Apple confirms iOS kernel code left unencrypted intentionally(techcrunch.com) |
Apple confirms iOS kernel code left unencrypted intentionally(techcrunch.com) |
Source: I was on those lists.
A PR person would bristle at the idea of denying to unlock the phone of a terrorist. It took real cojones for Apple to stand up for privacy at such a time.
Not a fan of Memcache? Personally I find it has a certain cachet about it. /jk
Then why does Apple avoid paying taxes?
Let's not kid ourselves: Apple is a company, and companies are only "altruistic" if they expect that it will help their bottom line.
> Any one may so arrange his affairs that his taxes shall be as low as possible; he is not bound to choose that pattern which will best pay the Treasury; there is not even a patriotic duty to increase one's taxes.
If we want companies to pay more taxes (which I think we do want) we should change the laws. You can't blame anybody for only paying the legally required amount of taxes.
They need and are investing in other countries besides USA. Their mapping sucks completely in Europe.
Because they're a publicly traded company who act in the best financial interests of their shareholders. They're not breaking any laws. They're playing the game by following the rules as best they can while maximizing their profits. Any for-profit company that does not do so is suicidal.
If you think what they do is wrong - campaign to fix the laws they are following.
Tim Cook is an excellent CEO, but Forestall was Steve Jobs 2.0. The company isn't the same without him.
Hmm, the cynic in me thinks that they will play up those aspects of their offerings that make hurt their competitors. They sell hardware after all. Google sells "people".
What kind of attacks would encrypting a running kernel prevent? The kernel and hardware work together to enforce memory safety, so it can't be to prevent a rogue process from reading kernel memory...
Edit: Is this talking about encrypting the kernel image in permanent storage, or encrypting a running kernel in RAM? When booting Linux for example, the boot loader will load the Linux kernel image into memory as a gzip-compressed blob. The kernel's first instructions are a small decompressor program that unpack the rest of the kernel image into memory and then jumps into the uncompressed kernel. Did previous iOS versions do something similar to their saved kernel image?
How is that supposed to work? Ok, the CPU can fetch an encrypted instruction, decrypt it and execute it, but when it needs to jump, how is it supposed to know where to jump? Also encrypting each instruction separately and independently would be trivial to reverse.
Is there any system that really runs encrypted code from RAM? Any papers describing such a system?
OTOH, there does seem to be a fair amount of competence where it matters though. In the couple companies I worked for the private keys used for signing things were very quietly kept hidden from the vast majority of the engineering teams/etc. AKA, it was possible to create an development/test builds all day long, but creating valid license keys/firmware updates/etc for the builds given to customers was limited to a formal process which contained the keys. The private keys were only available to a couple people tasked with maintaining the automation from which the builds/keys/etc came from. Those people rarely had a need to move/etc them either, and such activities were done in the open.
You mean this source code? http://opensource.apple.com/source/xnu/
"Apple confirms iOS kernel code left unencrypted intentionally"
Which is it, cache (of what?) or code?
See: http://osxbook.com/book/bonus/misc/optimizations/#TWO and https://developer.apple.com/library/mac/documentation/Darwin...
Also, TechCrunch fails to note that the kernelcache keys for most 32-bit kernels (and all iOS versions) are publicly available. Private individuals have dumped the keys for 64-bit kernels but they are not available publicly. Even without the keys, any jailbreak allows for dumping of the kernel. However, a kernel dump is missing very helpful MachO headers (handy for kloading) and, for 64-bit kernels, the EL3 TrustZone Watchtower module aka Kernel Patch Protection.
How certain are you that it's only 1 second of processing that's been removed - that's a HUGE increase in speed, that I haven't seen written up anywhere else.
Anybody else with iOS 10 on their phone able to confirm the new 5 second boot time?
I'm fairly certain that this statement was vetted by Craig Federighi himself or, at minimum, a high-level engineering manager.
Trouble is auditing TrueCrypt cost $25k and it took massive rumors of a backdoor to raise that. I'm not sold that auditing this will happen anytime soon.
This is probably the only true part of the article, it means that they disabled a kernel feature of cache encryption to speed-up performances.
It has nothing to do with source code nor binaries of the kernel.
Even in the first beta, the performance enhancements are real. Numerous Apple folks, including Craig Federighi, have said that with WatchOS1 and 2 they 'overshot' how conservative they needed to be with RAM and CPU (out of respect for battery life), and with WatchOS 3 they have rebalanced that.
Time will tell how much of a hit battery life will take from this, but for a beta things look good so far.
Although I'm guessing the whole segment is loaded into ram and verified by the bootloader at boot then never touched again.
Also, I thought a lot of the Darwin MacOS kernel had already publicly available source code.
You mean a paternoster? :)
The kernel technically is the OS, TC! Come on... :)
additionally: we now know what Watchtower looks like, something that was previously a mystery and even incorrectly thought to be something that ran on SEP instead of the AP.
https://twitter.com/i0n1c/status/745922795977187329
You just used a kernel privesc that you probably already had to read it. NOT A BIG DEAL.
[0]: https://gist.github.com/jevinskie/40df60e3e9d76ad05304be9bd5...
Also, in general, any time you can remove code from a system, that isn't contributing in any meaningful way, is just a good thing to do - both from reducing attack surfaces, as well as general reduction in code size, and the advantages that come along with that.
Also that's when I hold down the home and lock buttons, in order to force-reboot. Perhaps now that doesn't fully reboot the phone.
https://gist.github.com/jevinskie/40df60e3e9d76ad05304be9bd5...
Of course I can (and I do). Apple and various other companies go to great lengths to pay the least amount of taxes they can get away with.
Don't get me wrong: I believe that corporations should be obligated to pay much more in taxes than most currently do, but I'm going to assume that you don't knowingly pay more in taxes than you owe. If I'm wrong about that, then I'm interested in hearing your reasoning as to why you feel like the government is entitled to money to which they have explicitly stated that you aren't required to pay if you meet certain conditions.
Because they can't afford the accountants and lawyers required to pull of the funneling of funds through various bodies and countries to get said reduction in tax burden?
And if they did it, the FBI would have made more future requests for apple to spend time and money.
And if the custom software somehow got out into the wild, that would threaten apple's bottom line as well.
The FBI situation was just another example of apple taking care of themselves.
I don't think it does as I've explained in https://news.ycombinator.com/item?id=11959074
So, let's recap. Tim Cook, already hit due to privacy issue, might have a personal stake in improving privacy in tech. They knew their products weren't secure. I knew third parties that could've cracked it as they cracked IC's designed for security w/ obfuscation & tamper-resistance. As I predicted, the FBI ended up finding a group that cracked it for a low, six digits. That means the attack was easy with much of that probably profit.
That Apple knowingly leaves their devices insecure despite having money and incentive to knock out low-hanging fruit means all this talk is mostly branding. They're just differentiating themselves with appearance of greater security/privacy. Like they did when they said Mac's were immune to malware back in the day. Except this time, they actually deliver a good chunk of what they claim at least. I'll give them that. :)
- non-technical (i.e. most) people interpreting the situation as "Apple protects terrorists"
- provoking the creation of legislation that would impose backdoor requirements on their software
- potentially extreme financial consequences if the court were to take a hard-line pro-FBI stance (https://www.theguardian.com/world/2014/sep/11/yahoo-nsa-laws...)
Again, the refusal to admit that it is possible for a company to behave altruistically in the face of clear evidence is simply dogmatism.
https://privatecore.com/wp-content/uploads/2014/02/pr-privat...
Sorry couldn't copy/paste relevant section; formatting went horrible.
In my opinion every scheme to enable that will cripple the encryption.
So, your claim is that a company with many selfish, damaging behaviors fought a legal battle over a case whose consequences might cost or make their shareholders billions depending on outcome and press. That... is consistent with rational, corporate self-interest. Their position also had social value to many & maybe the CEO even paused to do the greater good. That's dogma or speculation at this point given they usually don't focus on public benefit plus are still misleading people about their security & privacy for profit that continues to be hoarded also with few or no investments benefiting the public.
Apple's not altruistic: they're a company that schemed and sued their way into billions in profits. Taking a privacy stance might make them billions more. Or maybe they're just a good citizen on one topic on a few occasions. I'm leaning toward the former but still glad their self-interest and the publics' aligned with them following through on it. All I'm saying on this topic.
By comparison, it's like the ticket repas and chèques vacances in the French companies—getting subsidies for food and vacations would look quite odd to Americans.
Different cultures, different perks.
Silicon Valley companies frequently subsidize food for their employees.
If you feel that strongly about a charity double your own donation.
The company essentially gets to offer me more money at no cost to them if they structure their compensation this way. You could be very transparent with this and simply allow employees to direct the company to put money into charity (with the tax going to the charity instead of the government) but it's probably easier for the accountants to simply do matching with a cap, which is why you see companies do it this way.
https://www.benevity.com https://doublethedonation.com
EDIT: They generally keep lists of charities that most companies find acceptable to donate to.
Also, even on OS X, it takes a while after new versions of the OS are released for new kernel source bundles to drop. So sometimes poking around with IDA is your only recourse.
RE: this specific exploit, here's the POC making it around the security sphere (thanks @heisecode!) https://github.com/heisecode/Bug_POCs
[1] https://static.googleusercontent.com/media/www.zynamics.com/...
Apple has also shifted to pushing a lot of sensitive/proprietary code into kernel extensions (the new Apple File System being one example), for which they don't release source code (generally speaking).
It boils down to a tax write-off that allows the company to look charitable. But there's a lot of benefit along the way, so who cares of the motivation?
XNU == MACH + BSD Personality.
I think it would be smart for them to open source it, if not simply for the interoperability use cases.
[1]: http://opensource.apple.com//source/xnu/xnu-2050.18.24/bsd/h...
[1] https://developer.apple.com/library/prerelease/content/docum...
[1] : http://www.nytimes.com/2016/02/19/technology/how-tim-cook-be...
Only safety and security weren't Apple's "perceived selling points".
They were mostly touted for user friendliness, it just works, being the first to bring some technologies to market in a well-thought way (e.g. as opposed to crude crap for early adopters), style, high-end ("luxury") items, etc.
(Incidentally, why the past tense?)
User friendliness, style, high-end luxury - all major companies flagship - check.
It just works - Apple - uncheck. :) (It's largely a myth)
They were actually touting privacy as a differentiator from Android devices.
One of the reasons capitalism works is that it converts customer wishes into tangible economic benefits for a company. If Tim Cook had PR as 50% of his reason for taking on the FBI--wouldn't that still great?
It was good that he took on the FBI. And it if he was responding to his customers' wishes, isn't that good too? So why would combining those be somehow bad?
Sure, Apple is undoubtedly aware of how privacy is a marketing advantage. But since we like privacy, let's not find convoluted ways to dislike Apple for trying to please us.
Not if they were any good at their job. Very publicly standing up against what many would see as heavy handed government and being seen to defend the rights of the little guy (who happen to be their customers and potential customers) got them an enormous amount of very positive press not just in the US but in many countries. It would have cost them a small fortune to pay for that kind of advertising.
I am not saying that it wasn't a good thing for them to do but I really doubt it was some sort of selfless act that happened over protests from PR.
You have to judge the intensity of emotions it will cause in people, the propensity of people to act on those emotions and the base desirability of the different groups.
In this case, they rightly passed on the 'opportunity' because it seemed as if the people who would agree were unlikely to donate to women's rights in the first place (and vice-versa).
(And because their employees threatened to collectively quit)
that's interesting. This is a factual statement, or is it opinion?
That's close to the "No true scotchman" fallacy though.
Truth is, most PR persons in real life would not have gone this far against FBI in such a situation. Even if the "standing up" gave them some positive press, there would still be millions of conservative types giving them hell for not helping catch the bad guys.
In fact even progressives is not a given that they'd have applauded. Imagine if the FBI next asks Apple to help them with the phone of a rape/murder suspect, or the guy at Orlando.
Seriously, the cynicism in this thread is deplorable even for HN standards.
All the thing was a PR show from both sides.
Why exactly? If Apple wants to make privacy and security its unique selling point, it has to deny an FBI request to unlock one of their phones. Anything else would be a PR debacle.
http://www.nytimes.com/2016/02/19/technology/how-tim-cook-be...
"Apple had asked the F.B.I. to issue its application for the tool under seal. But the government made it public, prompting Mr. Cook to go into bunker mode to draft a response, according to people privy to the discussions, who spoke on condition of anonymity."
I think security with regard to malware (of which Android has like 90+% of all mobile malware according to surveys) was a selling point, but not safety/security in the privacy/encryption/etc way that the FBI incident was about.
That wasn't, as you say, much on Apple's marketing materials, nor was it much of a factor for the majority of buyers.
>Incidentally, why the past tense?
Because safety and security have become something of a selling point for Apple as of late (I'd say post the FBI incident), but it's not long ago they weren't.
So the past tense was meant to convey that those other things were Apple's selling points "back then", but leave the door open for security being a selling point for them now.