Apple said “no” to the FBI - I can’t see how the Australian Agencies would be any different.
Afaik, doing anything like accessing keys in the SEP is not something Apple will do nor can they do. They keys don’t leave the SEP - it’s use to authorise a process and doesn’t actually expose the keys in question. They’ve talked quite a bit about the architecture in the past and I highly doubt they’ll go and add system/hardware level knobs and levers to work around this. - Tim > On 5 Dec 2018, at 10:26 am, Michelle Sullivan <[email protected]> wrote: > > I suspect this might be something like Apple issuing an update for a specific > phone/user... however... considering that Apple stores keys on its > specialized chip one has to question how they would do this..? Capture the > user’s key upon access so they can unlock the store later? Capture > everything in the store when the user unwittingly unlocks it? > > Michelle Sullivan > http://www.mhix.org/ <http://www.mhix.org/> > Sent from my iPad > > On 05 Dec 2018, at 08:33, Nick Stallman <[email protected] > <mailto:[email protected]>> wrote: > >> Also does this mean that the custom firmware for one or a handful of targets >> is not a systemic weakness, but if (when) the custom firmware leaks out >> publicly and can be used criminally, it suddenly does become a systemic >> weakness? >> >> So a request can become illegal after it's already been executed? >> >> Note: I say "when" because by it's very nature, a copy of the firmware must >> be provided to the targeted criminals. >> Smart people being targeted could detect and make a copy of it, do a diff >> and hey presto they know exactly what's going on. >> It's like DVD encryption - you encrypt the content and then hand over the >> keys so the DVD can be viewed. >> >> On 5/12/18 7:12 am, Scott Weeks wrote: >>> --- [email protected] <mailto:[email protected]> wrote: >>> From: Christopher Hawker <[email protected]> >>> <mailto:[email protected]> >>> >>> https://apple.news/AOnumlAB9THOmg_8mnMS9DA >>> <https://apple.news/AOnumlAB9THOmg_8mnMS9DA> >>> ------------------------------------------------- >>> >>> >>> "Custom firmware built to address one notice or request >>> is not a systemic weakness unless it is deployed to >>> users other than the intended targeted user." >>> >>> I don't understand. They're going to write encryption >>> software with a weakness they can exploit and then force >>> the criminal to put it on his computer? How do they get >>> this malware only on "the intended targeted user('s)" >>> computer and no one elses??? >>> >>> >>> >>> "So long as the capability is held in reserve it does >>> not jeopardise the security of other users and is not >>> a systemic weakness," the department stated. >>> >>> Um, it compromises "the security of other users" in >>> that any computer interacting with the malware infected >>> computer is compromised by the interaction. >>> >>> >>> scott >>> >>> >>> >>> >>> >>> >>> >>> >>> >>> >>> >>> >>> >>> >>> >>> >>> >>> >>> >>> >>> >>> >>>>>> _______________________________________________ >>>>>> AusNOG mailing list >>>>>> [email protected] >>>>>> <mailto:[email protected]><mailto:[email protected]> >>>>>> <mailto:[email protected]> >>>>>> http://lists.ausnog.net/mailman/listinfo/ausnog >>>>>> <http://lists.ausnog.net/mailman/listinfo/ausnog> >>>> _______________________________________________ >>>> AusNOG mailing list >>>> [email protected] >>>> <mailto:[email protected]><mailto:[email protected]> >>>> <mailto:[email protected]> >>>> http://lists.ausnog.net/mailman/listinfo/ausnog >>>> <http://lists.ausnog.net/mailman/listinfo/ausnog> >>> _______________________________________________ >>> AusNOG mailing list >>> [email protected] >>> <mailto:[email protected]><mailto:[email protected]> >>> <mailto:[email protected]> >>> http://lists.ausnog.net/mailman/listinfo/ausnog >>> <http://lists.ausnog.net/mailman/listinfo/ausnog> >>> >>> >>> _______________________________________________ >>> AusNOG mailing list >>> [email protected] <mailto:[email protected]> >>> http://lists.ausnog.net/mailman/listinfo/ausnog >>> <http://lists.ausnog.net/mailman/listinfo/ausnog> >>> >>> >>> _______________________________________________ >>> AusNOG mailing list >>> [email protected] <mailto:[email protected]> >>> http://lists.ausnog.net/mailman/listinfo/ausnog >>> <http://lists.ausnog.net/mailman/listinfo/ausnog> >> -- >> Nick Stallman >> TECNICAL DIRECTOR >> [email protected] <mailto:[email protected]> >> www.agentpoint.com.au <https://www.agentpoint.com.au/> >> <https://www.agentpoint.com.au/> >> <https://www.instagram.com/Agentpoint/> <https://twitter.com/agentpoint> >> <https://www.facebook.com/agentpoint/>_______________________________________________ >> AusNOG mailing list >> [email protected] <mailto:[email protected]> >> http://lists.ausnog.net/mailman/listinfo/ausnog >> <http://lists.ausnog.net/mailman/listinfo/ausnog> > _______________________________________________ > AusNOG mailing list > [email protected] > http://lists.ausnog.net/mailman/listinfo/ausnog
_______________________________________________ AusNOG mailing list [email protected] http://lists.ausnog.net/mailman/listinfo/ausnog
