undefined | Better HN

0 pointsclosetnerd3y ago0 comments

Is there more on this? Can this as is really be enough to maintain the security guarantees Apple currently provides?

0 comments

5 comments · 2 top-level

f_devd3y ago· 3 in thread

What security guarantees do Apple currently provide?

I can't imagine much more than E2EE & maybe encrypted-at-rest (which is not a protocol-level feature anyway).

Well, the security coprocessor on every iPhone and Mac runs a formally verified operating system that manages the at-rest encrypted messages. Also, all software running on the phone is vetted before being allowed to hit consumer devices, which adds an extra level of security between malicious developers and kernel APIs.

There's no way Android will support that stuff across its entire ecosystem, so I guess it means the law is toothless? Maybe it means it will be up to each hardware manufacturer to ensure interoperability?

dcow3y ago

1. I don't think "formally verified" means what you want it to here. You mean there a hardware checks signature chain from boot to kernel, secure boot. Apple's software has too many security vulnerability to be considered "formally verified".

2. Android does support device attestation and secure boot. I 100% would love to see our future SMS replacement require frequent signatures from device attestation hardware (why not every message) and require E2EE messages.

1 more reply

f_devd3y ago

Encrypted at rest does not actually do anything against interoperability of protocols (as I put in my comment), a secure element/coprocessor is nice but still does nothing against compatibility. Even if the entire protocol is somehow in the coprocessor (ala BPF/SGX) there is nothing preventing the counterparty from running it on a regular CPU.

1 more reply

spogbiper3y ago

Apple currently provides no encryption at all when their users communicate with the owners of the 75% of mobile devices that are not Apple. Apple could do better for it's customers.

j / k navigate · click thread line to collapse