mox to Technology@lemmy.worldEnglish • 1 year agoUnpatchable vulnerability in Apple chip leaks secret encryption keysarstechnica.comexternal-linkmessage-square13fedilinkarrow-up11arrow-down10file-textcross-posted to: apple_enthusiast@lemmy.worldtechnology@lemmy.ml
arrow-up11arrow-down1external-linkUnpatchable vulnerability in Apple chip leaks secret encryption keysarstechnica.commox to Technology@lemmy.worldEnglish • 1 year agomessage-square13fedilinkfile-textcross-posted to: apple_enthusiast@lemmy.worldtechnology@lemmy.ml
minus-square@GlitterInfection@lemmy.worldlinkfedilinkEnglish1•1 year agoThis requires local access to do and presently an hour or two of uninterrupted processing time on the same cpu as the encryption algorithm. So if you’re like me, using an M-chip based device, you don’t currently have to worry about this, and may never have to. On the other hand, the thing you have to worry about has not been patched out of nearly any algorithm: https://xkcd.com/538/
minus-square@GissaMittJobb@lemmy.mllinkfedilinkEnglish1•1 year agoAh yes, good old Rubber-hose cryptanalysis.
minus-square@just_another_person@lemmy.worldlinkfedilinkEnglish0•1 year agoSure. Unless law enforcement takes it, in which case they have all the time in the world.
minus-square@GlitterInfection@lemmy.worldlinkfedilinkEnglish0•1 year agoYup, but they’re probably as likely to beat you up to get your passwords.
minus-square@brbposting@sh.itjust.workslinkfedilinkEnglish1•1 year agoNo way! Even the evil ones will try to avoid jail. Meanwhile they might have a friggin budget for the GrayKey, the Stingray… Definitely believe rights are more likely to be violated when they can just plug in or power on without getting their gloves dirty.
This requires local access to do and presently an hour or two of uninterrupted processing time on the same cpu as the encryption algorithm.
So if you’re like me, using an M-chip based device, you don’t currently have to worry about this, and may never have to.
On the other hand, the thing you have to worry about has not been patched out of nearly any algorithm:
https://xkcd.com/538/
Ah yes, good old Rubber-hose cryptanalysis.
Sure. Unless law enforcement takes it, in which case they have all the time in the world.
Yup, but they’re probably as likely to beat you up to get your passwords.
No way! Even the evil ones will try to avoid jail.
Meanwhile they might have a friggin budget for the GrayKey, the Stingray…
Definitely believe rights are more likely to be violated when they can just plug in or power on without getting their gloves dirty.