i can imagine reasons why apple would want or need to be able to update secure enclave firmware without the correct pin entered first. #2-3 are highly speculative:
1) fear of a bug. just the right firmware bug and you have 100 million phones lose data, and perhaps bricked too. unlikely, but consider the cost. i would be worried about this if i were in charge of the iphone project and the secure enclave feature were newish. we can imagine pretty good solutions to this one though, with work and time.
2) out of 100+ countries where they sell phones, over time, some will give them a confidential court order saying they must retain this capability. if a foreign court order, they could refuse to comply, but then would have to exit that market -- infeasible if multiple countries. and a different 'version' for just those countries would be noticed over time by security researchers?
3) they might already have an order as such from the U.S., for foreign intelligence purposes. as mentioned a different international version if noticed is a PR disaster for apple. so the easiest way to comply is just do it that way for all phones.
perhaps they push back on the fbi request because that's the one they can talk about, yet it templates the whole issue.
I don't understand. Can someone please clarify for me. They physically have the phone right? Could they not just read the whole flash, try a pin, write back the whole flash, repeat? (i.e. take the phone apart)
I suspect there are a myriad of technical means to pop the phone, including the method you outline, but I doubt the FBI has the talent or connections to get it done in way that would be presentable to court. (I.E. Nobody in house is capable and any contractors they would hire to do it don't want their methods made public in an open trial)
One assumes the NSA would make short work of this phone's lock if it had been recovered from the OBL compound, but using them in this instance also brings in some dicey legal issues (they "can't" operate domestically) and the NSA is even less willing to give up it's own tactics than a security consulting firm would be.
FBI seems to have chosen to go the "lawyer up and look for a court order and some wet blanket executives willing to hand things over" route-- Tim Cook is, thankfully, well principled enough to tell them to pound sand.
Surely, at some point in time, the FBI will figure out how to recruit technical staff that is capable of doing more than just extorting bitcoins from cyber drug kingpins.
> please tell me most people aren't this silly when they interview folks.
I would imagine much of the technical side of HN would be considered overqualified for the lowest quartile (completely arbitrary number) of jobs by interview quality... I've never witnessed this either, but I've seen it in tangential ways. The Daily WTF isn't fiction, unfortunately.
SSL support is in the free distribution but you must built it yourself. One reason would be export controls; another is that creates a dependency on the SSL library for those who don't use SSL, which we found awkward (especially if doing all platforms; the subscriber build just does the popular ones).
So it's available; albeit there is an intent to have a subscriber build with some extra features that are heavily enterprise biased in their usefulness.
it seems to me that the exchange adding a small random delay (say 1ms) on message reception would dampen the benefits of speed and then there would be less work invested in saving a few microseconds here and there. you still have program trading but a little bit of silly dynamics is dampened.
Goal 1 of the financing was funds to accelerate r&d, to hire engineers to do things like the ones you mention above; in addition more r&d just pushing hard to maximize overall product quality, stability, etc. not sure if those exact things will get done and exactly when yet. I'd definitely like to see the solaris build get some attention. dwight/10gen
a patchset for non-Intel CPU support was around for years, and you guys completely ignored its existence. As well as all the critics towards non-word-aligned data structures and in-memory presentation.
how about redesigning the whole product with all that cash?
