[cryptome] Re: USG v Apple: Bruce Schnieir on Farook's Iphone
- From: Sean Lynch <seanl@xxxxxxxxxxxx>
- To: cryptome <cryptome@xxxxxxxxxxxxx>
- Date: Sun, 13 Mar 2016 11:33:57 -0700
On Mar 13, 2016 04:37, "douglas rankine" <douglasrankine2001@xxxxxxxxxxx>
Interesting article exploring Schnieirs views about issues around the
USG v Apple case.
Quote<<<And while this sort of attack might be limited to state actors
today, remember that attacks always get easier. Technology broadly spreads
capabilities, and what was hard yesterday becomes easy tomorrow. Today's
top-secret NSA programs become tomorrow's PhD theses and the next day's
hacker tools. Soon this flaw will be exploitable by cybercriminals to steal
your financial data. Everyone with an iPhone is at risk, regardless of what
the FBI demands Apple do>>>End of quote.
He sort of glosses over the need to have a copy of Apple's code signing
key. While it's true that a "bank robbery attack" is easier than needing to
tear down the chips and use an electron microscope or something, pretty
much all crypto is vulnerable to this same attack. I agree with him that
Apple can and must fix this problem, I think there's a risk that anyone
reading the article might think that the FBI's demands here don't matter,
or that it would be "OK" for the government to go after Apple's code
signing key instead.
Other related posts: