On Sep 11, 2013, at 12:13 , Jerry Leichter <leich...@lrw.com> wrote:
> On Sep 11, 2013, at 9:16 AM, "Andrew W. Donoho" <a...@ddg.com> wrote:
>> Yesterday, Apple made the bold, unaudited claim that it will never save the
>> fingerprint data outside of the A7 chip.
> By announcing it publicly, they put themselves on the line for lawsuits and
> regulatory actions all over the world if they've lied.
>
> Realistically, what would you audit? All the hardware? All the software,
> including all subsequent versions?
Jerry,
First I would audit that their open source security libraries, which
every app has to use, are the same as I can compile from sources. Second, the
keychain on iOS devices is entirely too mysterious for this iOS developer. This
needs some public light shone on it. What exactly is the relationship between
the software stack and the ARM TPM-equivalent. Third, in iOS 7, I can make a
single line change and start syncing my customer's keychain data through
iCloud. At WWDC this year, Apple did not disclose how they keep these keys
secure. (As it is a busy conference, I may have missed it.) Fourth, does Apple
everywhere use the same crypto libraries as developers are required to use?
Fifth, what is the path for the fingerprint data from sensor to TPM-like
device? I'm sure there are many more questions we could ask.
And yes, subsequent versions need audits. That is why this is a formal
part of the release process. It is just as important as an audited annual
report.
> This is about as strong an assurance as you could get from anything short of
> hardware and software you build yourself from very simple parts.
I can image many stronger assurances than a promise in a video that is
superseded by a click wrap EULA.
Per Perry's direction, I have elided the rest of Jerry's excellent
comments. Thank you Jerry for making them.
Anon,
Andrew
____________________________________
Andrew W. Donoho
Donoho Design Group, L.L.C.
a...@ddg.com, +1 (512) 750-7596, twitter.com/adonoho
Download Retweever here: <http://Retweever.com>
No risk, no art.
No art, no reward.
-- Seth Godin
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
