undefined | Better HN

0 pointstlrobinson10y ago0 comments

As I understand it, Secure Enclave firmware is just a signed blob of code on main flash storage that's updated along with the rest of iOS, which can be done via DFU without pin entry. I assume DFU updates are very low level, with no knowledge of the Secure Enclave or ability to prompt the user to enter their pin.

Making the DFU update path more complex increases the risk of bugs and thus the risk of permanently bricking phones.

You could imagine an alternative where on boot the Secure Enclave runs some code from ROM which checks that a hash of the SE firmware matches a previously signed hash, which is only updated by the Secure Enclave if the user entered their pin during the update. If it doesn't match, either wipe the device or don't boot until the previous firmware is restored.

This way Secure Enclave firmware updates and updates via DFU are still possible, but not together without wiping the device.

0 comments

equalarrow10y ago

Let us direct our attention to the superhero Mike Ash and his latest post on secure enclave. https://www.mikeash.com/pyblog/friday-qa-2016-02-19-what-is-...

Honestly, this is really the shit..

tlrobinsonOP10y ago

Yeah, the key question is how Secure Enclave firmware updates work, and whether they can be prevented without pin entry. One former Apple security engineer thinks they are not subject to pin entry: https://twitter.com/JohnHedge/status/699892550832762880

j / k navigate · click thread line to collapse