

Episode 370: Jedda Wignall on Managed Device Attestation
8 snips Jul 2, 2024
Jedda Wignall, an expert in Managed Device Attestation and a vital contributor to the Mac Admins community, dives deep into trust in device management. He explains the intricacies of managed device attestation and its critical role in maintaining security through trust protocols and secure enclaves. The discussion covers Apple's collaboration with Google on device identity management and addresses the challenges faced during implementation. Jedda also shares insights on recent updates impacting security models, emphasizing the importance of rigorous device management.
AI Snips
Chapters
Transcript
Episode notes
Managed Device Attestation Explained
- Managed Device Attestation (MDA) cryptographically verifies device identity.
- This cryptographic verification comes from Apple, anchoring trust in the hardware.
Secure Enclave and Device Identity
- Apple's secure enclave, a crypto processor, generates and stores unique keys for each device during manufacturing.
- Apple uses these keys to verify the device's identity during attestation.
VM Spoofing and Device Enrollment
- A Duo Security document in 2018 revealed how VMs could spoof enrolled devices, highlighting a security risk.
- This vulnerability allowed unauthorized access, emphasizing the need for stronger device trust.