Hacker News new | ask | show | jobs
by umvi 2551 days ago
> Not if you're sponsored by a hostile actor with functionally limitless resources

Like who? Russia? China?

Here's how they can compromise my device:

1. Locate me within the USA (easy)

2. Send a spy onto US soil to find me and steal my phone (hard)

3. Send another spy to work for Apple (easy)

4. Spy needs to break into Apple's vault and retrieve airgapped media containing my device's private key without a warrant (super hard)

5. Send both back to the motherland and use scanning electron microscope to complete the process (easy)

You really think that is viable? Seems extremely far fetched to me. Can you provide a more realistic scenario?
1 comments
kelnos 2551 days ago
The more realistic scenario is already possible today, and doesn't need to involve so much technical mumbo-jumbo: at step #2, instead of stealing your phone, they kidnap you, and torture you until you give up your password. Done, and no need for steps 3-5.

(And I suspect, for a sufficiently-motivated state-level actor, that actually falls under "easy", or at most "medium".)

link
umvi 2550 days ago
Right, so why are we so worried about this? If the government is malevolent they will just kidnap and torture you like the PRC.
link