On Fri, Aug 12, 2016 at 5:41 PM Zenaan Harkness <[1]zen@freedbms.net>
   wrote:

     Cause for both cautious optimism - this might result in a
     competitive
     market for 'full system' 'wholistic' encryption ecosystem -
     @pp13 at BlackHat: Reopening the "Going Dark" Debate
     [2]https://lawfareblog.com/apple-blackhat-reopening-going-dark-debat
     e
     (The author says some things which sound a bit messed up e.g. "Apple
     built the very thing that they and the privacy community have been
     saying for years is reckless, dangerous or impossible: a high-value
     encryption key secured in a vault such that the key can’t be stolen
     or
     misused by hackers or malicious insiders" - perhaps he's attempting
     to
     obfuscate things, or perhaps his own mind is naturally obfuscated.)

   Apple has created a MUCH higher value target than an individual iPhone,
   and I doubt they've made it enough more expensive to crack than an
   individual iPhone that they won't eventually be forced to break it. Of
   course, forcing them to break it is tantamount to outlawing such a
   system anyway, so it doesn't actually have to be impossible to break,
   just hard enough that the law has to change in a significant way before
   they can be force to break it. In which case they'd just switch to key
   escrow anyway and we'd all feel sorry for them because well at least
   they tried.
   Perhaps it's my lack of imagination, but this doesn't seem to move the
   bar much on the "reckless, dangerous, or impossible" thing. They were
   able to build the vault because its functionality is essentially
   identical to the Secure Enclave chip. Its construction, AFAICT, does
   not prove that one can build a similarly secure system that could allow
   selective access, because the immutability of the system means you
   would still need some kind of master key to authenticate to it to get
   it to decrypt individual secrets. You still need physical access, of
   course, but then it's just a plain ol' HSM, is it not?
   The other property that lets this approach work is that even if the
   device fails, that just invalidates people's keychain backups. It
   doesn't destroy their original keychains. I'm guessing that Apple
   scales the service and avoids the possibility of the loss of a single
   device invalidating all backups by having a way to add new master keys
   over time. Such a mechanism couldn't be used to decrypt any existing
   backup, but it could be used to force Apple to add an escrowed key and
   get every iPhone to reencrypt its backup with the new key.
   Found a nice photo from the talk, by the way:
   [3]http://imgur.com/a/YO6ak
   (Speaking of autonomous, inaccessible, non-updatable systems...)

References

   1. mailto:zen@freedbms.net
   2. https://lawfareblog.com/apple-blackhat-reopening-going-dark-debate
   3. http://imgur.com/a/YO6ak