Are hardware security keys (e.g ones supporting Fido2) “able to protect authentication” even in case of compromised devices?

Correct me if I am wrong, please.

I understand that 2FA (MFA) increases account security in case an attacker obtains a password which might be possible via various ways, e.g. phishing, database breach, brute-force, etc..

However, if the 2FA device is compromised (full system control) which can also be the very same device then 2FA is broken. It’s not as likely as opposed to only using a password but conceptually this is true.

Do hardware security keys protect against compromised devices? I read that the private key cannot be extracted from those devices. I think about protecting my ssh logins with a FIDO2 key. Taking ssh as an example, I would imagine that on a compromised device the ssh handshake and key exchange can be intercepted and the Fido2 key can be used for malicious things.

Additionally: Fido2 protects against phishing by storing the website it is setup to authenticate with. Does FIDO2 and openssh also additionally implement host key verification or doesn’t it matter because FIDO2 with openssh is already asymmetric encryption and thus not vulnerable to MitM attacks?

Methods to Prove Data Authenticity from Potentially Compromised Sources?

I’ve been thinking about this problem for some time and I wanted to ask if there are any known methods, or research papers, about how to prove "authenticity" or correctness of data originating from a potentially compromised source (remote server, process, etc). Specifically what I’ve been imagining is say you have service A and service B, service B sources data from A but is worried that A has been compromised such that even if data is signed by A, B can’t trust that it was generated by code written by A‘s developers. Is it possible for B to prove to itself that data from A is authentic, that it was indeed generated by the expected code and not injected or generated by an attacker who has compromised A?

One solution I’ve been thinking about is using a sort of distributed ledger or blockchain so that multiple nodes compute the same data, and in doing so raises the bar such that an attacker would have to compromise N% of the services producing the needed data, this provides naturally replication and I can use an appropriate consensus protocol, but ofc introduces some overhead, efficiency concerns, and I would need to think hard about side-effects being performed more than once.

If there is only one node possible of generating data, such as a sensor node, and it is compromised, I’d imagine all hope is lost, but I also wouldn’t be surprised if there is some clever crypto scheme that attempts to solve this problem as well.

I hope it’s clear as to what the question is, thank you.

Can an iOS backup be compromised?

I originally posted this on the Apple Stack Exchange but it was suggested that it was off topic, so I’m posting it here in hopes that this is a more relevant place for it.

Say that an iOS device has been compromised by some vulnerability. If one were to backup their device to their computer (or iCloud, but it’s my understanding that making an encrypted backup to a computer allows for more to be stored in the backup, such as passwords) and then restore the OS using the backup to restore settings, could the backup re-compromise the device?

Secondly, have there been any documented cases of persistent threats (outside of jailbreaks) that are remotely exploitable and can persist after a restore?

Does a Chromecast could be compromised from its default open network?

I left my apartment for few days, so I disconnected my wireless router but I forgot to disconnect my Chromecast as well. I remember that when a Chromecast can’t find the network it was connected anymore, it creates an open network that can be used to reconnect to another wireless network.

The issue is that I’m away from my apartment for a few days and my Chromecast is probably currently broadcasting an open network that anyone can connect to.

Even if there is no internet connexion on that open network, there are two things I’m worried about.

  1. The Chromecast could be attacked from a wireless exploit. We don’t know how someone else’s computer could be infected by malware, the Chromecast could be attacked once that infected computer connects to it (for example, by running wireless exploits against). Even, the worst scenario could be an attacker just connecting to that Chromecast open network and directly run exploits against it.

  2. It might be possible for someone who can attack the Chromecast to get the wireless network password that the Chromecast was previously connected to. This password might be obviously stored somewhere on the Chromecast memory and with some access to the filesystem by a kind of jailbreak (for example, the point 1), it could be retrieved and used to connect to my wireless network.

Considering those two points, should I factory reset my Chromecast once I’m back to my apartment ? Or even safer, should I get rid of this Chromecast considering that the firmware could have been compromised and buy a new one ?

How do I identify, characterize and detect if trusted CAs compromised?

What is the best approach to use in identifying, characterizing and detecting compromised CAs? I do not mean an invalid certificate or invalid CA that can be identified by an X.509 during validation process. I am looking for a tool/approach that can identify and detect “trusted CA that is actually compromised. For example the cause of compromisation like attacker Impersonate or compromise CA key and try to issue fraudulent certificate/ fake CRL.

A part from existing methods such as CT, key pinning, DANE etc which partly address some issues related to CA compromised.

I there a way from method like Blockchain, Machine learning or any role based approach can be used to first identify, characterize and detect if trusted CA really compromised?