Pwn All The Things
Unfortunately Apple went to Black Hat and accidentally told everyone how to do it safely, so no.https://twitter.com/amynelsondss1/status/763870911556497408 …
Still crazy how Apple went to BlackHat, told 1000 attendees how they build a secure crypto backdoor for their data center and nobody noticed
-
-
@pwnallthethings Has anyone written anything about this? I missed the talk. -
@runasand but basically it's a non-administrable HSM array to block PIN brute-force on uploaded keychain files.
-
-
-
@pwnallthethings Is there a good write-up of that anywhere? Google failed me. -
.
@tomkrazit I'm going to write it up, but the privacy community is going to really hate me for bringing attention to it. So this will be fun - View other replies
-
@pwnallthethings@tomkrazit I await but I still suggest the weak link is not the science but the human - a mole with a back door -
@softwarnet@pwnallthethings@tomkrazit they intentionally built the system so no humans ever have even the ability to open a back door. -
@bizzyunderscore@pwnallthethings@tomkrazit Help me out here - it's key escrow/back door that apple can get with an FBI warrant or not? - View other replies
-
@softwarnet@pwnallthethings@tomkrazit it's not a backdoor, not available to apple, warrant or not. No more available than any other key. -
@bizzyunderscore@pwnallthethings@tomkrazit so there is no way that LE can access user data (secured) through this process - Show more
-
-
@pwnallthethings not only is this obviously false, but you should know better. People trust you, dude -
@pwnallthethings the question I have is: can law enforcement obtain a way in using the back door - my take was not unless they had device -
@pwnallthethings Everything they build has a backdoor.
Runa Sandvik
Tom Krazit
Charles R. Smith
Dr. Mantis Toboggan
NeitherHereNorThere
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.