Are you citing "To protect the device from vulnerabilities in network processor firmware, network interfaces including Wi-Fi and baseband have limited access to application processor memory. When USB or SDIO is used to interface with the network processor, the network processor can’t initiate Direct Memory Access (DMA) transactions to the application processor. When PCIe is used, each network processor is on its own isolated PCIe bus. An IOMMU on each PCIe bus limits the network processor’s DMA access to pages of memory containing its network packets or control structures."? Correct?
The attention to hardware isolation and separation is appreciated, but I don't hold my breath for iBoot and SEPOS protecting an iPhone from powerful adversaries.
Blocking DMA is separate from 0days. One is a design decision, the other is a still-unavoidable consequence of complicated software.
I think that these mechanisms completely frustrate "bulk" in-field collection efforts; for example, scanning all phones at DUI checkpoints.
No technical control is perfect. If you personally piss off a nation state adversary, they are more likely to yeet you off to a black site and hit you with a wrench until you cough up your passcode.
Surely, someone will break iBoot, and surely, someone will break SEPOS. And surely, someone will chain a kernel exploit with a userspace exploit [0]. And surely, someone will leak the signing keys for a widely deployed cheap android phone [1]. And surely, someone will push 777 permissions to a cloud provider [2]. And most surely, powerful government adversaries will hold brutal exploits close to their chest in the service of power and politics [3].
So I guess, if you want to breath freely: host your infrastructure yourself where feasible. Choose providers who respect your privacy. Make a modest but financially fair donation to the EFF. Become politically active. Use better practices - not best - to avoid fatiguing yourself in the windmill chasing effort of being Perfectly Secure. Most importantly, stay awake and aware and ready to fight.
Are you citing "To protect the device from vulnerabilities in network processor firmware, network interfaces including Wi-Fi and baseband have limited access to application processor memory. When USB or SDIO is used to interface with the network processor, the network processor can’t initiate Direct Memory Access (DMA) transactions to the application processor. When PCIe is used, each network processor is on its own isolated PCIe bus. An IOMMU on each PCIe bus limits the network processor’s DMA access to pages of memory containing its network packets or control structures."? Correct?
The attention to hardware isolation and separation is appreciated, but I don't hold my breath for iBoot and SEPOS protecting an iPhone from powerful adversaries.