|
|
|
|
|
|
by sliverstorm
3775 days ago
|
|
|
The pathway is obvious- build a signed image that lets you guess unlimited passwords at maximum speed. Apple doesn't have to do it to make it apparent it would work. The avenue is already in use: As many jailbreakers are familiar, firmware can be loaded via Device Firmware Upgrade (DFU) Mode. Once an iPhone enters DFU mode, it will accept a new firmware image over a USB cable. The special "backdoor" Apple has access to: Before any firmware image is loaded by an iPhone, the device first checks whether the firmware has a valid signature from Apple. This signature check is why the FBI cannot load new software onto an iPhone on their own — the FBI does not have the secret keys that Apple uses to sign firmware. http://blog.trailofbits.com/2016/02/17/apple-can-comply-with... As for "the attack firmware could leak"- well, so could the signing keys. |
|
|