1. 15
  1.  

  2. 3

    I wish I could see a “reaction video” of when the folks at Apple watch this.

    Not that I don’t feel their pain… What could the mitigation possibly be here? Obfuscation of the JTAG pads?

    I used to be offended when a vendor took steps to lock down their hardware. Still am, mostly…

    Perhaps this definition of a secure device that doesn’t yet exist will be useful. https://www.devever.net/~hl/smartcards

    1. 3

      As playing with PCIe is not something easy, not a lot of test has been done, and even tho IOMMU could theorically stop an attacker from getting access to a memmory out of a context, one can see that those are not always well implemented.

    2. 3

      Wow, they fabricated multiple adapters and test boards, a freaking JIG, and a board with an FPGA and DDR3 in order to mess with the PCIe bus.

      I have a feeling this is beyond the FBI’s capabilities.

      1. 1

        I have a feeling this is beyond the FBI’s capabilities.

        But not beyond their wallets - which is how they get most of their security tools/exploits, anyway.