[Cryptography] Thoughts on the Apple iPhone fiasco
Tom Mitchell
mitch at niftyegg.com
Fri Feb 19 16:01:00 EST 2016
On Fri, Feb 19, 2016 at 6:32 AM, Theodore Ts'o <tytso at mit.edu> wrote:
> On Wed, Feb 17, 2016 at 06:30:46PM -0700, RB wrote:
> > My cynical conjecture is that for Apple this isn't really about
> > securing devices. Rather, it's about minimizing their legal
> > obligations and entanglements.
> > .... They see the door
> > closing
>
....
>
> Resisting in this case would be good, even if all it does is that it
> forces to FBI stipulates that it only applies for this very narrow
> fact pattern
It does not matter what the FBI stipulates. They cannot
make stipulations that bind this or other courts. The next court
not being bound by any stipulation can ask and go so far as
to demand delivery of the binary. Such delivery might be compelled
via a FISA/national security letter or warrant.... then shipped to a safe
house to crack open
Angela M's phone found in the lost and found of a beer garden.
This is the one and apparently the only opportunity to say no.
Some here run servers and some might have the home dirs of individuals
encrypted. The user logs in and magically their data is visible to them.
What if a court demanded that the login DOS and brute force attack defenses
of the server be turned off. Remove lock out, remove source IP address
filtering,
remove rate limiting. And also deliver /etc/shadow because the target
on the machine has a classified identity
.
--
T o m M i t c h e l l
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20160219/b39ddce4/attachment.html>
More information about the cryptography
mailing list