Hacker News new | past | comments | ask | show | jobs | submit login

Considering this might be targeted by nation-state adversaries for propaganda uses, I don't see the effectiveness, at least on that threat model. AFAIK even if the private keys are buried in some trusted computing chip, there's very little a focused ion beam can't do. And that's in an extreme security scenario, I doubt those cameras even reach that.



Assuming they use different embedded keys per camera (which is unfortunately unlikely) instead of the same key on every chip, this can be defeated by demanding to see the intact camera before accepting the signature. Ion beam assisted probing is a destructive process.


What do you mean? An ion beam can read the private keys from the onboard chip?


It's essentially a million-dollar silicon modding tool. It can, in 99% of cases, read down to the individual transistor level.


Then why can’t the three letter agencies in the US unlock an iPhone? I don’t think it’s that easy. In that case all encryption would be useless if you had physical access to the machine.


It only works for things where the key is stored on the chip or phones where the key is stored in a TPM or equivalent and relies on a PIN to release it, as opposed to typical use of encryption where the full key is entered to unlock. An attacker with physical access can probe the chip but it’s risky - one slip and it’s gone for ever. This technique is most useful when all chips of this type have the same key so you only need to successfully crack one, any one. Ross Anderson’s book Security Engineering uses the example of Sky Pay TV cards https://www.cl.cam.ac.uk/~rja14/Papers/SEv2-c16.pdf


With all the encryption I’ve used these past decades the only time I have entered a full encryption key was for cryptocurrency. Aren't 99% of use cases the case where the key is stored on the client device? It seems like the main deterrent then just comes down to the failure rate of the probes.

On a tangent, a bad actor could then release HDCP keys for TVs from a big brand like Samsung and effectively invalidate all content protection for all the TVs they have already sold (afaik those can’t be remotely updated). If those keys are then revoked, there would be millions of bricked Samsung TVs.


Pretty sure they use a kdf to generate the key from your input so you don't need to enter the " full key"


> Then why can’t the three letter agencies in the US unlock an iPhone?

They almost certainly can but I believe the point of the FBI making a big song and dance about unlocking that phone (which they did unlock by themselves, btw) was about trying to force Apple into allowing TLA backdoors via the court of public opinion.


> Then why can’t the three letter agencies in the US unlock an iPhone?

Who says they can’t?




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: