone device encryption is (inexpensively) broken, and yet the FBI is making a renewed push for crypto backdoors. What exactly are they thinking?https://motherboard.vice.com/en_us/article/vbxxxd/unlock-iphone-ios11-graykey-grayshift-police …
-
-
It probably doesn't have direct access. They could be exploiting the OS and then escalating to SEP access with another exploit. It's impossible to know exactly what they're doing. SEP provides a lot more than the disk encryption hardware support so there's other attack surface.
-
It’s almost certainly a chain of exploits. They must have reasonable confidence that they have diversity of options at each point, if they’re putting the box in the hands of state and local cops.
-
Google has a bigger version of this attack surface problem for the TEE which is part of why they started splitting it up. For example, they decided to support a separate HSM for the hardware-backed keystore in Android P:https://developer.android.com/preview/features/security.html#secure-key-import …
-
It's somewhat amusing. These hardware security features are usable for all kinds of things so they get feature creep and then there's a fairly big software stack running there with a lot of attack surface. Main reason they're useful is tiny attack surface compared to the OS.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.