Sign in / up

back to article Apple hires crypto-wizard Jon Callas to beef up security

Apple has added a security star to its firmament with the hire of Jon Callas to its security team. Callas, who you may remember from cofounding such firms as PGP (Pretty Good Privacy) and Silent Circle, has already been an Apple employee twice before. He worked at Apple in the 1990s and rejoined for a couple of years from 2009 …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. Youngone Silver badge

    Opinions

    Hilary will do what Goldman Sachs tell her to do when (if) she becomes the President, so if good encryption is in GS best interests, she'll change her mind.

    Trump probably has no clue what encryption is, but he'll be against it until he's for it again.

    Luckily Apple will do what they want to with encryption.

    7 2 Reply
    1. BurnT'offering
      Reply Icon

      Re: Goldman Sachs

      Quick question: Is 'Goldman Sachs' supposed to be an acceptable dog-whistle codename for the old racist trope of 'The Great Jewish Conspiracy"?

      3 7 Reply
      1. Youngone Silver badge
        Reply Icon

        Re: Goldman Sachs

        Um, no. Goldman Sachs is a bank.

        3 0 Reply
        1. BurnT'offering
          Reply Icon

          Re: Goldman Sachs

          So is the Halifax. How come no-one accuses them of being at the heart of a colossal conspiracy?

          0 1 Reply
  2. Nate Amsden

    no useful info?

    There were tons of places reporting the FBI found nothing.

    1 1 Reply
    1. noj
      Reply Icon

      Re: no useful info?

      I wonder if the FBI even broke into that phone. How can you trust anything that comes from the FBI when Comey lied so many times?

      0 0 Reply
  3. JeffyPoooh
    Pint

    "crypto-wizard"

    Reportedly, many security weaknesses come down to simple coding blunders.

    So hopefully they'll hire some 'coding-wizards' too...

    0 0 Reply
  4. quattroprorocked

    Employee Canary?

    If he's no longer an employee and not talking, assume iphone backdoored?

    7 0 Reply
    1. bazza Silver badge
      Reply Icon

      Re: Employee Canary?

      >quattroprorocked

      Just noticed your username. Quattro Pro was fabulous!

      1 0 Reply
    2. allthecoolshortnamesweretaken
      Reply Icon

      Re: Employee Canary?

      Brilliant!

      0 0 Reply
  5. Anonymous Coward
    Anonymous Coward

    Presumably Apple are hiring him to help them make it impossible for Apple to comply with a court order such as the one the FBI asked for (and kinda, sorta, got).

    Good luck with that.

    To achieve that 'impossibility' is a contradiction in terms. Lets look at the requirements for such a thing:

    1) Install signed updates from the manufacturer. Justification: we have to be able to fix bugs, make improvements, etc.

    2) Refuse to install signed updates from the manufacturer. Justification: the manufacturer may have been obliged to add a crypto-sidestepping routine for this specific (or every) phone.

    Irrespective of what side of the debate one is on, we have to accept that Apple will always ultimately be the weakest link in resisting this kind of thing. On iPhones Apple are God, and it will be nigh on impossible for them to stop being that whilst carrying on business as usual.

    They could decide to stop doing business as usual, specifically requiring the user to enter their PIN (or whatever) before a phone will accept an update or a connection from iTunes (or whatever). However that would be problematic. Allowing iTunes to wade in and forcibly restore a phone is about the only way punters have of recovering from forgotten PINs, post-update brickings, etc. Removing that capability for everyone is asking for a lot of trouble.

    And even that is a bit lame. How many people would actually stop and check to see if this guy is still working for Apple before accepting an OTA update?!

    0 4 Reply
    1. Anonymous Coward
      Reply Icon
      Anonymous Coward

      There are simple ways to recover from bricked phones

      You don't need to allow the random installation of updates from DFU mode. For instance, when a phone is connected to iTunes it can exchange keys with the iTunes install so it will recognize it - allowing you to install an update only on a phone it recognizes. There could be other methods like being on a secure wifi network it recognizes. One problem is that these aren't perfectly secure against the FBI (what if they take your computer or your wifi router)

      However, since the keys are kept in the secure enclave, there's really no reason why a bricked phone can't still require you to type in your password/passcode. Even if the OS is fubar, the secure enclave won't be. I suspect they will adopt this, and iOS 10 will permit updates from DFU mode only if you enter the phone's password. Thus the FBI's strategy is gone, and could only work for phones they've saved from before that iOS update. Sure, some will claim a law could be passed that bans that, but that's going to create a lot of debate whether the government should have the power to tell companies how their software should work - to deliberately weaken it to make it easy for the government to get in. That would seriously damage the tech industry in the US, startups would incorporate in places with more freedom - even if they were still based in the US they'd not legally be US companies.

      What they are hiring him for would go well beyond that. If I can come up with several simple solutions around this in the time it takes me to write a post, they'd don't need a world leading expert for this.

      4 0 Reply
      1. John Robson Silver badge
        Reply Icon

        Re: There are simple ways to recover from bricked phones

        Add in optional authentication to charge (which is a fairly minor inconvenience) and you get to DFU pretty fast as well...

        1 0 Reply
        1. Anonymous Coward
          Reply Icon
          Anonymous Coward

          Re: There are simple ways to recover from bricked phones

          Why do you need to authenticate when charging? I think it would be better to authenticate anytime you want to make a USB connection, the sole exception being when you want to charge.

          It could bypass asking for the password by either holding down the home button while connecting the cable (I already lay my thumb on the home button when connecting a charger in the dark, to act as a reference for where the port is) or the password screen could add a "charge only" button you could hit to bypass entering the password. In such a case it would disable all USB drivers, so the only thing the connection could do is provide power.

          0 0 Reply
          1. Anonymous Coward
            Reply Icon
            Anonymous Coward

            Re: There are simple ways to recover from bricked phones

            One other way I remembered thinking of previously I forgot to mention. After the OS is updated, allow passwordless DFU updates until there has been a successful boot and unlock of the phone. That way if the install is borked somehow you can do an OS install from DFU mode without needing a password. Once you've successfully booted and unlocked the phone, obviously the OS update didn't brick it so you can then block DFU mode updates (or make them require a password if there's some reason they should still be allowed) from that point on.

            0 0 Reply
            1. Anonymous Coward
              Reply Icon
              Anonymous Coward

              Re: There are simple ways to recover from bricked phones

              @DougS,

              One other way I remembered thinking of previously I forgot to mention. After the OS is updated, allow passwordless DFU updates until there has been a successful boot and unlock of the phone. That way if the install is borked somehow you can do an OS install from DFU mode without needing a password. Once you've successfully booted and unlocked the phone, obviously the OS update didn't brick it so you can then block DFU mode updates (or make them require a password if there's some reason they should still be allowed) from that point on.

              Hmm, not too bad. So long as the borkage is complete enough that the device doesn't get as far as reverting to password-required. It'd be a good half way house. It stops anyone tampering with the phone once its out of the users hands. It doesn't stop an unsuspecting user accepting a well-aimed officially crafted update, but that's a very different scenario altogether.

              If Apple end up doing something like that, you may as well email them and say "my idea". Get a patent on it quick!

              0 0 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like