>They would also have to build up a completely parallel OS. That would be really expensive.
However, once Apple builds the malicious software, NOW you now have two very clear, very desirable targets.
The same applies to the source code and key now.
The actual software can be locked to the specific phone, so having it wouldn't help. Only having the source code would help, but having the source of iOS would also be very easy to turn into a backdoored version for anyone with the resources to steal it.
Do you not think China etc are capable of modifying source code?
Edit: sure, modifying source code to change the phone ID is a bit simpler than changing source code to not erase the phone on an incorrect password. But the difference seems orders of magnitude smaller than the "getting source code and Apple private keys" difficulty level.
How? How does the software get locked to a specific phone?
And while it's certainly possible that someone could figure out what Apple's signing keys are, it's incredibly unlikely given how big the numbers we're dealing with are. Which means, sure, somebody else could modify the source code, but getting it on to devices is an entirely different question.
Based on what I've read of what you've written, it seems like you genuinely believe that software is some magic cure-all that can do anything and everything you want, regardless of the practicality and effort required, and actual known constraints.
>How? How does the software get locked to a specific phone?
They take the udid of the phone, and refuse to run if it doesn't match the udid of the iPhone 5C in question. This was specifically mentioned in the court order.
>And while it's certainly possible that someone could figure out what Apple's signing keys are, it's incredibly unlikely given how big the numbers we're dealing with are. Which means, sure, somebody else could modify the source code, but getting it on to devices is an entirely different question.
You seem to have misunderstood. The threat model is not someone figuring out the key, the threat model is someone stealing the key. And, as I've been saying all along, the attacker needs to steal the key regardless of whether Apple complies with the court order or not. Modifying the source is not enough.
>Based on what I've read of what you've written, it seems like you genuinely believe that software is some magic cure-all that can do anything and everything you want, regardless of the practicality and effort required, and actual known constraints.
I'm not sure what I've written that gives that impression. Which specific known constraint have I suggested software can get around? https://blog.trailofbits.com/2016/02/17/apple-can-comply-wit... makes it sound that it would not be difficult for Apple to comply.
The same applies to the source code and key now.
The actual software can be locked to the specific phone, so having it wouldn't help. Only having the source code would help, but having the source of iOS would also be very easy to turn into a backdoored version for anyone with the resources to steal it.
Do you not think China etc are capable of modifying source code?
Edit: sure, modifying source code to change the phone ID is a bit simpler than changing source code to not erase the phone on an incorrect password. But the difference seems orders of magnitude smaller than the "getting source code and Apple private keys" difficulty level.