Ranter
Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Comments
-
thealex11077yI’m not sure if you can even call them backdoors anymore. They’re more like front doors.
-
@FrodoSwaggins Ok, but how is the Android comment relevant for this thread?
It's as unrelated as my tooth brush, isn't it? -
@FrodoSwaggins However I was curious myself. The most apparent thing I found is a bit older, but still interesting: http://zdziarski.com/blog/...
-
@FrodoSwaggins Not for me. It's argue that's a matter of the mind set you have.
I refuse to read and hear everything like that. It's what makes many discussions in our field so tiring.
However in regards to that backdoor: What you're describing is precisely how a backdoor works. It doesn't imply that "everyone" has access through it, but only the one holding the key (usually the developer/vendor, in this case Apple).
That's not a vulnerability, it's a backdoor. However one is not always worse than the other, the difference is just that one is integrated by purpose and the other is not, and (often but not always) that a backdoor requires a key to be used. -
I'd argue that the deep integration of Google/Apple accounts into these devices could be regarded as a backdoor already (at least to an extent).
-
"... and you are god if you have Apple's encryption keys. That shouldn't be news to anybody."
No, but it's still a reason for me to not use such a device. -
@FrodoSwaggins Let me specify what I regard as a backdoor:
A backdoor is a method to give access to a system or device to a party which is not the owner or at least authorized by him and grants access to data or privileges without the owner's consent. -
@FrodoSwaggins On Linux *I* decide what gets installed and updated and which application reads my data That's the difference.
Indeed I would not necessarily call this vulnerability a 'backdoor' and I would do not assume malice from Apple, for me it looks more like carelessness after having read through that article.
It's still a considerable risk and, in my eyes, a horrible design decision, to grant every computer I ever plugged my smartphone in, such a level of access to it. -
@FrodoSwaggins I misunderstood your comment about Apple's keys before, and thought you had found something in that article I did not see.
That's why I responded in that way.
I assumed Apple had keys which allowed them to have the same kind of access as paired computers do. -
Addendum to my next-to-last commend: The actual 'backdoor' part of the article can be found on page 12 and is the bypass of security mechanism which are meant to prevent the vulnerability received above.
-
@FrodoSwaggins Where do you think I have done that? I think you're reading your own prejudices into my words...
Why does the FBI even bother asking Apple to put a back door into their devices when it already comes with backdoors?
rant