Saagar Jha (@saagar@saagarjha.com)

osy

06/21/2024 (replying to Saagar Jha)

@saagar if Apple's "TPM" is the Secure Enclave Boot Monitor then your Cellebrite malware cannot corrupt the measurement without bypassing SCIP https://support.apple.com/guide/security/secure-enclave-sec59b0b31ff/web

1 replies →

1 replies

Saagar Jha

06/22/2024 (replying to osy)

@osy86 Yes but if you exploit the measured software it’s not attesting what you care about

osy

06/22/2024 (replying to Saagar Jha)

@saagar Yeah but see any such exploit would be found by external researchers and reported to Apple obviously

spv

@osy86 @saagar obviously, would never be sold in a shady deal to any government agencies or private companies the big guys use to escape blame (fine a few corps, execs face nothing, gov faces even more nothing)

oh wait

osy

06/21/2024 (replying to osy)

@saagar in TPM parlance, Apple (only) implements a D-RTM, which does hardware enforcement to ensure measured code is what's executed