[runholm]

Well, this is true for any form of authentication. If you have information you need to update, you need to have a form of authentication, and authentication data can get lost. You just need to have good routines limiting the access to this data.

This is a problem for signing software, but also things like updating their webpage and content on the App Store. All these systems need to have authentication data exist, and if lost to people with malicious intent it could be lost.

[abalone]

So what does this say about Apple's claim that a "master key" is too dangerous to create? Don't they already have that.. something that hackers could use to unlock iPhones? Doesn't that danger already exist? (Again this is meant as thought-provoking conjecture.)