Dyson's true discoveries are to find people predilected to believe silly things and spend lots of money on fads. He claims his vacuum cleaners produce more "suction". The vacuum of any air-moving machine is limited by the natural air pressure, not by a fancy impeller design. It's like making an empty bottle more "empty". My grandma's Kirby from the 1950s produced just as much "suction" as a Dyson, and it had a metal housing that you could hit with a cannonball with no dent.
Now Dyson would have us believe that he has done what no one else in any company has been able to do for 50 years with the hairdryer. What he does with it is akin to putting gold-plating on a dump truck. The non-plated version does the same job for a whole lot less.
I'd be curious to know what kind of water that guy used. Distilled water is actually not very conductive. Salt water is. The phone might not work as well in something other than culinary water.
The fact that Galaxy S7 Edge worked at all underwater is impressive! The guy was able to swipe the screen with his finger, but I don't think it worked every time. I'd be interested in seeing a single-press test, and seeing if the phone can accurately locate the finger (XY) on the screen. Swiping is one thing, but if you can't press the visual buttons on the display, you're phone won't work under water.
No matter how "properly" you wash your hands with soap, you're never going to eliminate the population of germs on them. Germs grow exponentially: unless you get all of them, you're only delaying the infection. Soap reduces their number, leaving your immune system time to react.
If you want to eliminate the germs, you have to sanitize the surface completely. Restaurants use bleaches for that purpose; hospitals have their own methods (heat, steam, chemicals, etc.) Soap is only a surfactant, removing oils, not a sanitizer.
So Dyson says: "Independent research shows that before they even reach the washroom, paper towels can contain large communities of culturable bacteria."
Yes, but those bacteria aren't likely to cause disease in humans. As I understand it, infectious viruses don't survive for long periods of time on dry surfaces, like paper towels. If one person having a cold or the flu uses a Dyson dryer, he aerosolizes the virus into tiny droplets hanging about in the air and splashing about on the doorknob. That's where the infection of the next visitor happens.
An SEM must be a fun toy to fiddle with
Your article is well-thought out. I would wonder, though, if the UID could be read with a simple optical microscope. Presumably the UID is written to a memory cell on the SoC using links that open (like a fuse) when a high current is passed through (like the old PROM memories used to). Those links wouldn't be embedded in layers of silicon: the opening of the link would heat up and perhaps emit material that would need to be dissipated. (The link would look like this ===-=== or this === === if open.) If such a cell is on the top, then its links are exposed and can be observed. If one didn't know the pattern used for that cell, then one could use the procedure you suggest on separate phones to deduce what it is. If one could get to that point, then one could read the UID on the target phone without modifying the SoC part (but the 'lid' would still have to come off). That makes the procedure I'm thinking about much more viable.
Those unique keys are probably recorded at the time of manufacture and saved to a DB (against the serial number of the phone or board). Apple complained about modifying their firmware to put in a backdoor bypassing the PIN entry procedure. I don't think they complained about handing over that CPU key when subpoenaed, or perhaps merely upon a request by the FBI. If the attacker knows the encryption function used by the NV memory controller, then they should be able to emulate that too.
For an attack using an emulated PIN entry, I would wonder how fast that could be done: I'd expect the software would filter out touches less than 10ms or so. (The touchscreen scan rate would have a period around that.) Using a single phone, I'd imagine you'd wind up with less than 10 potential key tries per second. Add to that the time needed to reset the emulated NAND, whatever that is, every 5 attempts or so. I think your procedure would work for a short numeric pin (with 10 possible characters, sequence length 5 or less), but more than that would seem impractical to me.
I'm sure all they're doing is taking the plastic off of the NV memory part, attaching a probe, and reading out what's there. Those dies are tested that way at the factory: there will be lands on there for a probe. The government can buy a few phones of the same model for experimentation to get it right, then read out the contents of the NV memory of the phone they care about.
Once they have those contents, it's just a matter of brute-force decrypting whatever is in the personal/confidential files. Remember it is the files that are encrypted, not the memory itself. All that is needed is enough processing power to run through all the likely password combinations until they get something that looks like it was humanly input. It's not that difficult if you have the phone in your possession and a supercomputer cluster at your disposal.
"Being somewhere they are not supposed to be is not, nor should it ever be, a valid reason to murder them."
Actually, it is if being there constitutes a felony (like a burglar entering your house, for example.) I should mention that "murder" is an unlawful killing: killing in self-defense isn't murder.
"At one time, the US Constitution said it was legal for one human being to own another."
Which right was abolished by the 13th Amendment in 1865. The people decided long ago that slavery wasn't a good thing. They decided gun control (likely as proposed by this study) wasn't a good thing even earlier than that with the 2nd Amendment. The opinion of the populace doesn't seem to be moving in the direction of the promoters of restricting guns....
To program is to be.