• mac@lemm.ee
    link
    fedilink
    English
    arrow-up
    0
    ·
    edit-2
    1 month ago

    Has there been any information about how long physical access is needed for these attack methods to extract data?

    I’ve got my auto restart set at 8 hours, in graphene’s mastodon thread, they say 10 minutes is best for highest levels of security. The short time frame given in that thread makes me wonder if these exploits give instant access to data.

    • jet@hackertalks.com
      link
      fedilink
      English
      arrow-up
      0
      ·
      edit-2
      1 month ago

      Typically the attacks don’t take 10 hours… they take seconds, what takes time is getting the captured device a laboratory and the laboratory having time to look at it. So what will happen usually is the phone is put into a faraday bag, hooked up to a usb charger, and put on a shelf until the laboratory can get around to it.

      Once the lab starts attacking the phone, it could take seconds as I said above, but some attacks are more involved requiring the phone to be disassembled and leads soldered onto the board. The restarting is about reducing the time the lab has before they can start and finish their attack

      The same process applies to computers and laptops as well, there are lots of mouse jigglers for sale to prevent a screen saver from going on.

  • TechnoFish@lemm.ee
    link
    fedilink
    English
    arrow-up
    0
    ·
    1 month ago

    One good thing about windows phones was that hardly anyone would have been insane enough to spend resources to develop a forensic tool for it.