[Cryptography] Apple GovtOS/FBiOS & Proof of Work
Michael Kjörling
michael at kjorling.se
Fri Mar 18 18:45:38 EDT 2016
On 17 Mar 2016 17:39 -0700, from hbaker1 at pipeline.com (Henry Baker):
> With a proper PoW system, any attacker would have to spend at least
> as much time as Apple themselves to create a loadable firmware, and
> that time might be as long as 6-12 months.
Let's hope then that there are forever never any legitimate security
vulnerabilities discovered in the relevant software that need to be
patched in a hurry.
Remember the "goto fail;" bug from about two years ago? [1] [2] [3]
[4] Which was in plain sight in _publicly available_ code for anyone
who really cared enough to go over the code? [5] (And I assume that
multiple countries' intelligence agencies go over code like that with
a fine-toothed comb continuously, looking for things they might be
able to take advantage of. Even finding one such bug a year would
probably make it worth the programmer time, and I expect the rate to
be far higher.) It was an absolutely trivial fix to a high-impact
vulnerability once it had been spotted, with what I would consider
_no_ possibility of unintended side effects from the fix; exactly the
kind of update that in an ideal world (which, of course, we do not
live in) should be heading out the door about five minutes after the
programmer clicks "commit".
And of course, the presence of any "fiddlable" sections implies that
there is data in the firmware that doesn't really do anything at all.
You can't go around flipping bits in highly specific machine code or
even data used by it and expect nothing to happen; it has to be a
portion that just sits around unused. Is that something we really want
to encourage?
I can sympathize with the idea, and for some very specific situations
it might even have merit, but for general purpose software that at
times can very easily have a legitimate need to be updated quickly?
Not so much.
[1]: https://gotofail.com/
[2]: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1266
[3]: https://nakedsecurity.sophos.com/2014/02/24/anatomy-of-a-goto-fail-apples-ssl-bug-explained-plus-an-unofficial-patch/
[4]: https://www.imperialviolet.org/2014/02/22/applebug.html
[5]: http://opensource.apple.com/source/Security/Security-55471/libsecurity_ssl/lib/sslKeyExchange.c
--
Michael Kjörling • https://michael.kjorling.se • michael at kjorling.se
“People who think they know everything really annoy
those of us who know we don’t.” (Bjarne Stroustrup)
More information about the cryptography
mailing list