When I first read the court order in the San Bernardino case, I thought it was reasonable, as it is both technically plausible and doesn’t substantially impact user security for most people. Even if Apple’s code escapes it only compromises security for those who have a weak passcode on an older phone which is then captured by an adversary. As backdoors go, its one that I can (*GASP*) actually live with!
The problem is this is a direct invocation ofBenjamin Wittes’s world of government-mandated malicious updates. The request seems benign but the precedent catastrophic.
Do we really want to open Pandora’s Digital Box?