[Cryptography] Is Apple correct?
Bernie Cosell
bernie at fantasyfarm.com
Fri Feb 19 14:46:54 EST 2016
On 19 Feb 2016 at 5:53, CANNON NATHANIEL CIOTA wrote:
> My question is, how can the FBI's demands be considered a backdoor
> affecting anyone as if I understand correctly, would affect only the one
> specific device?
> If the firmware is programmed to only work on a phone with that specific
> IMEI number signed by Apple, am I correct that the firmware could not be
> modified to work on any other device since the signature would not
> match?
I don't think we can/do know that. If it has an IMEI hard coded into it,
what would prevent a hacker/government who obtained a copy of it from
hard coding a different IMEI into it [or making it IMEI agnostic
entirely].
On the theory that only the FBI (and a few people at Apple) knows the
IMEI of the affected phone, it is possible they could construct a patch
and encrypt it using the IMEI as the key. That *might* prevent hackers
[and other governments] from using it on other phones [but not the FBI:
since they know the target IMEI, *they* could decrypt the patch and we're
back where we started with a potential back door leaking out].
So I think it'll be very hard to make this a really secure
security-breach [is that an oxymoron?? :o)].
/Bernie\
--
Bernie Cosell Fantasy Farm Fibers
mailto:bernie at fantasyfarm.com Pearisburg, VA
--> Too many people, too few sheep <--
More information about the cryptography
mailing list