[Cryptography] new wiretap resistance in iOS 8?

[Jerry Leichter]

On Sep 20, 2014, at 12:16 AM, John Gilmore <gnu at toad.com> wrote:
>>> Quoting from the new iOS 8 privacy policy announced tonight Wed Sep 17.
>>>> Apple has no way to decrypt iMessage and FaceTime data when itœôòùs in
>>>> transit between devices. So unlike other companiesœôòù messaging>
>>>> services, Apple doesnœôòùt scan your communications, and we wouldnœôòùt be
>>>> able to comply with a wiretap order even if we wanted to.
>>>  https://www.apple.com/privacy/privacy-built-in/
> 
> And why do we believe them?
> 
>  *  Because we can read the source code and the protocol descriptions
>     ourselves, and determine just how secure they are?
> 
>  *  Because they're a big company and big companies never lie?...
Because (a) if they make this kind of public pledge and it's shown to be false it would be a PR nightmare and would certainly result in lawsuits, FTC action, Congressional hearings, and similar events that would have costs way exceeding what they could possibly gain; (b) in the specific case of responding to a proper court request by lying about their inability to respond, the result would be massive fines and quite possibly jail time.  It's also been shown repeatedly that lies, or even mistakes, in widely publicized categorical statements of this sort are discovered sooner or later - and given the size Apple is as a target, it would certainly be sooner.

There are all kinds of assurances in the world, but outside of mathematics, there are no proofs.  Assurance based on the assurer's enlightened best interest is of a very different nature than assurance based on reading the code - but that doesn't make it less of an assurance.  Ultimately, you have to decide what you trust for any particular purpose - there's no golden road.

                                                        -- Jerry