Recent searches
Search options
I wrote a bit more about the UK’s recent move to allegedly demand backdoors in Apple encryption. https://blog.cryptographyengineering.com/2025/02/12/u-k-asks-to-backdoor-icloud-backup-encryption/
@matthew_d_green ball is in #Apples court and we've had, what, zip? So they caved in ? No one in the world can trust #ios backups?
@matthew_d_green given the five eyes' long and storied history of cooperating to get around pesky domestic restrictions, I'd be stunned if the UK deployed this TCN without the tacit approval, if not active encouragement, of the US.
@matthew_d_green Look, given crippling the CMA/DMU, given the shitshow that is Online Harms, given not signing the AI accord in Paris, then the bonfire of rights in the Data Use Bill, I actually don’t believe they are this competent. What startles me is WTF is the double lock?
> your backups would be encrypted securely under your phone’s passcode — something you should remember because you have to type it in every day
Securely? But aren't phone passcodes only 4-6 digits long? And if someone has access to the encrypted data, won't they have unlimited attempts to decrypt it? Wouldn't that make a brute-force attack trivial?
@aspragg @matthew_d_green the passcode is entangled with and protecting the actual encryption keys. It’s described in detail in the platform security guide https://support.apple.com/guide/security/encryption-and-data-protection-overview-sece3bee0835/web
@matthew_d_green typo should be Capability :)
"Technical Capabiilty Notices"
https://blog.cryptographyengineering.com/2025/02/12/u-k-asks-to-backdoor-icloud-backup-encryption/#:~:text=Technical%20Capabiilty%20Notices
"Members of key congressional oversight committees wrote to the United States’ new top intelligence official Thursday to warn that a British order demanding government access to Apple users’ encrypted data imperils Americans."
