Monday, March 17, 2014

Sometimes actions based on Good intentions can have bad consequences - Apple iOS 7 could be a good example.



Please note, I am giving the benefit of doubt to Apple here because this happened with the new release of the OS otherwise , I normally go with  Bruce Scheneier  thoughts (link below)



According to the article:- 

Apple, he explained, recognized that the method of generating random numbers in iOS 6 could be improved on. Its security engineers leveraged the phone's CPU clock counter on earlier version of iOS, Mandt said.

"That's not very good, but still somewhat unpredictable," he said.

The problem with the new generator in iOS 7 is that it uses a linear recursion algorithm, Mandt said, which has "more correlation" between the values it generates. That makes them easier to extrapolate and guess, he said



The links below has more information:

No comments:

Post a Comment