[Cryptography] eliminating manufacturer's ability to backdoor users
Ray Dillinger
bear at sonic.net
Mon Feb 22 15:20:26 EST 2016
On 02/22/2016 04:52 AM, Allen wrote:
>> Apple is fighting the right fight, on both technical and legal fronts.
>> There is no purely technical (or purely legal) solution to this
>> problem that will actually work in the real world. Technical and
>> legal means must work hand-in-hand, supporting and balancing one
>> another.
>>
>
> Apple is fighting a losing fight, and in my opinion, the wrong fight
> because they are putting the larger battle at risk.
After finding out a bit more about the situation than I knew
before, I think I agree. Apple is fighting the stupid fight here.
They left a bug in their device. They are now being commanded
to write an exploit for that bug. The exploit demanded *is* in
fact limited to a particular phone, and there is *no* requirement
that it be applicable to any other. Nor can the exploit once
written be extended to any other (at least not without their
signing key) because the signature will not be valid. And the
bug, once exploited, can be fixed the way any other exploited
bug gets fixed.
I don't think there's a leg left for Apple to stand on here. They
need to provide the damn exploit, then fix their damn bug so that
no similar exploit will work on upcoming generations of devices.
The big bad security issue here, and the place for battle lines
to be drawn, is if the FBI (or anybody) tries to prevent Apple
from fixing the bug, or demands disclosure of or steals its
software signing key for unmonitored, criminal, or secret use.
It's a pretty slimy way to do it and the legal repercussions of
the way it's done are deliberately calculated to be the worst
possible for consumer security. It's dramatic, antagonistic,
and intentionally damaging to the company's reputation. It's a
reputation attack serving as a deliberate and vicious punishment
against Apple for providing their customers with an expectation
of privacy. But ultimately... it's also a legitimate bug report
that points out a genuine exploitable flaw.
Had they pointed this flaw out to Apple previously, without
accompanying the bug report without the demand to write an
exploit and deploy it against a particular device, it would
have been an entirely value-neutral, even helpful, thing to
do. As the matter stands, it's a calculated reputation attack
on the company and a tactic for getting adversarial precedent
into place. But there's not shit Apple can do about it
because the bug is real and the warrant is valid and the
technical capacity to serve the warrant does in fact exist
because of the bug.
Bear
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20160222/014fa8d5/attachment.sig>
More information about the cryptography
mailing list