Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

From the paper: https://github.com/Layr-Labs/d-inference/blob/master/papers/...

> Apple’s attestation servers will only generate the FreshnessCode for a genuine device that checks in via APNs. A software-only adversary cannot forge the MDA certificate chain (Assumption 3). Com- bined with SIP enforcement (preventing binary replace- ment) and Secure Boot (preventing bootloader tampering), this provides strong evidence that the signing key resides in genuine Apple hardware.



I am not entirely sure they understand that System Integrity Protection and Secure Boot can be turned off.


My understanding from the paper is that doing so should cause certain things in Apple's hardware security enclaves to break a signing chain, and a server-side MDM system integrated with Apple servers can detect this. But I'm not familiar with the underlying technology, so not sure if underlying assumptions are incorrect.


AFAIK that just ensures the SEP is present but perhaps they are signing the boot state now




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: