Profile picture
Matthew Green @matthew_d_green
, 21 tweets, 5 min read Read on Twitter
I am reading this piece about Ray Ozzie’s key escrow proposal in Wired. A few random thoughts. wired.com/story/crypto-w…
1. First off, from a technical PoV this proposal (like most others) implies the existence of some ‘master key to all iPhones’. When that key gets stolen, there’s really no mechanism to detect it.
2. More critically, Ozzie’s proposal relies on ‘a special chip inside the phone’ that bricks the phone if someone abuses the access mechanism. This is cute. It’s also (at present) a big fat giant elephant in the room.
3. Let’s be more clear about this. All Apple phones have a similar chip inside of them. This chip is designed to prevent people from brute-forcing the passcode by limiting the number of attempts you can make.

At present, every one of these chips appears to be completely broken.
4. Specifically, there is some (as yet unknown) exploit that can completely bypass the internal protections provided by Apple’s Secure Enclave Processor. So effectively “the chip” Ozzie relies on is now broken. dailymail.co.uk/sciencetech/ar…
5. When you’re proposing a system that will affect the security of a billion Apple devices, and your proposal says “assume a lock nobody can break”, you’d better have some plan for building such a lock.
6. From my perspective, this problem alone is sufficient to make the Ozzie proposal unworkable.
7. ”Hold on,” I hear you cry, “so what if a few government agencies and hackers have a fancy 0day. That doesn’t mean anyone else will get it!”

Have I got a headline for you. motherboard.vice.com/amp/en_us/arti…
8. So let’s recap. We are going to insert a backdoor into billions of devices. It’s security relies on a chip that is now broken. AND the people who broke that chip MAY HAVE LEAKED THEIR CODE TO EXTORTIONISTS ON THE INTERNET.
9. The extortionists are apparently demanding 2 bitcoins.
10. While this is not personal to Ozzie and I don’t hold him responsible for this, this episode exhibits all the characteristics of ‘crypto backdoor’ proposals since time began.
11. Assumes a security technology with yet-to-be-achieved resilience to attacks (insider and outsider) ✅

This technology is broken ✅

The break is comically accessible even by random criminals, not sophisticated nation state attackers ✅
12. And honestly this is a GOOD thing — that a key component of Ozzie’s proposal is being broken in a comical, public, horrifying way. Because other parts will also be broken. We just won’t know.
13. I’m thinking specifically of the ideas that assume we can include a ‘master iPhone decryption key’ inside an HSM and everything will just be fine. Because “people store keys all the time and it’s ok.”
14. (I could go on about Hardware Security Modules for days while sounding like a lunatic. I promise not to. Read this instead.) cryptosense.com/blog/the-untol…
15. (Ok I lied. You might also ask where HSM manufacturers recruit their knowledgeable crypto/security employees. Hint: one of the biggest vendors is located here in Maryland. I assume similar things are true of the non-US manufactures.)
16. (Seriously, LinkedIn is your friend. Also, super nice people! I love you guys.)
17. Leaving hardware aside, the simplest answer to the suggestion that companies like Apple can “easily keep secrets” is that they *haven’t been able to*. Apple had a big stack of source code stolen last Fall. theverge.com/platform/amp/2…
18. While they haven’t turned up, the rumour I’ve heard from the jailbreaking community is that the leaked Apple code also included signing keys. So much for keeping secrets.
19. I would also inquire, without claiming any particular knowledge, whether Cellebrite or GrayKey have any recent Apple iOS engineers on the technical teams that developed their current iOS exploits.
20. This thread has gone on for way too long and I haven’t said half of what I wanted to say. But rather than bother you anymore, I’ll finish up with a quote from @ErrataRob, who sums up my feelings perfectly.
Missing some Tweet in this thread?
You can try to force a refresh.

Like this thread? Get email updates or save it to PDF!

Subscribe to Matthew Green
Profile picture

Get real-time email alerts when new unrolls are available from this author!

This content may be removed anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

More from @matthew_d_green see all

Profile picture
The Facebook stablecoin (if it works, scales, gets deployed and adopted by non-Facebook companies, doesn’t get regulated into dust) is going to be a massive game-changer for the financial services industry. Fight me.
Hell, even if Facebook is able to make a credible run at deploying the thing, it will give them huge leverage with their banking relationships. No more closed (to FB) instant networks like Zelle, reduced transaction fees, etc.
Summary of the comments: (1) a bunch of people seem to think asset-backed stablecoins won’t be allowed by regulators, or that people won’t use/trust them. That horse has already bolted. google.com/amp/s/www.coin…
Read 5 tweets
Profile picture
The theory, for what it’s worth, was that the big brand name services would behave better than the fly-by-night shady data brokers. Much as CVS is perceived as less likely to put Fentanyl into your medicine than, say, the drug dealer on the corner.
The sole redeeming feature of the centralization of the web was supposed to be improved data handling. Better security and oversight of partners (like ad networks etc.) Instead we got Facebook treating your data the way a teenager treats a house when the parents go out of town.
The Facebooks and Googles would do this voluntarily, in part because it’s smart business — don’t give away the store. But mostly because it’s way easier for governments to target them with punitive regulations.
Read 4 tweets
Profile picture
@LargeCardinal The group messaging mechanism is very different. In Signal (app) group messages are layered on top of the existing pairwise messaging system. To add a new user, you (an existing user) have to send encrypted control messages to each existing user. The server can’t do this.
@LargeCardinal In fact, the Signal server doesn’t even know what a group message is. As far as it’s concerned, when I send a message to a group of N people, it just looks like I’m sending a bunch of pairwise messages at the same time.
@LargeCardinal In WhatsApp (as of a few months ago) the server knows what group messages are. It actually sends special control (add/remove) requests to the members of the group, and it handles multiplexing group messages to all of the other users.
Read 4 tweets

Related threads

Profile picture
it’s been a crazy fucking year:

when 2018 began, i was still an intern at nymag. i joined the outline as a staff writer in jan (my 1st real tech reporting gig!), graduated college in may (a year early, while working full time!), got laid off in sept, & joined wired (?!!) in oct
i spent most of 2018 utterly terrified that people would find out most of the above and write me off as too new/young to be worth reading.
but over the past year, i’ve published so many stories im really proud of that i feel like i’ve finally earned my keep. here’s some faves:
the first thing i wrote in 2018 was about qanon. it was the first high profile manifestation of the conspiracy outside of the bad parts of the internet, sure, but what i really love about this story is that i wrote it in 45 minutes on a plane to TN lol nymag.com/intelligencer/…
Read 6 tweets
Profile picture
The five messages Mueller sent with Cohen's plea today: wired.com/story/michael-…
1) First, lying to Congress about Russian matters is within Mueller’s purview, a potentially bad sign for the dozens of other witnesses who have appeared before the House and Senate over the last two years. wired.com/story/michael-…
2) Mueller is steadily moving even more information about the Trump Organization’s business dealings with Russia into public view, more than what’s strictly necessary for criminal prosecution.wired.com/story/michael-…
Read 6 tweets
Profile picture
0/ The #crypto and #blockchain space can get awfully noisy. Below, the bits that caught my eye over the past 24 hours or so.

21 events compressed into a humble #Twitter thread. Enjoy!
1/ 🙋‍♂️ @IOTAtoken [ $IOTA ] made hires #52 and #53 for 2018 via Andreas Penzkofer and William Sanders.

The former is an electrical engineer and physicist specializing in analytical and numerical methods. The latter, an academic focused on commutative algebra and category theory.
2/ 💡 Australian #blockchain startup @PowerLedger_io [ $POWR ] upped its presence in the U.S., announcing the deployment of its P2P renewable #energy trading platform at licensed retail electric provider @APowernet's Pennsylvania HQ.

Click below for more! medium.com/power-ledger/p…
Read 24 tweets
Profile picture
Alexa, just how many new Alexa devices will we see today? 🤔 wired.com/story/get-read…
First product: Alexa mugs
Amazon’s head of devices, Dave Limp, just kicked things off and said they have 70 things to talk about in an hour

Send help
Read 46 tweets
Profile picture
When you read the entire Wired article on Maersk+NotPetya and there is no mention of SMB1
That said, this should be required reading for every C-suite and IT director on this planet wired.com/story/notpetya…
How were all those bonuses looking after this?
Read 3 tweets
Profile picture
Reading about biometrics (and how easily they can be compromised) in this book and saw this quote about fingerprints. Check out who said it... 😕
“It’s just old wine in a new bottle” is a pretty good metaphor.
Whoa, the book goes on to talk about other biometrics being tested and mentioned RFID tattoos???

(I couldn't find anything more recent than a 4-yr-old article, so maybe this is falling by the wayside, but still!)

theverge.com/2014/7/28/5945…
Read 105 tweets

Trending hashtags

#NeverForget #WeAreBetterThanThis8 #WeAreBetterThanThis10 #WeAreBetterThanThis7 #EmbraceLove #fortyfive #CarolinaConpiracy #FARA #cryptoeconomics #FLY #ZinkeInTheBarrel #DeutscheBank #TrumpLies #TeamPatriot #crypto #Weaponized #infoterrorists #FinCEN #GoingDark #bitcoin #PoorMikey #blockchain #InformationTerrorists #LightningNetwork #DesperateMeasures

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member and get exclusive features!

Premium member ($3.00/month or $30.00/year)

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!