On 02/20/2016 01:10 PM, John Young wrote:
If Apple can hack its own security then the products are backdoors.
Perhaps. However: If a system protects a secret with a 6-digit key and some fancy hardware, the system can be brute-forced. Apple is not to be blamed for assisting the adversaries of its customers (if it did, or if and when it will do so), as much as it should be blamed for telling its customers that the system they purchased is safe to use with a 6-digit key. (In Apple's defense, it must be said that the system is perfectly operational with higher-entropy keys). Those that criticize Apple should instead urge Apple's customers to use adequate keys. That however flies in the face of prevailing doctrine that security of digital systems must require absolute minimum of user effort and understanding. This incident is in my view only one more evidence that this doctrine must be reexamined. Factor _______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
