[Discuss] Encrypt Everything? Good Luck With That

[bill.n1vux at gmail.com (Bill Ricker)]

On Mon, Mar 28, 2016 at 8:14 PM, Rich Pieri <richard.pieri at gmail.com> wrote:

> One: physical security is paramount.
>
> Two: encryption is not a substitute for physical security.
>


?Absolutely.?
And INFOSEC researchers understood this 30 years ago (i was there), so the
older *&/or* better ones still do.
?
Just as DVD and Sat-TV crypto keys in set top box are not secure in a
hacker's home, the chips in your phone are not secure if in top level
hacker lab long enough. As long as this isn't remotely exploitable over the
network or quickly done by a Customs officer with a magic dongle in
temporary possession of the device, it's not a big shocker.
?
Encryption can be a substitute for physical security of encrypted media
  if and only if
the key is NOT included in the inspectable package
*and *the key IS kept under physical (and all other forms of ) security .

Alas any key (or passphrase) you can remember and accurately re-enter is
too small.
Even 128 bits of Entropy is a lot of text to memorize and reproduce
EXACTLY.

Apple's allegedly unbreakable iPhone security, what stymied the FBI for
> months, was broken in a matter of days once someone figured out a viable
> attack:
>

?Unsubstantiated speculation in INFOSEC Twittrs suggests this was a
disassembly hack with hardware debug techniques. ?

One of
- remove & emulate the NVRAM that contains the bad-guess count  (with
bad-guess decrement blocked/rolled back)
- block write to NVRAM by overpowering pins, or lifting a pin or a pullup
resistor (for either/both count and wipe)
- re-write the NVRAM bad-guess count after each decrement
- etc.

?The limit to 4 digit PINs was always a compromise.
Such a brute-forcably low number always assumed the bad-guess-auto-wipe was
inviolable.
Which it is, against *most* threat models. ?Still.
As far as we know, only an Apple update key can break it with just
software, and they've shown publicly they won't.
(Assuming what we see is all that happened.)
But if anyone thought that NSA or worlds' best HW data recovery forensic
contractors couldn't bypass auto-wipe eventually (if they were careful not
to trigger it early), that was naive or wishful thinking.

?
The interesting question will be how many of the other 200 phones DOJ want
unlocked are susceptible to same and how many of those are worth the
contractor's price to unlock. This sounds like detailed skilled work ...

If your phone won't reassemble, you'll should suspect your PIN and thus
data were compromised.
Just as if your safe's door won't close properly anymore ... and where did
it get those burn marks ?

If this isn't stealthy and isn't scalable, we should be happy, it's better
than most possible results.

?(And this wasn't even the SBS's operational phone, it was his work phone,
so it's still just posturing. They'll be back when they have something else
they think public opinion might back them on.)?

-- 
Bill Ricker
bill.n1vux at gmail.com
https://www.linkedin.com/in/n1vux