This is the key point.
Lets say we have low level owned. We say allow official key, and 000000 (our key). At that point we can run anything on the system we want.
New Firmware comes in. Changes official key. We can see that, probably also see key - key is used to start the new kernel. Kernel is hardened against all known attacks.
We try to look at its behavior, it uses memory address space randomization. We have a hard time doing that. Even though we own the system, we cant read new keys (for other stuff) in the kernel.
This might be a difficult problem. Probably solvable, but the timeframe is important too.
I think this is how it works - but I'm not an expert. Just someone proficient at logic.
Hmm. I think in the switch, the keys are stored in the TZ, meaning we will always own them. Also, while the kernel may be obfuscated, it must be able to decrypt packages to load them. So we can just tell the kernel "go decrypt this" and it will. Worst case, since we are running from the TZ, where the kernel can not see us we always have the upper hand, no?
Last edited by Onibi,