On 2/20/16, Phillip Hallam-Baker <phill@hallambaker.com> wrote:
On Fri, Feb 19, 2016 at 5:19 PM, Henry Baker <hbaker1@pipeline.com> wrote:
Apple got themselves into this mess, because Apple wants to control the customer's phone.
+1
Yes, that is my belief as well.
Apple set itself up not just as a 3rd party but as an essential, non-replaceable third party. There is no choice but to trust Apple for the iPhone security.
It didn't have to be that way. There could be the option of installing your own root of trust into the hardware.
Wrong, you can't install security into closed unvalidatable therefore untrusted hardware and software. Until you solve the closed problem, and then the review problem, nothing you have will ever be secure. 1.5+ BILLION closed transistors, and untold MILLIONS of lines of closed firmware and software per average PC, similar for phone, etc... up against secret and not-so-secret, partnerships and moles and private business interests and models, increasingly "global"... simply secured by installing some root, or at all? Lol.