[cryptography] Here's What Law Enforcement Can Recover From A Seized iPhone

Nico Williams nico at cryptonector.com
Thu Mar 28 20:47:15 EDT 2013


On Thu, Mar 28, 2013 at 7:24 PM, Kevin W. Wall <kevin.w.wall at gmail.com> wrote:
> On Thu, Mar 28, 2013 at 7:27 PM, Jon Callas <jon at callas.org> wrote:
>> [Rational response elided.]
>
> All excellent, well articulated points. I guess that means that
> RSA Security is an insane company then since that's
> pretty much what they did with the SecurID seeds. Inevitably,
> it cost them a boatload too. We can only hope that Apple
> and others learn from these mistakes.

RSA did it for plausible, reasonable (if wrong) ostensible reasons not
related to LEA.

> OTOH, if Apple thought they could make a hefty profit by

There is zero chance Apple would be backdooring anything for profit
considering the enormity of the risk they would be taking.  If they do
it at all it's because they've been given no choice (ditto their
competitors).

> selling to LEAs or "friendly" governments, that might change
> the equation enough to tempt them. Of course that's doubtful
> though, but stranger things have happened.

This the tin-foil response.  But note that the more examples of
bad-idea backdoors, the less confidence we can have in the rational
argument, and the more the tin-foil argument becomes the rational one.
 In the worst case scenario we can't trust much of anything and we
can't open-code everything either.  But in the worst case scenario
we're also mightily vulnerable to attack from bad guys.  Let us hope
that there are enough rational people at or alongside LEAs to temper
the would-be arm-twisters that surely must exist within those LEAs.

Nico
--


More information about the cryptography mailing list