> How would relaxing the tamper-resistent key protection help here? One needs the PIN to reimage the device. Chicken & egg. Creating a one-off OS image can't help without first having the PIN.
The weak link is that a PIN can be cracked very quickly; in hours or days. The search space just isn't very large.
The only thing preventing the FBI from doing so is the Apple-signed iOS code that erases data keys after too many unsuccessful retries.
So, if Apple uses their privileged backdoor to disable that check, the FBI can brute force the encryption key by trying as many PIN combinations as they like.
In effect, this means Apple already has the cryptographic backdoor necessary own any PIN-protected iPhone in the world.
That's small potatoes, though -- they can also install new software on locked devices, and push modified updates to applications distributed through the AppStore. After all, apps are resigned with Apple's signing key, discarding the original software authors' signatures.
When you factor in bitcode (in which Apple compiles the actual binaries server-side), application authors can't even verify that distributed binaries match what they uploaded, and the use of a relatively high-level bitcode allows Apple to much more easily patch/rewrite significant portions of the application.
In other words, Apple built a system in which they have almost absolute authority over every iPhone, and due to strict platform DRM, there's almost zero transparency into their use of it.
> Authoritarian already has a widely recognized definition.
"adj. Characterized by or favoring absolute obedience to authority, as against individual freedom: an authoritarian regime."
Can you install software on your iPhone that pre-empts Apple's authority over the device?
Can you install software without Apple's approval?
Can you prevent Apple from installing whatever software they like on your iPhone, including software that implements CALEA-compliant real-time surveillance?
The answer to all three is "no", and why I think this absolutely fits the "authoritarian" definition.
You can, of course, use a different vendor's phone. The situation there will be roughly the same. Eventually, if nothing else changes, we'll see CALEA expand to cover smart phones in the same way it expanded to cover internet traffic once the ISPs were sufficiently consolidated. The vendors' authority over the devices makes this easy.
The weak link is that a PIN can be cracked very quickly; in hours or days. The search space just isn't very large.
The only thing preventing the FBI from doing so is the Apple-signed iOS code that erases data keys after too many unsuccessful retries.
So, if Apple uses their privileged backdoor to disable that check, the FBI can brute force the encryption key by trying as many PIN combinations as they like.
In effect, this means Apple already has the cryptographic backdoor necessary own any PIN-protected iPhone in the world.
That's small potatoes, though -- they can also install new software on locked devices, and push modified updates to applications distributed through the AppStore. After all, apps are resigned with Apple's signing key, discarding the original software authors' signatures.
When you factor in bitcode (in which Apple compiles the actual binaries server-side), application authors can't even verify that distributed binaries match what they uploaded, and the use of a relatively high-level bitcode allows Apple to much more easily patch/rewrite significant portions of the application.
In other words, Apple built a system in which they have almost absolute authority over every iPhone, and due to strict platform DRM, there's almost zero transparency into their use of it.
> Authoritarian already has a widely recognized definition.
"adj. Characterized by or favoring absolute obedience to authority, as against individual freedom: an authoritarian regime."
Can you install software on your iPhone that pre-empts Apple's authority over the device?
Can you install software without Apple's approval?
Can you prevent Apple from installing whatever software they like on your iPhone, including software that implements CALEA-compliant real-time surveillance?
The answer to all three is "no", and why I think this absolutely fits the "authoritarian" definition.
You can, of course, use a different vendor's phone. The situation there will be roughly the same. Eventually, if nothing else changes, we'll see CALEA expand to cover smart phones in the same way it expanded to cover internet traffic once the ISPs were sufficiently consolidated. The vendors' authority over the devices makes this easy.
At that point, there won't be a choice at all.