On Sep 11, 2013, at 9:16 AM, "Andrew W. Donoho" <a...@ddg.com> wrote:
> Yesterday, Apple made the bold, unaudited claim that it will never save the
> fingerprint data outside of the A7 chip.
By announcing it publicly, they put themselves on the line for lawsuits and
regulatory actions all over the world if they've lied.
Realistically, what would you audit? All the hardware? All the software,
including all subsequent versions?
This is about as strong an assurance as you could get from anything short of
hardware and software you build yourself from very simple parts.
> Why should we trust Cook & Co.? They are subject to the laws of the land and
> will properly respond to lawful subpoenas. What are they doing to ensure the
> user's confidence that they cannot spread my fingerprint data to the cloud?
Apparently not enough to give *you* confidence. But concerned as I am with
recent revelations, it doesn't particularly concern *me* nearly as much as many
other attack modalities.
> These questions also apply to things like keychain storage. Who has audited
> in a public fashion that Apple actually keeps keychains secure?
There's been some very limited auditing by outsiders. I found one paper a
while back that teased apart the format of the file and figured out how the
encryption worked. It appeared to be secure (if perhaps overly complicated),
but damned if I can find the paper again. (Searching these days turns up tons
of articles that center about the fact that when a keychain is unlocked, you
can read its contents. The vulnerability issues are subtle, but they only
apply at all if you're on the same machine as the unlocked keychain.)
It would be a nice thing if Apple described the algorithms used to encrypt
keychains. Perhaps this is the time to push them - and others - to be much
more open about their security technologies. Apple seems to be making a point
of *selling* on the basis of those technologies, so may be particularly
willing/vulnerable on this front.
> How do we know whether Apple has perverted under secret court order the
> common crypto and other libraries in every phone and iPad?...
You don't.
Then again, you don't know if Intel has been forced to include something in its
chips that allows someone with appropriate knowledge to download and run
privileged code on your machine. All modern Intel server chips include a
special management mode exactly to allow remote control over servers in a large
datacenter, regardless of how screwed up the software, including the OS
software, on them gets. Who's to say there isn't some other way to get into
that code?
Who you choose to trust and how much is ultimately your call. There are no
answers to your questions.
-- Jerry
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
