Friday, July 31, 2009

Provisioning is Non-Trivial (Some thoughts on jailbroken iPhones and unique IDs)

(And now for something really different than most of the other posts on this blog...)

One of my friends commented "OMG, Seton, the transmitter and its identifier are under application s/w control? Be afraid. Be very afraid" when reading the CNET item on jailbreaking the iPhone (http://bit.ly/4bxraS).

This made me think how non-trivial it can be to provision devices and services. Way back in the 80's there was this thing called "DECnet". It ran over this rather new technology called "Ethernet". When I went to work at PBS HQ in 1986 we had this big thick (think half an inch in diameter) cable making a "U" in our building and all our nice little 80 character by 24 line CRT terminals were attached via DECnet. My techie friends said I should be proud. I just enjoyed making it work.

DECnet worked (at one point) by allowing the software to change the ID of the Network Interface Card. The Ethernet ID of the NIC was programmed to include the DECnet address assigned to the NIC. The other devices didn't need to keep tables of addresses, "discover" their own address, etc. You just programmed the node address right into the Ethernet interface.

Bad guys do the same thing with our Wireless Access Points all the time - one of the attacks is to program the attacking wireless device with the same MAC address as the "victim", then send with more power than the victim. We create whole classes of additional programs, authorization, and encryption to get around this. One that worked for a bit was called WEP, now BROKEN. For Wireless we now have moved to WPA and WPA2, where we trade bits of "secret" information back and forth to ensure we are really who we think we are.

So What About the iPhone ?
So if I can change ID of a phone (and since almost everything is done via computer these days it is likely I can do so if I can "break out" of the "jail" of the box) it is easy to make the phone do funny things. So to ensure there is one and only one unique me the phone I have in my hand and the system I am talking with need to share some unique (and perhaps "secret") information. Thus "Provisioning".

Apple and AT&T want to make it easy (read "doesn't cost much") to uniquely identify the phone, and to make it easy for the system to talk with the phone. I am guessing the fewer things they have to change after building the phone, and the fewer things we have to do or install on the phone, the happier we all are.

The statement about the "Jailbroken" iPhone simply identifies one of the hidden costs in keeping it cheap: By using software to create the ID Apple avoids the infrastructure for uniquely branding each phone and trading "secret" infromation as part of the purchase process (that is as they "provision" the device) and you and I don't need to take time to create or buy a special token of some sort...

But for the bad guys time costs almost nothing so they are willing to spend lots of time finding something that is common to every device and then they will use that one trick for quite a while. Meanwhile Apple and AT&T have to fix the infrastructure. Something that can take significant amounts of time (and quite a few people).

(This made me think of trying to reboot several hundred Internet routers, each one with a whole bunch of customers connected. All in one night. Another non-trivial activity.)

No comments: