[Cryptography] EFF amicus brief in support of Apple

Arnold Reinhold agr at me.com
Wed Mar 9 13:55:58 EST 2016


On Tue, 8 Mar 2016 15:58 Allen argued:

> Now, with all that said, if Apple wanted to strengthen its position for
> future cases, instead of signing the code, it could include with the code a
> declaration that read "I, Apple Corporation, do hereby affirm under penalty
> of perjury that the attached code which hashes to the value
> 0x746547493947363748 was prepared by and is endorsed by this Corporation to
> run on an iPhone model XXX.  Signed this 8th day of March, 2016, by Apple
> Corporation /Digital Signature/"  The loader code could then be changed to
> look for the signed affirmation rather than just the signed code.

Apple does make assertions of this sort in writing to it customers. For example, in its "iOS Security Guide" https://www.apple.com/business/docs/iOS_Security_Guide.pdf Apple says iOS includes a Device Firmware Upgrade (DFU) mode, and that “Restoring a device after it enters DFU mode returns it to a known good state with the certainty that only unmodified Apple-signed code is present.”

Arnold Reinhold




More information about the cryptography mailing list