|Home » Learning Curve
Sermon on Security
Open and secure go hand in hand.
A few links.
What's happened is the source to Apple's iPhone boot code was leaked to Github. Apple got a DMCA and had it removed. Now the pundits have something to talk about. Some say it's a disaster for security, whilst Apple reps claim it's not.
Here's the takedown notice.
Some pundits say there have been myriad security issues with Apple code. This of course is not good, but sort of fits in with Wozniak's assessment that Apple code is some of the worst in the world. It also fits in with the pleas of ISVs back in the end of the 1990s that Apple release the source to NeXT's old Project Builder and Interface Builder, so they could fix it themselves (as Apple demonstrably could not).
Then there's the matter of security and obscurity. Security through obscurity is just dumb. It doesn't work. The most secure code in the world can be open source. FreeBSD (and OpenBSD) have been open for ages, and OpenBSD is probably the most bulletproof system of its kind going. Then add Linux and all the rest. Then add Apple's own abortive attempt to open Darwin. Yes, it can be done, and actually it should be done. If they want to hide stuff higher up the food chain, fine. But the low level stuff should be open. Look at Unix! Would Unix be so bulletproof today if it hadn't been all over the place for so many years? No of course not.
The first three point iterations of iPhone ran everything as root. This was discovered by this site, amongst others, when people started posting crash dumps. How could Apple release three versions with everything running as root? John Gruber (in)famously quipped that everyone had to understand that if we didn't think Apple had thought long and hard about that... And then with point update .3, things were finally fixed.
Not to speak of 'Alpine' and 'Dottie', the two super-secret iPhone passwords that everyone knew about. Moral of the story? Big companies can screw up, and peer review is the best way to detect potentially catastrophic errors.
But there can be another point. Sort of. The code was supposedly for an old version of iOS. And it was only the boot code. But if the comments themselves had hints of corporate secrets or plans...
It's not only that a satisfactorily secure system can be opened, it's often that opening a system is the only way to attain that security.