I wish I could see a “reaction video” of when the folks at Apple watch this.
Not that I don’t feel their pain… What could the mitigation possibly be here? Obfuscation of the JTAG pads?
I used to be offended when a vendor took steps to lock down their hardware. Still am, mostly…
Perhaps this definition of a secure device that doesn’t yet exist will be useful. https://www.devever.net/~hl/smartcards
As playing with PCIe is not something easy, not a lot of test has been done, and even tho IOMMU could theorically stop an attacker from getting access to a memmory out of a context, one can see that those are not always well implemented.
Wow, they fabricated multiple adapters and test boards, a freaking JIG, and a board with an FPGA and DDR3 in order to mess with the PCIe bus.
I have a feeling this is beyond the FBI’s capabilities.
But not beyond their wallets - which is how they get most of their security tools/exploits, anyway.