[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Instead of Apple tasking a coder to work on cracking that iPhone...



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 02/25/2016 04:16 PM, Rayzer wrote:
> Steve Kinney wrote:
>> Insubordination is always grounds for dismissal
> 
> It's NOT insubordination if it's NOT your job description.
> Telling a coder whose never done anything besides sit at a desk
> and code they need to do janitorial tasks for instance.
> 
> Telling someone who writes crypto that it's also their job to
> torture test it is going to step on the QA director's toes, ya
> think? If anyone can be legitimately tasked, it would be the QA
> department.

The QA department is not responsible to understand how the code
(or gadget) works, they are responsible to verify that it does
work, and that the "thing that worked" is the thing that ships in
the product it goes with.

Conversely, whoever designed and implemented the cryptographic
system baked into the Apple hardware in question had /better/ be
aware of how to attack it:  Otherwise, a 3rd party's job when
attempting to break the system is likely to be way too easy.

The same people who made it /do/ need to be able to inspect their
own work, especially during the initial development and
implementation process, and the tools to do so will be familiar to
them.  That makes them just the right folks to ask for advice and
assistance when it's time to develop a process for unwrapping the
package they made.

> It's also dysfunctional to let someone who created the code
> test it.
> 
> That's like letting a machinist who created the part certify
> it's Mil-spec 415-D compliance.

The ability to monitor the supply chain inbound to the machinist,
measure the parts the machinist makes and track them to their
final destination in a larger assembly external customer, does not
imply the ability to prescribe a specific manufacturing process,
make the part in question, or to evaluate its fitness for use for
a particular purpose.  Those latter functions, and creation of
specifications as acceptance criteria, are jobs for design and
production engineers.

> Otoh Apple COULD change the job description... IF they want to 
> re-negotiate the person's salary.
> 
> If that person walked I'd speculate there'd be dozens of
> companies willing to hire them just because they walked instead
> of cooperating with the feds.

Dozens who want to hire them, worldwide; hundreds who will never
hire them, in their local job market.  Generally speaking,
business owners, executives and managers regard "whistleblowers"
and "refusniks" as proven troublemakers.

>> they can just hire any skill sets they don't already have on
>> hand
> 
> The government can't require them to hire anyone.

A Judge can order just about anyone to do just about anything,
subject only to the approval of other Judges up the chain of
command /if/ their legal authority to issue the order is challenged.

> Further, If the government forces them to add a government
> paid contractor or govt employee they could sue for damages
> caused by reputation loss with their commercial vendors who buy
> and sell their products and material. I'll bet they can easily
> prove it too! By charting the DIVE iPhone sales take if they
> publicly cooperate.
> 
> All in all the government demanding a private entity do
> ANYTHING without the full force of the law, not JUST some
> interpretation by the DOJ backed by some district court hack is
> a dysfunctional mess that would tie the government up in court
> until ios is so fucking obsolete no one even remembers what it
> was.

Advantage:  The State.

> But as I said, as soon as this is out of the news, and Apple
> has made enough noise to calm their customers, they'll just do
> it in secret, as FISC/A requires. If they can.

Yup.

:o)



-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)

iQIcBAEBAgAGBQJWz35WAAoJEDZ0Gg87KR0LidkQAO0mVrXbChOWMWZfU5zMlrCJ
naf7Qw8ZxIKSBzvVI+wN7vrsUML8hInmhErVX6fWMXtuXQS3mB6KrZAztK58yi7x
X5vUNiwEbQzHz30cesXo3NnKfYHZFdUCfSL8Dz3KpX70JeR9PPVlW5/bHq8p7ZWo
bmjuHr89amldsbRCtDY7bxDghvyshdhy44gzV7tfFe9aZEOvcjC0ZE6I1WiezYJN
soro+hg6tn+8G+dFNGUzFeuujsTIBwKqJkO8PAIO13zqwDyu94zRTcTSVgIa6pxX
s7TB647YjINPIzoL95ydaLIu2p8Ku7vwFHn9GvC+RBpyCF3tcZfaBjIRAP7KUCe/
yIcUwXOVtLXC4GlAtrijOxFok61FmUkvau9ZSew5wL1wSnVOfpyLWxpxmgvqG/Xu
r6fGE/BQg2nn0V+vGRboRGy0BzlnrGcWLq7WuZPfgZB4Tqf769KlkurjSqH3QIx7
ouL4DrQxIK0h0rn7jeWG4W406r1rLDDEYMZ/D6sF15ti18oRdFdMH4DhQpbBvfeN
nwGXwB7+mDFLfmeG0PPqFZY+ehpT+Jy1z1xhGwWotSpt5L0A89A5W9d3PK+2YHtJ
25roeQYLc4WBAbXrPWIjXzyVql0eUPYEsxNHX6z2HOIzDY5jhE6hjcIT/bGPGP3a
pCGjKuXwduY/tzmFO6pz
=toa8
-----END PGP SIGNATURE-----