Salta al contenuto principale

Aggiusta la tua roba

Diritto alla Riparazione

Componenti & Strumenti

Aiuto

Versione corrente di: Tom Chai ,

Testo:

People are smarter than you, what you can think of, people have already been trying a long time. Wishful thinking gets you nowhere.
Back
Back
to the topic. It would be reasonable to believe the keys in secure enclave are implemented using e-fuses, which are physically one-time programmable. Once you program the key and set the lock bit, the bootrom reads the lock bit and enters secure boot mode, disables all external debug/test interfaces to protect the secrecy and integrity of keys. You cannot access the secure module because all unauthenticated operations are simply rejected.
Back
Back
to the topic. It would be reasonable to believe the keys in secure enclave are implemented using e-fuses, which are physically one-time programmable. Once you program the key and set the lock bit, the bootrom reads the lock bit and enters secure boot mode, disables all external debug/test interfaces to protect the secrecy and integrity of keys. You cannot access the secure module because all unauthenticated operations are simply rejected.
It may be possible to hack into the button sensors and find a way to program blank buttons straight out of factory, which I believe is Apple's method to repair Touch ID. They have the software to sign secure commands to enable secure enclave to invoke factory pairing again, which reads the key from the e-fuses and write to blank Touch ID buttons.

Stato:

open

Modifica di: Tom Chai ,

Testo:

People are smarter than you, what you can think of, people have already been trying a long time. Wishful thinking gets you nowhere.
Back to the topic. It would be reasonable to believe the keys are implemented using e-fuses, which are physically one-time programmable. Once you program the key and set the lock bit, the bootrom reads the lock bit and enters secure boot mode, disables all external debug/test interfaces to protect the secrecy integrity of keys. You cannot access the secure module because all unauthenticated operations are simply rejected.
It may be possible to hack into the button sensors and find a way to program blank buttons straight out of factory, which I believe is Apple's method to repair Touch ID. They have the software to sign secure commands to enable secure enclave to invoke factory pairing again, which reads the key from the e-fuses and write to blank Touch ID buttons.

Stato:

open

Post originale di: Tom Chai ,

Testo:

People are smarter than you, what you can think of, people have already been trying a long time. Wishful thinking gets you nowhere.

Stato:

open