tag:blogger.com,1999:blog-3993498847203183398.post4284611536701299393..comments2024-03-28T09:19:27.451+00:00Comments on RevK<sup>®</sup>'s ramblings: AppleRevKhttp://www.blogger.com/profile/12369263214193333422noreply@blogger.comBlogger4125tag:blogger.com,1999:blog-3993498847203183398.post-57726223555648019752016-02-18T13:53:17.241+00:002016-02-18T13:53:17.241+00:00The Apple letter mentions The All Writs Act of 178...The Apple letter mentions The All Writs Act of 1789RevKhttps://www.blogger.com/profile/12369263214193333422noreply@blogger.comtag:blogger.com,1999:blog-3993498847203183398.post-49795854899028264522016-02-18T13:45:21.645+00:002016-02-18T13:45:21.645+00:00What ancient law? I've seen lots of talk about...What ancient law? I've seen lots of talk about this, but noone else is mentioning ancient laws.Owen Smithhttps://www.blogger.com/profile/00890951742186614705noreply@blogger.comtag:blogger.com,1999:blog-3993498847203183398.post-62685170792544784862016-02-18T10:04:56.301+00:002016-02-18T10:04:56.301+00:00Indeed, the SE could have perhaps a rule that you ...Indeed, the SE could have perhaps a rule that you can only update its firmware when "unlocked" maybe.RevKhttps://www.blogger.com/profile/12369263214193333422noreply@blogger.comtag:blogger.com,1999:blog-3993498847203183398.post-89910086493139409052016-02-18T10:00:44.521+00:002016-02-18T10:00:44.521+00:00Re: the hardware changes, that's effectively w...Re: the hardware changes, that's effectively what they've done beginning with the A7 chip - which among other things enforces the time delay for failed password attempts. But unfortunately they only introduced it with the iPhone 5S and this is an iPhone 5C (a good reason to upgrade, perhaps.) There's also the question of whether Apple have protected themselves from being forced to apply some sort of firmware update to the secure enclave; it strikes me that if you're the designer of a piece of software, it's easy to require updates to be digitally signed by you, but much harder to prevent yourself from writing one that would weaken security. <br /><br />I agree with you, I think they should ask for the password not just on successful boot, but before you try and install a software update, either within iOS or using DFU mode (not sure if the latter is possible.)<br /><br />Good discussion about this on IRC last night, including the benefits of not a fixed length (4 or 6 digit) passcode (you can change this in your device settings.)<br /><br />http://www.apple.com/business/docs/iOS_Security_Guide.pdfwturrellhttps://www.blogger.com/profile/02842034218735049135noreply@blogger.com