[Cryptography] The FBI can (almost certainly) crack the San Bernardino iPhone without Apple's help

Perry E. Metzger perry at piermont.com
Thu Mar 3 08:12:22 EST 2016


On Thu, 3 Mar 2016 01:25:26 +0100 Natanael <natanael.l at gmail.com>
wrote:
> The solution is to let us choose our walled garden, including the
> option of building our own. Let us be our own root authority if we
> wish. Most might prefer the factory default, but the option to
> switch mode to insert our own root so that we can control every
> security setting and every behavior should be there for us.

If the option is available and simple enough to turn on, then
phishermen will find ways to induce naive users to turn it on, and
people doing supply chain attacks or "evil maid" attacks will turn it
on when they intercept equipment.

On the other hand, although I suspect that (say) Apple will do a
better job securing their equipment than I will, there are a
number of manufacturers of more specialized equipment for whom this is
*not* true and I want the ability, as a sophisticated user, to
tighten the security on their systems.

So, the situation is not cut and dried, and there are few obvious
clean answers. We live in a dangerous world.

Perry
-- 
Perry E. Metzger		perry at piermont.com


More information about the cryptography mailing list