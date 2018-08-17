from the back-to-the-drawing-board dept.
The security coprocessor was introduced alongside the iPhone 5s and Touch ID. It performs secure services for the rest of the SOC and prevents the main processor from getting direct access to sensitive data. It runs its own operating system (SEPOS) which includes a kernel, drivers, services, and applications.
The Secure Enclave is responsible for processing fingerprint data from the Touch ID sensor, determining if there is a match against registered fingerprints, and then enabling access or purchases on behalf of the user. Communication between the processor and the Touch ID sensor takes place over a serial peripheral interface bus. The processor forwards the data to the Secure Enclave but can't read it. It's encrypted and authenticated with a session key that is negotiated using the device's shared key that is provisioned for the Touch ID sensor and the Secure Enclave. The session key exchange uses AES key wrapping with both sides providing a random key that establishes the session key and uses AES-CCM transport encryption
Today, xerub announced the decryption key 'is fully grown'. You can use img4lib to decrypt the firmware and xerub's SEP firmware split tool to process.
Decryption of the SEP Firmware will make it easier for hackers and security researchers to comb through the SEP for vulnerabilities.
Also at ThreatPost which notes that this does not mean it is open season on SEP:
Yesterday’s news set off another flurry of angst as to the ongoing security of iOS and what would happen now that the firmware had been unlocked.
“I wouldn’t say there is any immediate threat to users at this point,” Azimuth Security’s Mandt said. “Although the key disclosure allows anyone to analyze the software that is running on the SEP processor, it still requires an attacker to find and exploit a vulnerability in order to compromise SEP.”
it still requires an attacker to find and exploit a vulnerability in order to compromise SEP
Yeah and no one uses ida pro.
Keys want to be Free !
Shove your fat worm in my juicy apple !
So, what do any of the people who said I was crazy for suggesting this was possible, back when Apple vs. FBI was the big media distraction from Things That Actually Matter, have to say now?
I will repeat again! The device has to boot somehow!
Those people are simply fools who believe whatever a whitepaper / corporation says. I had a friend who said similar things, and when I really really pushed it finally broke him down and he admitted what was really up.
"I just can't believe we are so fucked, if the major corps are putting in backdoors for the gov then we're so fucked" with a little bit of suicidal overtones, like if the world is really this fucked then they don't wanna live in it. I think this is a growing concern, many people in the US are finally being confronted with how fucked up our system is and it is SO MUCH WORSE than anyone thought. Queue massive depression and suicidal thoughts by a large segment of the population. I no longer push him to be more cynical, it will quickly drive him over the edge.
I recall a presentation from a major tech personality who shared a leaked photo about the NSA bragging about how easily they could compromise SSL with no one being the wiser. We are so fucked, the only way out of this mess is massive rebuilding of intelligence agency leadership with a focus on actual defense. Government transparency, dismantle domestic surveillance, etc. Decentralized technologies that disrupt these surveillance activities, keep power with the people instead of centralized servers that are easily compromised.
Fat chance.
This is better. Don't count on someone to swoop in and magically roll back government surveillance. Instead, treat all communications as if they are sensitive, could land you in prison, and are constantly under attack by the government.
If anyone has a better resource than this [reddit.com] for decentralization stuff, I'd like to see it. But I get the impression that all efforts to decentralize on the hardware side are pretty small-scale.
In 2003 I read of a classified chip that could perform thousands of decryptions simultaneously.
Now imagine a Beowulf cluster of them
