undefined | Better HN

0 pointsvenomsnake10y ago0 comments

There is the most master of all keys - the one they sign the bootloader/os with.

0 comments

As long as anything like this exists, and can be used to flash a new system image while data remains intact, then Apple claiming they have a system secure against government is extremely negligent.

An OS signing key is never a replacement for a bona-fide user-initiated upgrade intent.

In designs with trusted hardware to prevent evil maid attacks, the boot trust chain should use a hash rather than a signature. This hash is updated only when the trusted chip is already unlocked.

To avoid creating useless bricks, said trusted hardware should allow the option to wipe everything simultaneously. But nothing more granular.

j / k navigate · click thread line to collapse

0 comments

mindslight10y ago

As long as anything like this exists, and can be used to flash a new system image while data remains intact, then Apple claiming they have a system secure against government is extremely negligent.

An OS signing key is never a replacement for a bona-fide user-initiated upgrade intent.

In designs with trusted hardware to prevent evil maid attacks, the boot trust chain should use a hash rather than a signature. This hash is updated only when the trusted chip is already unlocked.

To avoid creating useless bricks, said trusted hardware should allow the option to wipe everything simultaneously. But nothing more granular.

j / k navigate · click thread line to collapse