undefined | Better HN

0 pointsst3v3r10y ago0 comments

"They not even want a build that works for on any phone but the one in question."

That is completely not true. There is no way to make such a thing that can only work on one particular phone. There will be some point at which the compromised firmware image checks to see if it's that device, at which point it would be possible to change that to whatever device you want.

"This is the huge difference between this order (which I can live with) and blanket encryption backdoors using key escrow or other crap (which I'm absolutely vehemently against and willing to fight to the teeth)"

No, there is absolutely no difference between those two.

0 comments

Amezarak10y ago

If Apple hands the FBI a signed, compiled firmware image that say, checks the serial number of the phone, how does it make the jump to 'whatever device' they want? Why were Leos previously filing for multiple court orders for each older iPhone requiring a backdoored image?

otterley10y ago

> That is completely not true. There is no way to make such a thing that can only work on one particular phone

The technique that makes this possible is described in Apple's iOS Security White paper, page 6 ("System Software Authorization"): https://www.apple.com/business/docs/iOS_Security_Guide.pdf

This mechanism explains why you can't take an old release of iOS off a different phone and copy it to yours.

st3v3rOP10y ago

You've missed the point: By doing this, they've shown that it's possible, and that they already have the tools. Meaning that next time, it's going to be almost impossible to say no.

NZGumboot10y ago

Yes, there is. Firmware updates must be digitally signed using Apple's private key. That means no one except Apple can edit out the device check, or indeed modify the firmware in any way.

j / k navigate · click thread line to collapse