[Cryptography] the consequences of changing the password on your AppleID
Mark Seiden
mis at seiden.com
Sat Feb 20 19:07:55 EST 2016
so now we discover that if you have an unchanged password on your
AppleID and you log on from a known network (known to the phone)
the phone will then automatically back up to the Apple Cloud
and that backup will contain the current content of the phone.
But some clod at San Bernadino County changed the password for
Farook's AppleID (somehow without knowing the old password)
12 hours after the phone was recovered by the government.
So why doesn't Apple just go to its backups and restore the
hash of the old password and the timestamp of the last password
reset? and then the government can force a backup which Apple
can provide?
Problem solved, End of World Averted, Peace and Harmony in the
iphone world again (except now we all know Apple is still a
trusted party in this entire ecosystem).
More information about the cryptography
mailing list