[Cryptography] eliminating manufacturer's ability to backdoor users

Jerry Leichter leichter at lrw.com
Mon Feb 22 18:51:21 EST 2016 

> 
> They left a bug in their device.  They are now being commanded
> to write an exploit for that bug....
Sorry, but this is nonsense - as is much of the ranting here about how Apple did "this" (for some unspecified value of "this") for reasons of market control, "because they want to own the phone", or whatever.

Apple provides a mechanism to force-boot a new OS on a phone, overriding anything that's there, because people are unhappy to be told that their expensive piece of equipment has been turned into brick.

Two weeks ago, the big tumult on the Internet as about "Error 53", in which indeed iPhones *were* "bricked" by a too-strict enforcement of a security feature that binds the CPU to the fingerprint detector.  Were you out there arguing that Apple was doing the right thing?

Now, the ability to restore a dead iPhone by force-loading a new OS can be implemented in one of two ways:

1.  The force-load erases the previous content of the phone before loading the new OS image;
2.  The force-load preserves the previous content of the phone.

Apple implemented (2).  Had they implemented (1), the entire debate we are now having would never have occurred.  (Perhaps it would have occurred about some other aspect of iOS.  All of you who've implemented perfect code, which even after being distributed to hundreds of millions of people showed no bugs ... please raise your hands.)

It's clear that from a best-possible-security point of view, (1) is better.  Now, I'd like to have someone tell me how choosing to do (2) was in any way advantageous to Apple itself.

No, (2) is advantageous *to the vast majority of users, most of the time* when their phones die, due to hardware or software issues.  It means they can get their data back.  Most people will tell you they want the tradeoff done that way.  

Hell, a *really* secure phone would erase its contents as soon as the back was removed.  You want a repair done on your phone?  Better be sure you have a backup.  Technically, Apple already more or less tells you this - especially with Mac's - but in practice most repairs preserve the data.  This makes customers happy.

                                                        -- Jerry

More information about the cryptography mailing list