Hacker News new | ask | show | jobs
by Jamwinner 2352 days ago
How do you know when to reset the counter? You dont want invalid attempts incrementing forever...there is your chink in the armor.
1 comments
Hackbraten 2352 days ago
What’s wrong with resetting the counter when unlocked successfully?
link
manicdee 2352 days ago
What about unintentional passcode attempts such as a phone in a pocket getting butt-dialled?
link
Dylan16807 2352 days ago
The interface should be designed so that you can't butt-dial more than a couple attempts.

But if that does happen then the system of timeouts will prevent you from using up all the attempts.

None of that gets in the way of resetting the counter only when the user succeeds.

link
MiroF 2352 days ago
The difficulty (in my view) comes from ensuring that I can't just clone/replicate the state of the device from when I had more tries left and then try again.
link
brokenmachine 2352 days ago
As I understand it, you can't clone the secure enclave chip because it doesn't expose the key or its code externally.

The only way would be to physically decap the chip which would most probably destroy it.

link