Secure elements contain cryptographic processors that are made from huge companies known to have rather complex relationships with state agencies and SIGINT/COMINT units of nation states.

NXP (EU), Atmel (US), Freescale (US) … are just a few of the foundries that have a steady supply of cryptographic capable chips for secure elements and the likes. They have a common thing which is relationship to Governments.

We know that technology empowers both ways and is commonly considered a dual use product (Govt and Civil). A country can make justifications to backdoor a product for their own access which would leave the other users not within their legal jurisdiction seriously impaired on the security side now that the backdoor keys are held in certain Govt’s hands.

If we are talking about petty theft and hacking just for monetary profits, some of these so called secure elements from large foundries have already been badly shamed by their false advertisement of security which given an operator’s manual and a couple of time to think through and experiment, a university research student or a knowledgeable and motivated hacker might find a way through due to silly mistakes.

If we are talking about compromisation and sniffing of foreign important people’s iPads, Blackberries, Android phones and other portable smart devices, they are as insecure since the backdoor keys to the cryptographic chips used to secure portable smart devices used by national diplomats and important people are compromised at the foundry levels.

You can imagine what happens if Nation A uses chips made by Nation B finds that Nation B snoops on Nation A and the relation can be complex when Nation B accidentally fields the chips into it’s national services and what if Nation A manages to find the backdoor.

How secure is secure element ? In this current age of Govt’s eagerness to implement key escrow and backdoors, we are no less secure because security is observed by it’s weakest link where the weakest link is that one single master backdoor key that makes or breaks a system. We all we we are careless with keys and keys are not always labelled or handled with care. What happens if this single master backdoor key gets leaked into the world where it should never have been in the first place …….