• @9tr6gyp3
    link
    16 months ago

    If the hardware is tampered, it will not pass the attestation test, which is an online component. It will fail immediately and you will be alerted. Thats the part of verified boot that makes this so much harder for adversaries. They would have to compromise both systems. The attestation system is going to be heavily guarded.

    • @[email protected]
      link
      fedilink
      1
      edit-2
      6 months ago

      which is an online component.

      So, storing on Signal’s server key to decrypt keys. Welcome back to apple-isms and online-only.

      It will fail immediately and you will be alerted.

      Provided you have some other non-compromised way of communications.

      • @9tr6gyp3
        link
        16 months ago

        Yes, verified boot will have out-of-bands alerts for you by design. Without the online component, you will risk not being able to detect tampering.