> It is an interesting attack but is the above goal ever achievable? To protect against adversaries from the inside.
People have gotten very close to achieving similar goals.
For example, modern games consoles' anti-piracy measures guard against the device owner who has physical control and unlimited time. [1]
iPhone activation locks likewise prevent stolen phones from being used, even by thieves with physical control and unlimited time.
And neither of the systems rely on the clunky 'brick the device if the case is opened' methods of yesteryear.
(Of course there have also been a great many failed attempts - almost every console since the dawn of time has eventually been hacked, as have things like TPMs and TrustZone, many versions of the iPhone were rooted, etc etc)
There's a significant asymmetry in motivation and resources available to compromise hardware between Jimmy and his Xbox vs. Google and their cloud infrastructure.
Yes, someone with an xbox hack has tens of millions of potential customers who can save $60 a game, with complete physical access to the hardware and no chance of getting fired or arrested.
Whereas someone with a Google cloud infrastructure hardware fault injection attack has only a tiny number of spy agencies or rogue admins as potential customers, the servers are all locked up in data centres, and anyone who got caught making an attack would get fired and/or arrested.
Jimmy is only willing to spend less than he'd spend in the cost of games. Even with a large amount of Jimmys there might not be market without getting the cost of an individual attack low enough.
On the other hand, there for sure is a market for cloud based attacks, and nation states that can apply a stick to go along with the carrot of millions of dollars in "consulting fees".
Especially as we move more key infrastructure into the cloud. If people start trusting these sorts of remote systems with things like financial data, the payoff of a clandestine compromise could be hundreds of billions of dollars.
Doubly true when you consider the history of Google working with the USG.
People have gotten very close to achieving similar goals.
For example, modern games consoles' anti-piracy measures guard against the device owner who has physical control and unlimited time. [1]
iPhone activation locks likewise prevent stolen phones from being used, even by thieves with physical control and unlimited time.
And neither of the systems rely on the clunky 'brick the device if the case is opened' methods of yesteryear.
(Of course there have also been a great many failed attempts - almost every console since the dawn of time has eventually been hacked, as have things like TPMs and TrustZone, many versions of the iPhone were rooted, etc etc)
[1] https://www.youtube.com/watch?v=quLa6kzzra0