Switching to Cloudflare DNS solves archive.today problems? That's strange. archive.today is known for having problems with Cloudflare DNS[1]. Switching to Google DNS should solve it. (This isn't because of a bug in Cloudflare DNS, but rather that archive.today dislikes that Cloudflare DNS doesn't support EDNS.)
Disclosure: I work at Google, but not on the DNS team.
The middle 4 are all fairly common words. "Ode" isn't super common, but I hear it in "An ode to..." phrases. And "err" I've only ever heard in 1 phrase: "To err is human."
That's not really the concept. People know what an orca is.
But if you see a crossword clue that says "black and white animal", you know that the answer is ORCA without even needing to look at the number of letters in the answer. (Could it be "skunk"? Could it be "panda"? No, those are stupid questions.) Same thing if the clue is "marine predator". (Could that be "shark"? No.) The words I listed are incredibly likely to appear in crossword puzzles. That's what's weird about them.
The proper thing to do is not to zeroize the correct string memory before comparing. The proper thing is to only store the hash in the binary in the first place, not the correct string. (Although having a 2nd layer of hashing before comparing might also be a good idea, and in that case you would want to zeroize the 1st hash before comparing the 2nd hash.)
You can't not store the correct string in this case, as the key is calculated from the user's email address. There is an infinite number of possible keys. THe only way to check if the key is correct is to recalculate it yourself.
These days, I guess you could make the key an ECDSA signature for a public key embedded in the binary if you were willing to accept such long keys.
That article (written in 2016) says that Apple will build unbreakable phones in the future. Now is the future. So it seems to imply that Apple phones today are unbreakable.
Also, where does the article discuss "all of these protections"? (HSMs, rate limits, etc.)
> So it seems to imply that Apple phones today are unbreakable.
Indeed. If you don't control the "unbreakable" security though, then the lock is not for your benefit.
> where does the article discuss "all of these protections"?
You could read the danged article, it's pretty clear about the vulnerability of proprietary mitigations. I hate quoting spoilers verbatim but here you go:
The sharper you get, the more important the work. But the more valuable the work, the craftier — and more determined — your adversaries. Every attack is more novel than the last. [...] By the time you land an engineering gig at Apple, you are a twitchy, tinfoily mess.
And it is in this spirit that you develop one of the most secure systems the world has ever known. [...] So adversaries be damned: You finally win on the merits. But who said anything about meritocracy? During the champagne toast, Mr. Fart steps from behind the curtain and pulls the pistol of last resort:
“Don’t ship this. Or else.”
That quote is about building security vs not building security. It's about the government potentially ordering Apple to not build security. It's not about proprietary security vs non-proprietary.
Nothing in the article is saying that HSMs, rate limits, etc are weak.
reply