[Cryptography] About those fingerprints ...

Andrew W. Donoho awd at DDG.com
Wed Sep 11 09:16:48 EDT 2013


	Fingerprint scanners have shipped on laptops and phones for years.

	Yesterday, Apple made the bold, unaudited claim that it will never save the fingerprint data outside of the A7 chip.

	Why should we trust Cook & Co.? They are subject to the laws of the land and will properly respond to lawful subpoenas. What are they doing to ensure the user's confidence that they cannot spread my fingerprint data to the cloud? (POI frequently have fingerprints on file. Finding out which phone is used by whom when you have fingerprint data is a Big Data query away.)

	These questions also apply to things like keychain storage. Who has audited in a public fashion that Apple actually keeps keychains secure? How do we know whether Apple has perverted under secret court order the common crypto and other libraries in every phone and iPad? iOS 7 supports keychain storage in iCloud. Why should we trust Apple to keep our keys safe there? Where is the audit of their claims?

	Why should we trust Cook & Co. without verifying their claims? 

	IOW, where is the culture of public audit around security? Why did we ever trust the Canadian company RIM with our email without a public audit? Why do we trust Apple, MS, Google and others?

	The culture of secrecy around the security stack inside popular OSes needs to stop. (I am proposing "after the fact" audits of shipping OSes. They should never be an impediment to any organization shipping software in a timely fashion.) Sunlight on the libraries being used is the best disinfectant for security concerns.

	President Reagan had it right: "Trust but verify." Why should we trust Apple? Because their executives said so in a video? We need something stronger.


P.S. 	All you Android fanboys know how to globally replace Apple above with Google/Samsung.

Andrew W. Donoho
Donoho Design Group, L.L.C.
awd at DDG.com, +1 (512) 750-7596, twitter.com/adonoho

Download Retweever here: <http://Retweever.com>

No risk, no art.
	No art, no reward.
		-- Seth Godin

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20130911/05143452/attachment.html>

More information about the cryptography mailing list