@marcan42 Maybe add to the article what is, I think, the official name of "SHSH" : "System Software Personalization".
Untangling iOS PIN code security: a look at the Apple vs. FBI saga, from a technical perspective.https://marcan.st/2016/03/untangling-ios-pin-code-security/ …
-
-
-
@Reversity Good point, was thinking of that. Added and linked to the Security Guide (seems they changed Personalization to Authorization)
End of conversation
New conversation -
-
-
@marcan42 be more descriptive on hashing code into user's key? Has to be done "below" OS and in a way that Apple can't modify/bypass/fake -
@c_bender That's why I mentioned hardware policy. It's not meant as a "how to build it" guide, more a layman's explanation. - Show replies
New conversation -
-
-
@marcan42 Per-file encryption not use "key…derived from the user's PIN". Technically. -
@marcan42 Per-File Key is encrypted (protected, wrapped) by File System Key + Class Key. Class Key is encrypted by Hardware Key + Passcode. - Show replies
New conversation -
-
-
@marcan42@MuscleNerd thank you for this! Great write up.Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
@marcan42 great article! Though afaik APTicket/SHSH authorization is a much lower bar to overcome than image signing. As of a couple (1/n) -
@marcan42 years ago internal VPN access supposedly allowed for downgrading production firmware. If this is still the case, once the (2/n) - Show replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.