--- begin forwarded text
Subject: Re: 56 Bits?????
Date: Thu, 28 Oct 1999 21:13:31 -0700
From: Mark Talbot <[EMAIL PROTECTED]>
To: "Thomas Weyer" <[EMAIL PROTECTED]>, <[EMAIL PROTECTED]>
Sender: <[EMAIL PROTECTED]>
[EMAIL PROTECTED] wrote:
>At 4:47 PM -0700 10/28/99, Mark Talbot wrote:
>>
>>My problem with this statement is that it's misleading and this seems to
>>be Apple's official policy as well. On the Apple website they have some
>>pages extolling the virtues of their wondrous new OS. The page describing
>>the new encryption feature <http://www.apple.com/macos/feature6.html>
>>contains the sentence "So even if someone manages to slip into your
>>office physically (when you're on a coffee break, say) and steals
>>sensitive files that you've encrypted, they can't read what's in them."
>>This is essentially bullshit. If someone gains physical access to "your
>>mother's iMac" with the purpose of stealing sensitive files they're going
>>to ignore the "industrial-strength" encrypted file and simply use
>>Norton's UnErase to recover the unencrypted original which is not
>>securely deleted.
>
>Actually I have ALWAYS said if you don't have physical security then
>you really have no security. If I can get to you machine I can
>replace your PGP libs with ones of my own the I compiled that leak
>key data. I can also install a hack to do key recording, the list
>continues. I did not write the Marketing piece however we ALL know a
>marketing piece when we see one, and that's what that is. I agree
>that it could provide a false sense of security to a very naive user
>and should have been worded better, however I feel the statement
>should be physical security is where security STARTS..... Then we
>add all what we have done this to it...
I agree that if physical access can be gained to a machine by an
adversary there is a bunch of things that can be done to compromise it.
It seems to me though that when Apple adds an encryption feature to the
OS it should take more than a twelve-year-old with a copy of Norton's
Utilities to recover and read the original file.
I know that this was a marketing piece & never thought you had anything
to do with it.
I bet if you took a poll of iMac users you'd find that the great majority
of them think that once they've encrypted a file with
"industrial-strength" encryption from the File menu it's encrypted and
only the password (or NSA supercomputers) will restore it. This should
hardly be considered unreasonable (or even particularly naive) on their
part.
Apple could have avoided this problem by securely deleting the original
file (it should at least be an option & turned on by default). That this
wasn't done is a severe design flaw in my opinion.
>>As to users having a path to eventually get to strong crypto "if allowed
>>by law": I live in the US and can use crypto of whatever strength I wish.
>>A company may provide to me crypto of whatever strength they wish. It
>>would seem to follow that if Apple is only providing weak crypto in the
>>products it is offering to sell me (AirPort, OS9) then this is a choice
>>that *Apple* has made. It would seem to be a relatively simple matter for
>>Apple to offer strong crypto domestically & weak crypto everywhere else;
>>Netscape and Microsoft already do this with their browsers.
>>
>
>I just 2 days ago asked to have the status of the strong crypto
>version looked into. We had been building 2 versions of every build
>(one exportable the other domestic) however we never seem to have
>built a domestic GM. The first step is the get a final copy/GM
>built, then worry about how to distribute where allowed by law.
>Apple has in numerous forms (Myself, Mike, Peter Lowe, etc),
>committed to shipping this where allowed, just realize that it takes
>a big company longer to churn this out of it's process then it would
>a small company. I expect as we have a concrete plan this list will
>be one of the first groups to know.
AirPort - weak crypto. Mac OS 9 - weak crypto. I know it's early but this
is starting to look distressingly like a corporate policy.
MST
--- end forwarded text
-----------------
Robert A. Hettinga <mailto: [EMAIL PROTECTED]>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
