| ▲ | aaroncarson 4 days ago | |
100% - Apple wouldn’t be so stupid as to move the private host keys to an unencrypted partition when the Secure Enclave is _right there_. No way is the Secure Enclave too slow for this - it’s exactly what it’s designed to do! | ||
| ▲ | cyberax 4 days ago | parent | next [-] | |
I misspoke. I meant a partition that is only protected by the machine-level keys. But then I also realized that it's still likely to be hard to access for the attacker. So I don't really have much issues with that. | ||
| ▲ | davidczech 4 days ago | parent | prev [-] | |
They are encrypted with a SEP key when stored in preboot volume. | ||