[Cryptography] EFF amicus brief in support of Apple

Jerry Leichter leichter at lrw.com
Sun Mar 6 20:53:33 EST 2016


> The general reply is that the overall model of open and all
> these related things simply hasn't had enough time to develop,
> execute, and be evaluated in a world that has only known closed.
How long has the Gnu project been around?  How long has Linux been around?  The various open BSD's?

This sounds like the radical libertarian's answer to every objection:  Libertarianism has never *really* been tried, so you have have no reason to believe it won't work (and my beautiful theoretical arguments show it *will* work).

The parallel is actually deeper, because in both cases when examples of *partial* steps in the theoretically-correctly direction are shown to produce *worse* results, the answer is always "oh, you have to go further before it all starts working right".

The fact of the matter is, we have zero evidence that open source produces more "inherently secure" systems than closed source.  We also have zero evidence of the opposite.  Over the last month or so, we've found that Apple's closed-source iOS has a vulnerability to a certain kind of government coercion that it was supposed to be secure against; and that every Linux box on the planet has a remote execution vulnerability in its name resolver, and has had for 8 years.  (Comparing these two isn't the issue - they are simply bugs that have been revealed at a particular point in time.)

Now, that's "inherent security" - which is actually of little more than theoretical interest.  What we're talking about is the security seen by *real* users of *real* systems.  And here the evidence is absolutely clear:  Closed source, with automatic updates, wins hands down.  Let's watch it at work.  Apple will reportedly fix the current vulnerability (probably by requiring the unlock code to be entered even for a forced update - or perhaps giving the option of allowing the update without the unlock code if the device is zeroed) in a forthcoming release of iOS.  Let's compare the percentage of fixed iOS devices to the percentage of fixed Linux boxes over time.

Let's also be clear about something:  Most of the people who are in a position to inspect all that code and build their own hyper-secure system ... *have no rational need* for a hyper-secure system to begin with.  They like to imagine that they are protecting themselves from nasty government agents ... but the fact is few of them will ever be of the slightest interest to such agents.  And most attackers aren't that sophisticated anyway.  If you like to build stuff from the ground up - by all means, go ahead.  But don't for a moment imagine that what you're doing has anything to do with the *needs* of all but a tiny fraction of your fellow human beings.  They need stuff that stays out of their way, doesn't require that they devote significant effort to it - and "just works" in protecting them against the threats they reasonably face.

                                                        -- Jerry



More information about the cryptography mailing list