Comment on A group of R1 jailbreakers found a massive security flaw in Rabbit’s code
fubarx@lemmy.ml 6 days ago
Many years ago, folks figured out how to crack firmware and find embedded keys. Since then, there have been many technological advances, like secure enclaves, private/public key workflows, attestation systems, etc. to avoid this exact thing.
Hopefully, the Rabbit folks spec’d a hardware TPM or secure-enclave as part of their design, otherwise no amount of firmware updating or key rotation will help.
There’s a well-established industry of Android crackers and this sort of beating will keep happening until morale improves.
xthexder@l.sw0.com 5 days ago
Hahaha, that hardware is built to be as cheap as possible so they can make money on this scam of a product. I doubt the people making it even know what a TPM is from everything else we’ve seen.