[Cryptography] About those fingerprints ...

Andrew W. Donoho awd at DDG.com
Thu Sep 12 00:53:49 EDT 2013

On Sep 11, 2013, at 12:13 , Jerry Leichter <leichter at lrw.com> wrote:

> On Sep 11, 2013, at 9:16 AM, "Andrew W. Donoho" <awd at DDG.com> wrote:
>> Yesterday, Apple made the bold, unaudited claim that it will never save the fingerprint data outside of the A7 chip.
> By announcing it publicly, they put themselves on the line for lawsuits and regulatory actions all over the world if they've lied.
> Realistically, what would you audit?  All the hardware?  All the software, including all subsequent versions?


	First I would audit that their open source security libraries, which every app has to use, are the same as I can compile from sources. Second, the keychain on iOS devices is entirely too mysterious for this iOS developer. This needs some public light shone on it. What exactly is the relationship between the software stack and the ARM TPM-equivalent. Third, in iOS 7, I can make a single line change and start syncing my customer's keychain data through iCloud. At WWDC this year, Apple did not disclose how they keep these keys secure. (As it is a busy conference, I may have missed it.) Fourth, does Apple everywhere use the same crypto libraries as developers are required to use? Fifth, what is the path for the fingerprint data from sensor to TPM-like device? I'm sure there are many more questions we could ask.

	And yes, subsequent versions need audits. That is why this is a formal part of the release process. It is just as important as an audited annual report. 

> This is about as strong an assurance as you could get from anything short of hardware and software you build yourself from very simple parts.

	I can image many stronger assurances than a promise in a video that is superseded by a click wrap EULA. 

	Per Perry's direction, I have elided the rest of Jerry's excellent comments. Thank you Jerry for making them.

Andrew W. Donoho
Donoho Design Group, L.L.C.
awd at DDG.com, +1 (512) 750-7596, twitter.com/adonoho

Download Retweever here: <http://Retweever.com>

No risk, no art.
	No art, no reward.
		-- Seth Godin

More information about the cryptography mailing list