My favorite crypto feature is limited cracking attempts. Socialist millionaire, PAKE, Secure Enclave, YubiKeys, this http://blog.cryptographyengineering.com/2016/08/is-apples-cloud-key-vault-crypto.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed:+AFewThoughtsOnCryptographicEngineering+(A+Few+Thoughts+on+Cryptographic+Engineering)&m=1 …
No, I'm saying you shouldn't pretend you can safely hold users' passwords for other services...
-
-
...when you have the physical means to access them and disclose them to third parties.
-
please explain to me how Apple could have possibly made it any more impossible to do exactly that
-
I already said they can't. All I'm asking for is not pretending they can.
-
sure, if you define "secure" in a way that makes it impossible to attain, then nobody can be secure. I get it.
-
if we define "secure" as in "more protection than most nation-states", then I think they are ok using the word.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.