development security

Good Apple, Bad Apple

Your name’s not down

Apple has been in the news a couple of times recently about security. In one case, there’s a lot of suspicion of their motives and wailing of teeth. In the other, they get lots of support. But both cases are about protecting privacy and security of their users.

Error 53, for which Apple now has a fix, is about how much you can trust the security gatekeeper, and is a similar problem to UEFI secure boot: if you cannot trust the authentication path, you shouldn’t trust the authentication, whether it’s authenticating a user or a software update. So the correct thing to do when you lose trust is to fail safe and ignore the untrusted path until an alternative authorisation is provided, if available.

In the FBI case, the question is whether Apple can provide access to a single phone, knowing that if access can be granted once, why can’t it be granted for any iPhone? Especially when there was an alternative means to retrieve the data, via iCloud, before the investigators tried to break in. A backdoor is a backdoor and has serious repercussions. As the DROWN announcement declares, poor security decisions by the US government about SSL 20 years ago are still causing security problems today.

I’m not Apple’s biggest fan, but I actually support them in both these cases. If something is meant to be secure, then any suspicion of a breach must fail secure. It means legitimate users can’t retrieve their data, but also there’s no way for illegitimate users to get in either. That includes law enforcement because there’s no technical way to distinguish between an illegitimate user and a valid investigator.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.