| Our friend above is likely under NDA, so they won’t be able to comment on intricacies. Luckily, I am not under an NDA, and I can tell you that the Reddit post is nonsense. A straight-up lie when you assume bad faith or poor recollection if you assume good faith. The scenario described there, and further expanded upon by OP in comments is pretty much impossible. I hedge only because of an astronomical unlikely probability that everything in the universe aligned perfectly. As you seem to be aware, encryption keys are involved, and that involvement lies at the root of the impossibility. Say you’re inclined to believe that the Secure Enclave that stores this key has a massive bug that doesn’t delete the key upon wiping. That alone wouldn’t explain a scenario like that. In addition to not deleting that key, the OS must’ve been unable to detect and try to use that key until some serious potent code was introduced in 17.5. Also, during the wipe, the encrypted data partition that goes with the key must’ve not been deleted and gone unnoticed by the OS up until 17.5. In addition, the OS must’ve kept the key intact, and ignored the existence of the encrypted data partition. Creating a new encrypted data partition with an accompanying key and acting as if it was all business as usual. Then, suddenly, 17.5 comes around. It would have to have seen two encrypted data partitions with two encryption keys, mounted the most recent encrypted data partition, and decrypted it with the most recent encryption key without any issues and hiccups, only to then do something quite miraculous. It would, at that point, do something that it was never designed to do, namely decrypt and mount the old data partition, all while the most recent one is already mounted, grab only a bunch of old photos from a corrupted database, nothing to else, and merge it into the database located on the most recent data partition. All this while ignoring many complexities related to key pairs tied to iCloud accounts that I’ve omitted for simplicity’s sake and without throwing up a single error, much less a respring or, more likely, a kernel panic. Just the part about mounting two partitions alone would cause huge issues. It’s nearly impossible to do this on purpose due to hardware limitations on storage and the way the Secure Enclave works. To entertain a string of bugs that would execute this perfectly is just silly. Who needs jailbreakers and the likes of Pegasus spending hours designing chain exploits when the OS stumbles into perfectly executed bugs that defy the law of physics? |
Just seems odd to me that he would make that whole story up.
I know it's the internet but there doesn't seem to be a compelling motivation for someone to do that.
I think it's reasonable to expect a more detailed explanation from Apple, when it's closed source software from a company that claims to value privacy, yet exhibiting a confidence-eroding problem like this.