new | ask | show | jobs
eddyg 2 months ago  [ - ]

I still like to encourage people to watch all of https://www.youtube.com/watch?v=BLGFriOKz6U&t=1993s for the details (from Apple’s head of Security Engineering and Architecture) about how iCloud is protected by HSMs, rate limits, etc. but especially the timelinked section. :)

bigyabai 2 months ago  [ - ]

I still recommend Mr. Fart's Favorite Colors as a refutation, describing why all of these precautions cannot protect you in a real-world security model: https://medium.com/@blakeross/mr-fart-s-favorite-colors-3177...

  Unbreakable phones are coming. We’ll have to decide who controls the cockpit: The captain? Or the cabin?
eddyg 2 months ago  [ - ]

Krstić: “Here’s how we reduce the chance that even Apple can access or alter X, and here’s how we can make that credible.”

Ross: “Even if you make X cryptographically airtight, the real fight becomes political/physical coercion: ‘ship this or else.’”

Those can both be true at the same time.

Thorrez 2 months ago  [ - ]

I don't understand.

That article (written in 2016) says that Apple will build unbreakable phones in the future. Now is the future. So it seems to imply that Apple phones today are unbreakable.

Also, where does the article discuss "all of these protections"? (HSMs, rate limits, etc.)

bigyabai 2 months ago  [ - ]

> So it seems to imply that Apple phones today are unbreakable.

Indeed. If you don't control the "unbreakable" security though, then the lock is not for your benefit.

> where does the article discuss "all of these protections"?

You could read the danged article, it's pretty clear about the vulnerability of proprietary mitigations. I hate quoting spoilers verbatim but here you go:

  The sharper you get, the more important the work. But the more valuable the work, the craftier — and more determined — your adversaries. Every attack is more novel than the last. [...] By the time you land an engineering gig at Apple, you are a twitchy, tinfoily mess.

  And it is in this spirit that you develop one of the most secure systems the world has ever known. [...] So adversaries be damned: You finally win on the merits. But who said anything about meritocracy? During the champagne toast, Mr. Fart steps from behind the curtain and pulls the pistol of last resort:

  “Don’t ship this. Or else.”
Thorrez 2 months ago  [ - ]

That quote is about building security vs not building security. It's about the government potentially ordering Apple to not build security. It's not about proprietary security vs non-proprietary.

Nothing in the article is saying that HSMs, rate limits, etc are weak.