Apple is fighting the FBI
-
@Dashrender How does the secure enclave prevent the memory chips being imaged?
-
@scottalanmiller said:
@Dashrender How does the secure enclave prevent the memory chips being imaged?
it doesn't.
But if you're talking about the memory chips that actually store the data that the secure enclave uses to store the encyption/decryption key - it's not that it in any way prevents you from doing that... but it's inside the CPU, and there are no APIs that exist to read those chips (chips inside chips?).
So I suppose if you could disassemble the CPU and get to the storage chips that the secure enclave uses, you would have the key. I guess the chances of that happening currently without damaging said memory chips, is near impossible.
So sure, you can get the standard flash/SSD chips from the phone, desolider them, connect them to a reader, pull the data off, and start applying 256 bit decryption codes to it...and we'll see how long that takes before you guess the right one.
-
@scottalanmiller said:
@Dashrender How does the secure enclave prevent the memory chips being imaged?
Also, is the enclave tied to the drive?
AKA: could they image the drive and just keep trying with new images, or does the enclave control the 10 attempts?
-
@Dashrender said:
So sure, you can get the standard flash/SSD chips from the phone, desolider them, connect them to a reader, pull the data off, and start applying 256 bit decryption codes to it...and we'll see how long that takes before you guess the right one.
Well, they have some crazy equipment for that, so while not fast, likely faster than you are thinking.
-
@Dashrender said:
So I suppose if you could disassemble the CPU and get to the storage chips that the secure enclave uses, you would have the key. I guess the chances of that happening currently without damaging said memory chips, is near impossible.
I guess that the difference is is that I am expecting that they have a process for this. I'm not certain that they do, but it seems likely to me that they do. Not cheap, not easy, not 100% reliable, but when needed, I bet that they can do it. And once they have done that, it seems that the rest just falls into place.
-
@BRRABill said:
@scottalanmiller said:
@Dashrender How does the secure enclave prevent the memory chips being imaged?
Also, is the enclave tied to the drive?
AKA: could they image the drive and just keep trying with new images, or does the enclave control the 10 attempts?
The enclave controls the attempts. But those are software attempts.
-
@BRRABill said:
@scottalanmiller said:
@Dashrender How does the secure enclave prevent the memory chips being imaged?
Also, is the enclave tied to the drive?
AKA: could they image the drive and just keep trying with new images, or does the enclave control the 10 attempts?
the drive has nothing to do with it.
the secure enclave is the only thing that matters - and iOS tells the secure enclave to erase itself after 10 bad tries.
-
@Dashrender said:
the secure enclave is the only thing that matters - and iOS tells the secure enclave to erase itself after 10 bad tries.
Right, it's accessing it without iOS that I'm expecting.
-
Maybe they should hire a psychic.
-
@scottalanmiller said:
@Dashrender said:
So sure, you can get the standard flash/SSD chips from the phone, desolider them, connect them to a reader, pull the data off, and start applying 256 bit decryption codes to it...and we'll see how long that takes before you guess the right one.
Well, they have some crazy equipment for that, so while not fast, likely faster than you are thinking.
Oh I know - the new facility in Utah is probably trying trillions or more options a second.
-
@scottalanmiller said:
@Dashrender said:
So I suppose if you could disassemble the CPU and get to the storage chips that the secure enclave uses, you would have the key. I guess the chances of that happening currently without damaging said memory chips, is near impossible.
I guess that the difference is is that I am expecting that they have a process for this. I'm not certain that they do, but it seems likely to me that they do. Not cheap, not easy, not 100% reliable, but when needed, I bet that they can do it. And once they have done that, it seems that the rest just falls into place.
Who is they? you mean a state sponsor? I suppose.
I recall reading a year or more ago about this very thing.. some university was working on a way to get at information inside chips without destroying the function of the chip...
-
@scottalanmiller said:
@Dashrender said:
the secure enclave is the only thing that matters - and iOS tells the secure enclave to erase itself after 10 bad tries.
Right, it's accessing it without iOS that I'm expecting.
the problem with that is that the (and I'm guessing here) secure enclave won't respond to an attempt that's not signed by Apple's private key or some other key that would be unique - but I guess if that exists in iOS, then the FBI could extract that somehow..
-
@Dashrender said:
@scottalanmiller said:
@Dashrender said:
So I suppose if you could disassemble the CPU and get to the storage chips that the secure enclave uses, you would have the key. I guess the chances of that happening currently without damaging said memory chips, is near impossible.
I guess that the difference is is that I am expecting that they have a process for this. I'm not certain that they do, but it seems likely to me that they do. Not cheap, not easy, not 100% reliable, but when needed, I bet that they can do it. And once they have done that, it seems that the rest just falls into place.
Who is they? you mean a state sponsor? I suppose.
I recall reading a year or more ago about this very thing.. some university was working on a way to get at information inside chips without destroying the function of the chip...
Well, Israel, apparently.
-
@Dashrender said:
@scottalanmiller said:
@Dashrender said:
the secure enclave is the only thing that matters - and iOS tells the secure enclave to erase itself after 10 bad tries.
Right, it's accessing it without iOS that I'm expecting.
the problem with that is that the (and I'm guessing here) secure enclave won't respond to an attempt that's not signed by Apple's private key or some other key that would be unique - but I guess if that exists in iOS, then the FBI could extract that somehow..
That's my guess. Pretty much, physical access always means that you can get to the data. It might be a huge pain, but I find it likely that they will find a way.
-
@scottalanmiller said:
@Dashrender said:
@scottalanmiller said:
@Dashrender said:
the secure enclave is the only thing that matters - and iOS tells the secure enclave to erase itself after 10 bad tries.
Right, it's accessing it without iOS that I'm expecting.
the problem with that is that the (and I'm guessing here) secure enclave won't respond to an attempt that's not signed by Apple's private key or some other key that would be unique - but I guess if that exists in iOS, then the FBI could extract that somehow..
That's my guess. Pretty much, physical access always means that you can get to the data. It might be a huge pain, but I find it likely that they will find a way.
Yep, and designers of chips will continue to try to find ways to make those breakdown solutions work.
It's like the hackers who hacked Blu Ray players to get the key for blu ray encryption... though they could get it much more easily because unlike the secure enclave, the desired data flowed out via either an API or just over the accessible pins.
-
@Dashrender said:
@scottalanmiller said:
@Dashrender said:
@scottalanmiller said:
@Dashrender said:
the secure enclave is the only thing that matters - and iOS tells the secure enclave to erase itself after 10 bad tries.
Right, it's accessing it without iOS that I'm expecting.
the problem with that is that the (and I'm guessing here) secure enclave won't respond to an attempt that's not signed by Apple's private key or some other key that would be unique - but I guess if that exists in iOS, then the FBI could extract that somehow..
That's my guess. Pretty much, physical access always means that you can get to the data. It might be a huge pain, but I find it likely that they will find a way.
Yep, and designers of chips will continue to try to find ways to make those breakdown solutions work.
It's like the hackers who hacked Blu Ray players to get the key for blu ray encryption...
And then walk away from the game due to ferocious litigation
-
@crustachio said:
@Dashrender said:
@scottalanmiller said:
@Dashrender said:
@scottalanmiller said:
@Dashrender said:
the secure enclave is the only thing that matters - and iOS tells the secure enclave to erase itself after 10 bad tries.
Right, it's accessing it without iOS that I'm expecting.
the problem with that is that the (and I'm guessing here) secure enclave won't respond to an attempt that's not signed by Apple's private key or some other key that would be unique - but I guess if that exists in iOS, then the FBI could extract that somehow..
That's my guess. Pretty much, physical access always means that you can get to the data. It might be a huge pain, but I find it likely that they will find a way.
Yep, and designers of chips will continue to try to find ways to make those breakdown solutions work.
It's like the hackers who hacked Blu Ray players to get the key for blu ray encryption...
And then walk away from the game due to ferocious litigation
How funny - they talked about this on Security Now! a few weeks ago when this happened, and again this week.
The developers of the software live in a different country/different laws from where Slysoft was - and the devs have stood up a new service for this project.
-
@Dashrender said:
@crustachio said:
@Dashrender said:
@scottalanmiller said:
@Dashrender said:
@scottalanmiller said:
@Dashrender said:
the secure enclave is the only thing that matters - and iOS tells the secure enclave to erase itself after 10 bad tries.
Right, it's accessing it without iOS that I'm expecting.
the problem with that is that the (and I'm guessing here) secure enclave won't respond to an attempt that's not signed by Apple's private key or some other key that would be unique - but I guess if that exists in iOS, then the FBI could extract that somehow..
That's my guess. Pretty much, physical access always means that you can get to the data. It might be a huge pain, but I find it likely that they will find a way.
Yep, and designers of chips will continue to try to find ways to make those breakdown solutions work.
It's like the hackers who hacked Blu Ray players to get the key for blu ray encryption...
And then walk away from the game due to ferocious litigation
How funny - they talked about this on Security Now! a few weeks ago when this happened, and again this week.
The developers of the software live in a different country/different laws from where Slysoft was - and the devs have stood up a new service for this project.
Didn't know that. I was surprised to see that China-based DVDFab was abandoning plans to pursue next-gen Blu-Ray decryption as well.
-
@crustachio said:
@Dashrender said:
@crustachio said:
@Dashrender said:
@scottalanmiller said:
@Dashrender said:
@scottalanmiller said:
@Dashrender said:
the secure enclave is the only thing that matters - and iOS tells the secure enclave to erase itself after 10 bad tries.
Right, it's accessing it without iOS that I'm expecting.
the problem with that is that the (and I'm guessing here) secure enclave won't respond to an attempt that's not signed by Apple's private key or some other key that would be unique - but I guess if that exists in iOS, then the FBI could extract that somehow..
That's my guess. Pretty much, physical access always means that you can get to the data. It might be a huge pain, but I find it likely that they will find a way.
Yep, and designers of chips will continue to try to find ways to make those breakdown solutions work.
It's like the hackers who hacked Blu Ray players to get the key for blu ray encryption...
And then walk away from the game due to ferocious litigation
How funny - they talked about this on Security Now! a few weeks ago when this happened, and again this week.
The developers of the software live in a different country/different laws from where Slysoft was - and the devs have stood up a new service for this project.
Didn't know that. I was surprised to see that China-based DVDFab was abandoning plans to pursue next-gen Blu-Ray decryption as well.
That is surprising... is the Chinese government actually considering joining the rest of the first world with regards to piracy?
-
@Dashrender said:
@crustachio said:
@Dashrender said:
@crustachio said:
@Dashrender said:
@scottalanmiller said:
@Dashrender said:
@scottalanmiller said:
@Dashrender said:
the secure enclave is the only thing that matters - and iOS tells the secure enclave to erase itself after 10 bad tries.
Right, it's accessing it without iOS that I'm expecting.
the problem with that is that the (and I'm guessing here) secure enclave won't respond to an attempt that's not signed by Apple's private key or some other key that would be unique - but I guess if that exists in iOS, then the FBI could extract that somehow..
That's my guess. Pretty much, physical access always means that you can get to the data. It might be a huge pain, but I find it likely that they will find a way.
Yep, and designers of chips will continue to try to find ways to make those breakdown solutions work.
It's like the hackers who hacked Blu Ray players to get the key for blu ray encryption...
And then walk away from the game due to ferocious litigation
How funny - they talked about this on Security Now! a few weeks ago when this happened, and again this week.
The developers of the software live in a different country/different laws from where Slysoft was - and the devs have stood up a new service for this project.
Didn't know that. I was surprised to see that China-based DVDFab was abandoning plans to pursue next-gen Blu-Ray decryption as well.
That is surprising... is the Chinese government actually considering joining the rest of the first world with regards to piracy?
It's China, the payoffs probably got to be too much.