Hacker News new | past | comments | ask | show | jobs | submit login

This breaks the security model of all affected devices using this chip.

Including all iPhones sold today. Bye bye secure enclave. Bye bye full disk encryption.




No it doesn't, the secure enclave is a separate chip, it doesn't uses ARM trustzone, infact AFAIK Apple never implemented trustzone in any of their SOC's.

Considering the previous publications by this author the issue is most likely within the TZ Kernel that QM uses not in the hardware itself, previous vulnerabilities that were disclosed by the same guy/gal/singular or plural sentient entity were patched.


To be clear, Secure Enclave is a coprocessor on Apple's A7 and later SoCs, it's not a physically separate chip from the main processor. But you are correct it's different from TrustZone.


Thanks for the correction, I've read that it was a separate die but you are correct it's in the same package.


Just picking some nits..., but being on a separate die still can mean that it's in the same package.

https://www.google.de/search?q=multi+chip+package&tbm=isch


Early, iOS 7-era articles on the ARM chips used in the 5S imply Apple based their work on TrustZone, do we have any citations to definitively say either way? I suppose all this speculation will have to wait until more details are released or discovered.


More like bye bye Android Pay, didn't take much for the weakest link to break.


I’ve said this before (and got heavily downvoted) that the concept of Android Pay is stupid anyway.

Even worse than their version that works with a hardware secure enclave is the version which works without one.

How does that one work? By ensuring that the user didn’t modify the OS image.

That’s literally all security there is.

It’d be a lot better if they’d just build a security model that doesn’t have to rely on the device being secure, but instead rely on the banks’ servers being secure.


You can thank your bank for this :)


Well, my bank certainly has no involvement in this, and the banks I own shares of neither.

I can thank some US banks that I, as German Android user, get locked down by Google. I get all the issues, none of the benefits.


iPhones do not use Qualcomm chipsets, so you're wrong.


Depends on your definition of chipsets, but iPhones do use a significant amount of Qualcomm chips.

One source of many: https://www.ifixit.com/Teardown/iPhone+6s+Teardown/48170




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: