undefined | Better HN

0 pointsblibble2y ago0 comments

remote attestation would mean it's not possible to pull out the binary and run it externally

you'd need the key from the TPM/secure enclave too, which is much much harder to extract

0 comments

TPM did not get key from nowhere. The key need to come from network or locally generated as long as it is not preloaded when manufacturing. And in either way, it should be possible to intercept/fake it.

mjg592y ago

Apple devices with a secure enclave have the ability to attest to their identity, and also attest that keys were generated on a secure enclave (this functionality is very locked down for privacy preservation purposes, but is certainly available to Apple). If Apple is willing to lock out any device shipped without a secure enclave (which would probably be an excessive number of Macs at the moment - the iMac only started shipping with a T2 in the 2020 model, although the iMac Pro did have a T1 earlier than that) then it's absolutely possible to restrict access to actual Apple hardware with no risk of key interception.

blibbleOP2y ago

> as long as it is not preloaded when manufacturing

which is exactly what happens

SpaghettiCthulu2y ago

It's only a matter of time until a company starts selling TPM dumps, right?

Eriksrocks2y ago

You can't "dump" a TPM. That's the whole point. They are designed such that the cryptographic secrets they hold (including ones loaded at manufacturing) are unrecoverable without an electron microscope and nation-state level resources (and even then, it would be extremely difficult if not impossible on modern process nodes).

SpaghettiCthulu2y ago

> You can't "dump" a TPM.

> unrecoverable without an electron microscope and nation-state level resources (and even then, it would be extremely difficult if not impossible on modern process nodes).

Oh, so you can. It's only a matter of time.

loopdoend2y ago

Even with an electron microscope you wouldn't extract a root key it would just be a device key which they would then ban.

1 more reply

blibbleOP2y ago

maybe, but for a task like this it doesn't really scale

Apple aren't going to allow one phone to attest 5000 new iMessage clients

kotaKat2y ago

That's... amusingly, also a thing in Chinese marketplaces, for a similar purpose.

iCloud Activation Lock, on non-cellular devices (eg, Wi-Fi only iPads), relies on the device's serial number, Wi-Fi MAC, and Bluetooth MAC addresses as the three identifiers required to clear the Activation Lock check. Via special debug cables (eg, a "DCSD cable") there are ways to write in new SysCfg data to the flash to change those variables. This can also be done to Apple Watches (pre-Series 6) with a special dock also sold on the Chinese market.

You can (sort of easily) get your hands on a "clean" serial/MACs set for under $10-15 or so on the market.

1 more reply

j / k navigate · click thread line to collapse

0 comments

mmis10002y ago

mjg592y ago

blibbleOP2y ago

> as long as it is not preloaded when manufacturing

which is exactly what happens

SpaghettiCthulu2y ago

It's only a matter of time until a company starts selling TPM dumps, right?

Eriksrocks2y ago

SpaghettiCthulu2y ago

> You can't "dump" a TPM.

> unrecoverable without an electron microscope and nation-state level resources (and even then, it would be extremely difficult if not impossible on modern process nodes).

Oh, so you can. It's only a matter of time.

loopdoend2y ago

Even with an electron microscope you wouldn't extract a root key it would just be a device key which they would then ban.

1 more reply

blibbleOP2y ago

maybe, but for a task like this it doesn't really scale

Apple aren't going to allow one phone to attest 5000 new iMessage clients

kotaKat2y ago

That's... amusingly, also a thing in Chinese marketplaces, for a similar purpose.

You can (sort of easily) get your hands on a "clean" serial/MACs set for under $10-15 or so on the market.

1 more reply

j / k navigate · click thread line to collapse