[lionkor]

> The hardware manufacturer can destroy the private key after it is placed on the device. By doing so, the private key is inaccessible!

I'm pretty sure the private key is very accessible, if it's used at runtime which it is. Just not easily.

[didntcheck]

Yeah. People have been hoping for a signed "Photoshop-proof camera" since digital image manipulation was invented, but it has the same limitations as any form of DRM. It only slows people down a bit. There's also the analog hole - i.e. just stick your "attested" microphone in front of a speaker

[kj4ips]

Canon tried to do this with their ODD system, and they got kinda close, but it is possible to extract the key from a given camera, and forge signatures.

Their verification system also seems to include a smartcard or SD card-like thing (which might be doing something special, or might just be DRM)

[lionkor]

or rip out the wires and attach whatever speaker you want, not really detectable

[flangola7]

It is detectable if the other components are cryptographically paired, like they are in newer iPhones.

Go try to swap a camera or screen between two identical iPhone models, it won't work.

[flangola7]

Extracting the private key out of a modern HSM enclave is essentially impossible for anything less than NSA-level capabilities.