undefined | Better HN

0 pointslern_too_spel4y ago0 comments

> It solves the problem of China MITMimg iOS packages. That is the context.

Lie. Here is the context to which you replied that packages are signed by Apple and the developer: "People using an iOS device can never be sure they are installing the secure app they wanted to install or some switcheroo."

As you've admitted, Apple can do the switcheroo.

> They don’t say anything of the kind.

Lie. Here's what they said:

"All of the major iPhone vendors in China do this by using an enterprise enrollment certificate to adda new certificate to the code signing certificate chain of trust.

"And then when they repackage the government malware, they do so by signing it with the enterprise signing certificate, which allows them to bypass the Apple signing certificate for code execution on the device."

> A browser certificate

Lie. See above.

>> Where that key exists is irrelevant.

> It is relevant.

Then why don't you explain why where the keys are is relevant to whether something is possible instead of ignoring where the keys are and saying the following?

> The Chinese key iOS devices trust doesn’t enable them to MITM App Store packages..

Lie. See above.

> You have pointed to a key which can’t sign packages

Lie. See above.

> You have claimed China can MITM iOS packages but you have provided no evidence to support this claim.

Lie. See above together with my description of how to use that key together with the Great Firewall and a proxy.

> Also false. You said the link to the Apple employee’s statements supported this claim.

Lie. I used the Apple employee's statements to say that they can, not that they do. Quote: "they can [emphasis added] replace the Signal package with a compromised one."

> Me: “There is literally no evidence anywhere to support the idea that China is signing iOS packages delivered to devices.” You: “I provided link from an Apple employee saying as much.”

I sort of understand how you would be confused. The statement I was responding to here was not about China MITMing the App Store but about China signing iOS packages delivered to devices. The quote above shows that they do.

0 comments

zepto4y ago

> It can only make sense if you trust Apple completely (which I found unlikely for anybody to trust any intermediary completely)

All consumers of computing devices place trust the manufacturer. Even if you use reproducible builds, they can be patched at execution time by an attacker who had access to the device.

So yes, I assume the customer trusts the manufacturer - not completely, but sufficiently.

>> The Chinese key iOS devices trust doesn’t enable them to MITM App Store packages..

> Lie. See above.

> China MITMing the App Store but about China signing iOS packages delivered to devices. The quote above shows that they do.

So you have been lying all along about China MITMing the App Store.

That was never true, and your links didn’t substantiate it.

Delivering government software via enterprise distribution has literally nothing to do with any kind of MITM attack at.

You repeatedly claimed that China can MITM the App Store, which has always been a lie.

You claimed that users cannot tell whether China has performed a ‘switcheroo’. That is also a lie.

We know Apple can deliver whatever they like from the store. We also know that China can install software using an enterprise certificate.

Neither of these are surprises, and neither constitute an MITM or a switcheroo.

Your entire goal here has been to lie or mislead.

Here’s the obvious example:

> b) outside China? Yes. Because the App Store has this MITM vulnerability and China gets to MITM all US services (with blessed MITM status for iCloud that even defeats Apple's "E2E" encryption for their other services), they can replace the Signal package with a compromised one.

You outright lied here that China can replace signal on US devices, and nothing you have said so far changes this.

lern_too_spelOP4y ago

> Even if you use reproducible builds, they can be patched at execution time by an attacker who had access to the device.

Finally, a reasonable argument after repeated intentional strawmanning and name-calling. The difference is that an iPhone is only allowed to get apps from the App Store, which is impossible to reach except MITMed via the great firewall. Android devices can get apps from F-Droid and its mirrors, so you can get an Android device not compromised by China and still use it in China with verifiable builds.

Additionally, without the app store MITM, you only have to trust the vendor at the time of purchase. With the MITM, you must also trust that the vendor won't become malicious in the future.

> So you have been lying all along about China MITMing the App Store.

No, I never said they are, which I don't have any evidence for. I said they can, and I have repeatedly made this distinction clear, so you are deliberately lying that I said otherwise.

> You repeatedly claimed that China can MITM the App Store, which has always been a lie.

I showed you how they can, and you have not shown why they can't.

> You outright lied here that China can replace signal on US devices, and nothing you have said so far changes this.

Lie. I never said they can do this on US devices, only that Apple can.

j / k navigate · click thread line to collapse