undefined | Better HN

0 pointsshabble11y ago0 comments

Go check out some conference presentations by Christopher Tarnovsky. He's made a career out of it, and acquired some very expensive toys (focused ion-beam equipment doesn't come cheap), but there are lectures of his explaining how he broke the (iirc) STMicro TPM chips for fun. These sorts of devices have all sorts of countermeasures against direct invasive attacks like these, but with enough cash and bricked test phones, I'd be greatly surprised if it wasn't entirely practical.

The only issue would be making the process so 100% reliable that you succeed first time, because a single mistake or misunderstanding could trash the single copy you have of the code.

I'm curious now if flylogic or chipworks have done any serious teardown of the 'secure enclave' stuff.

0 comments

ghshephard11y ago

If the iPhone actually does become very popular, particularly with terrorists, it will be hard to imagine that the NSA doesn't just go develop this capability internally.

"enough cash and bricked test phones" - the great thing about this, is you can just buy the $650 phones - you can get a thousand of them for less than a million dollars, which probably is under your typical line managers budget in the NSA techOps group.

And, lets be realistic, Apple isn't trying to defend against the NSA or Nation States, just your average hacker without access to $100mm+ in hardware.

j / k navigate · click thread line to collapse