FBI May Be Opening A Security Hole To Federal Agencies (computerworld.com) 152
Lucas123 writes: In its rush to gather information, the FBI blew its chance to retrieve data from the iPhone of one of the San Bernardino terrorists when it ordered his iCloud passcode to be reset shortly after the attacks. Now in its fervor to force Apple to create software that can break its own encryption algorithm, the FBI may be opening a security hole to federal agencies. Over the past four years, the federal government has largely shifted its use of mobile devices from Blackberry to iPhones. One major reason for that is -- you guessed it -- the strong native security. If Apple creates an iPhone skeleton key, it not only threatens the public's privacy, but the security of the federal government as well.
Pandora's box (Score:4, Funny)
Re: (Score:1)
Pretty well. Those that were buying into Hope And Change are still hoping. They got eight years of hope out of it, that's pretty good and hoping feels so much better than changing/doing anyway.
Re: (Score:2)
Easy to enact change when the oppostion party says "We aren't going to do our jobs, we are just going to oppose EVERYTHING!"
Re: (Score:2)
Hard to enact any of that change when one side fails to propose any of their changes beyond "We need immigration reform!"
You blame the republicans for failing to come up with bills for the president to veto, while the president completely fails to propose anything to them to pass or not.
You are also talking about the president that refused to negotiate when negotiation was the only way to get what he wanted.
Re: (Score:2)
Ah, you're a far-right republican, I see (just as bad as a far-left democrat)
No reason to bother trying to talk to you
Re: (Score:2)
Nice to see you dismiss other's opinions. No, I am not a republican.
Re: (Score:1)
Re: (Score:2)
Filibustered their asses off, and the still controlled key committees
Re: (Score:1)
Gosh, how'd they retain control of key committees if they weren't the majority party?
Golly. I bet the Democrats eliminated the ability to filibuster, first chance they got, right?
Re: (Score:2)
Yawn, go suck Trump's dick elsewhere child. The adults are talking here.
Re: (Score:2)
In the US, it takes Congress to pass legislation which is the part that creates change. The person at the top sets the vision, but Congress makes it happen or in this case keeps it from happening. So, regardless of Obama, if your complaint is lack of change, that would be the Congress, which is predominately the Republican Party. There is an election coming up, where you have not only the opportunity to change the person at the top, but those who stymied any change for the last eight years.
Re: (Score:2)
Re: (Score:3)
Re: (Score:2)
Did we just see a conservative basically admitting that Romney as president would have been a shitty outcome ?
Well he was a supporter of trickle-down, which was formerly known as Horse-and-Sparrow economics. The metaphor being that "if you feed the horses well the sparrows can get by on the seeds in their droppings". So it kind of comes full circle -the term "horse-and-sparrow" fell out of favor after somebody pointed out the problem with it: the poor are *literally* expected to eat horseshit.
"skeleton key" (Score:1)
explain how allowing the FBI to brute force individual iPhones in a lab setting constitutes creating a "skeleton key" that poses a risk to iPhones in the wild? I still haven't heard a remotely plausible explanation of how this happens without some seriously high level industrial espionage of the type that could render iPhones vulnerable *anyway* without Apple ever doing a thing to assist law enforcement? -Love, Legal.Troll
Re: "skeleton key" (Score:2)
Re: (Score:3, Informative)
Nope. Companies are creating things LEO's cannot defeat. (and in the case of iPhones, something even Apple cannot defeat. Unless they start recording the UIDs of every device.)
Re: (Score:2)
If what they were doing was not *exactly* in agreement with the will of the people (you know - those guys whose consent you're supposed to have for governing them) - then it would be a piss-poor marketing strategy, akin to an ad saying "Buy an apple, we rape children for cheap labour to make them". Of course they do, in fact, do that - but they would never put it in an ad - it's a bad marketing strategy to tell the public something they don't want to hear.
Clearly then the public DOES want to hear: "We refus
Re: (Score:2)
Most people aren't tin foil hat people that through paranoia think the govt is spying on them.
And most are OK with govt monitoring communications for terrorist/criminal activity. Maybe you missed the NSA poll? https://www.washingtonpost.com... [washingtonpost.com]
Re: (Score:1)
Most people aren't tin foil hat people that through paranoia think the govt is spying on them.
And most are OK with govt monitoring communications for terrorist/criminal activity. Maybe you missed the NSA poll? https://www.washingtonpost.com... [washingtonpost.com]
That is an interesting article. The poll says that 2/3 of Democrats are in favour of the government having the ability to invade privacy, compared to 1/2 of Republicans, with a Democrat in office. With a Republican in office, it was 1/3 of Democrats and 3/4 of Republicans. It is also all about invasion of privacy specifically to thwart terrorism, one of the least likely things to kill you. How would people respond to government monitoring of your drinking, smoking, eating or driving habits?
The only conclusi
Re: (Score:2)
Most people aren't tin foil hat people that through paranoia think the govt is spying on them.
However, the government is spying on them, regardless of their level of paranoia about it.
And most are OK with govt monitoring communications for terrorist/criminal activity. Maybe you missed the NSA poll? https://www.washingtonpost.com... [washingtonpost.com]
That's because they lack imagination. They probably think they have noting to hide and therefore nothing to fear. Anyone posting here should understand that reasoning to be fallacious.
Re: (Score:2)
yes that was included under (2) "we have rendered ourselves unable to cooperate with you". Since that is what Apple is doing, that is what the law enforcement agencies have asked to be defeated via legislation.
No, this is incorrect. Law enforcement agencies are asking a court to force Apple to create new software. They are not asking for new legislation.
If it is, Apple doesn't get to decide not to cooperate. It has to build its new phones how the law says. They can avoid the threat of such legislation by not refusing to grant access to the phone of a terrorist mass murderer as a matter of marketing strategy.
Where is the law that says a company must produce whatever software tools the government requires?
Re: "skeleton key" (Score:5, Insightful)
It's kind of the difference between giving a mugger your wallet when he demands it, and bringing him to the bank to cosign for his Small Crime Business Loan then babysit his kids for a few hours while he goes and mugs some other people.
Re: (Score:2)
I keep reading that analogy, but it makes no sense... there's no car in there anywhere !
Re: (Score:2)
I keep reading that analogy, but it makes no sense... there's no car in there anywhere !
Apple Cars has built a car that is sold via retailers. One person who bought such a car committed a crime then died. (Really, it was his company car, but anyway...). The cops think there are things in the trunk that might be evidence that somebody helped him commit the crime but the trunk is locked by a programmed code set by the owner of the car. A feature of the iCar, is that the trunk can only be opened with the code while the engine is running and if the trunk is broken into or the wrong code is entered
Re: (Score:2)
Re: (Score:2)
That's only because companies are resolutely refusing to cooperate with lawful investigations. Law enforcement really has no other choice but to request legislation that prevents companies from saying either (1) "we refuse to cooperate with you", or (2) we have rendered ourselves unable to cooperate with you
Yes, they can request legislation. But that's not what they are doing. They are looking for a court to force Apple to comply, no legislation involved.
Re:"skeleton key" (Score:4, Informative)
Re: "skeleton key" (Score:5, Interesting)
Except, of course, the court order specifically allows for Apple to NOT give the binaries to the FBI and the FBI requested it that way to address exactly that issue. But hey, I just read the writ, not the bullshit lies on the Internet.
Okay, I'll bite.
What happens the next time the FBI (or any other LEA) has an iPhone that they need information off of? The FBI has divulged that there already exist about a dozen phones that need breaking. They have also admitted -- in public testimony -- that this case would set a precedent.
So please tell me, specifically: how exactly is this just about a single phone, when the actual head of the actual FBI has admitted that it is categorically NOT about a single phone?
Re: (Score:2)
Does anything in the court order prevent Apple from d
Re: "skeleton key" (Score:5, Informative)
The code as a method on a computer hard drive is been conscripted for a generation of phones, not one physical phone.
Again the House Committee on the Judiciary Hearings, The Encryption Tightrope: Balancing Americans’ Security and Privacy (Streamed live on Mar 1, 2016)
https://www.youtube.com/watch?... [youtube.com]
4:44 and onto 4:45 has the details on the request made.
Tool was to be put on a hard drive.
Hard drive with the new tool was to be sent to US gov.
A gov computer would then perform the task. Portable, reusable.
More details at (March 2, 2016)
http://nypost.com/2016/03/02/f... [nypost.com]
"“The request we got from the government in this case is, ‘Take this tool and put it on a hard drive, send it to the FBI,’ and they’d load it onto their computer,”"
Re: (Score:2)
So anyhow the feds have been going around to the local cops for several years now teaching them how to use that 'anti-terrorist' stuff to apply to virtually anyone and get away with a ton of shit they aren't suppose
Re: (Score:1)
Because the FBI doesn't want to brute force the phones, they want a backdoor into all iPhones at the OS or even better firmware level despite the mass amount of FUD https://en.wikipedia.org/wiki/... [wikipedia.org] they are filling the airwaves with. If they get away with forcing Apple to provide such, then the other vendors will be a slam dunk. Beyond that we all know that if there is a door, hidden or not some Ukrainian teenager will figure it out in like a week, not to mention actual government sponsored professionals.
Re: (Score:2)
The skeleton key applies to the court system. If the court forces Apple to open this phone, the FBI will start filing motions to open thousands of other phones. Sort of like FISA I imagine it being a rubber stamp process.
Re:"skeleton key" (Score:5, Informative)
https://www.youtube.com/watch?... [youtube.com]
Try around the 4:05 point in. 200 phones are in line for the same skeleton key needs. As mentioned, that federally demanded, universal "skeleton key" will be ready as an overlap for State and Federal courts
Re: (Score:2)
Doesn't matter; with the legal precedent set and complied with Apple cannot refuse in the future. It is three branches of government conspiring together to force Apple (and everyone else) to be able to break their devices.
Re:"skeleton key" (Score:5, Insightful)
Re: (Score:3)
You, and the FBI, are assuming that apple is even capable of writing such software.
I'm not so convinced. Bruce Schneier has frequently said: "Anybody can create a security system he himself cannot break", his point is in favour of open security and encryption standards of course - the point of a security system is that somebody else shouldn't be able to break it, being unable yourself is no evidence of that. But it also has some legitimacy as a more direct claim.
Apple was responding to the market pressures
Re: (Score:2)
"I'm not so convinced. Bruce Schneier has frequently said: "Anybody can create a security system he himself cannot break""
Which goes against the convention any ACTUAL engineer knows by heart: Man can make it, man can break it, there are no exceptions.
Re: "skeleton key" (Score:2)
And how many international standars hashing algorithms have you written ? This is like some guy who just built a barbeque pit calling the designer of the Golden Gate bridge "not an actual civil engineer"
Re: (Score:2)
The same has been said for almost every encryption method since the beginning of time.
Almost every one has been broken.
One only needs to look at history to learn from it. Actual field experience is not required.
Re: "skeleton key" (Score:2)
You utterly misunderstood the quote. It is not suggesting that anybody can create an unbreakable cypher. In fact it means the exact opposite of what you are arguing against. It means being unable to break your own cypher doesnt mean its even a little hard to break. You need lots of people trying to hreak it in order to get a decent one .
Re: (Score:2)
Re: (Score:3, Insightful)
I've always been hugely in favour of jailing CEOs. If the company commits a crime for which *I* would go to jail, then their fucking CEO should be sharing a cell with me.
How ironic that the first time it may actually happen - it's because of refusing to do something which shouldn't be a crime and is actually GOOD for the public... where was this zealous law enforcement against the fraudulent banksters in 2008 ? Where was this for all the companies that dumped toxic shit in people's drinking water ? Where's
Re: (Score:1)
Well, you can bet the FBI will do everything they can to copy the OS off the iPhone to try to use it on similar model phones. And the NSA just might happen to walk by and see what's up with the FBI's new toy. And then they will 'happen' to have one of each different model iPhone needing to be unlocked.
The NSA MIGHT be competent enough to be able to control it's use if they got it, the FBI is lucky if they can prevent the general population from poking around in their databases.
Re: (Score:2)
As if it matters (Score:5, Insightful)
Given how thoroughly large government organizations keep getting hacked - such as we've recently seen with the OPM and IRS - it's not as if there's any information on government employees' phones which isn't already in the hands of the Chinese, Russians, and various criminal syndicates.
Re: (Score:2)
it's not as if there's any information on government employees' phones which isn't already in the hands of the Chinese, Russians, and various criminal syndicates.
It has to be frustrating, from a Chinese hacker point of view. You do your job, hack the super important secret agency chief's phone... And everything you get is a dupe because the guy in the next cubicle already hacked the thing last week.
Hopefully, Slashdot has prepared him for years to deal with the frustration of reading the same "new data" over and over.
No Skeleton Key (Score:3)
Apple rather slickly has each update of each recent iOS be specific to a phone. ONE physical phone. Probably to prevent the skeleton key scenario.
Each "copy" (not really an appropriate word here) of the update is unique (I don't know the details) which makes it hard to just use the same binary to on every phone. Each "copy" only works on one phone.
Re: (Score:1)
The skeleton key is the update code just before Apple makes it phone-specific.
So I was watching the X-Files... (Score:5, Funny)
I find it hard to take the FBI seriously on iPhones when their own IT department's security is so lax.
Agent Mulder's work issued computer didn't even have a password protected lockscreen when the machine was idle. Thank goodness it was only Scully/Miller/Einstein - anyone from a double agent to a passer-by such as a cleaner or a vending machine technician could have accessed sensitive, classified information.
Re: (Score:2)
I think Mulder's computer security relied on nobody knowing there was a computer in that room... I'm pretty sure each department of janitorial staff thought the door to Mulder's office was actually a supply closet used by one of the other janitorial departments.
Re: (Score:2)
Actually... to be serious... did any OS even *have* password protected lock-screens c.a. 1993 ? I don't recall any - and certainly none that had it by default.
Re: (Score:2)
I'm certain at least TWO did. Unix (and Unix-like) and Windows NT. Unix with their X terminals often had a lock function implemented a part of xdmcp or something, and NT3.5 was already a multiuser OS. Granted though, NT 3.5 looked a lot like Windows 3.1, so there may have been apprehension since you expect it to crash...
Re: So I was watching the X-Files... (Score:2)
Ok. Never used that.
There is already a back door. (Score:4, Informative)
If it is possible for Apple to "create a backdoor" after the fact, then that itself is a back door. The FBI wants apple to release a version of it's OS that can disable certain security features and push that update out to the terrorist's phone without any confirmation from the (now deceased) user. Apple seems to confirm that this is indeed possible and has said that it would be dangerous to even create this version of it's OS because it might fall into the wrong hands and be abused. I would argue that it is already in the wrong hands, because it is in the hands of Apple, and even if Apple fights the FBI, they may be forced by a court to cooperate.
What Apple *should* do (and should have already done), is to create a security system that they would not have the ability to help the FBI hack into. They have already indicated they are working on this.
The IOS security is already broken. The only thing keeping the FBI from cracking it, is their own incompetence, and Apple's limited will to challenge the government. I doubt many people at Apple are willing to go to jail over this (nor should they be).
My advice to Apple, is to help the FBI hack into this phone, and come out with a real security system that is actually secure.
Re: (Score:2)
Re: (Score:3)
Re: (Score:2)
"What Apple *should* do (and should have already done), is to create a security system that they would not have the ability to help the FBI hack into. They have already indicated they are working on this."
Precisely. I can think of at least two ways to do this that would make the "skeleton key" scenario moot. One of those ways would make brute forcing impossible, but would require significantly greater processor power and memory.
Re: (Score:2)
Re: (Score:2)
Have you thought that through. At all?
Re: (Score:2)
Re: (Score:2)
My advice to Apple, is to help the FBI hack into this phone, and come out with a real security system that is actually secure.
The problem with this is once Apple successfully helps the FBI crack this phone, it will set a pattern of sorts, establishing a certain type of relationship between Apple and Law Enforcement. If Apple later threatens to create an OS which can't be hacked in this way, it would give the FBI the ammunition they need to go to Congress and ask for legislation to ensure that Apple can continue to provide this help to them in the future. The FBI can just say "Apple has helped us in the past, and now they're deli
Re: (Score:2)
On the contrary, I think Apple would be able to say "We are literally helping as much as we can" (whihc is not very much since the system is very secure). As opposed to "We are purposefully not helping because if we did, the FBI would actually get what they want and a lot more".
Not to mention the fact that lots of people in the government actually use these phones, and having them be secure (even from Apple), as probably a good thing. It means that the data belonging to government agencies is safe, even i
Re: (Score:2)
On the contrary, I think Apple would be able to say "We are literally helping as much as we can" (whihc is not very much since the system is very secure). As opposed to "We are purposefully not helping because if we did, the FBI would actually get what they want and a lot more".
But they are already helping the FBI as much as they can and have to, and if the FBI hadn't destroyed an easy way to acquire evidence by forcing the San Bernardino County to reset the iCloud password for the phone, they'd already have the information.
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Re: (Score:2, Interesting)
Re:Yeah, it was security that motivated them... (Score:5, Informative)
1) BB was a good platform for its time. It's near absolute inflexibility from a development perspective made it a good platform for security since it was hard enough to code, it was pretty hard to hack. Palm Pilot wasn't bad either in its time.
2) BB10 is not BB. It is based on QNX which (I have extremely extensive experience coding for at a system level in direct coordination with QNX themselves) and is otherwise an entirely new operating system consisting of millions of lines of code produced by hundreds of developers over a short span of a few years.
3) To suggest that much new and untested code (no it hasn't been) is sheer silliness and doesn't belong in a forum for people who claim to understand technology. It is mathematically impossible to develop that much code that fast with that many people and have a secure platform.
So, let's talk about this... an iPhone and a Blackberry compared side by side are equally insecure. Sure, the obvious routes probably aren't a problem, but hackers don't use obvious routes... well sometimes the do... depends on what you consider obvious
I have always hated people saying things like "I don't even run antivirus, I'm running a Mac. Unlike a PC, it's secure!". I would respond "Just because no one is openly hacking it currently doesn't mean it's secure".
BES is secure until the messages hit the phones. Once they reach the phone, all security is absolutely gone. Secure messages require secure keys. Secure keys are 3072 bits or longer (for now according to the NSA... this means they can crack 3072 but they believe others can't). Unless you are manually typing 768 hexadecimal characters into the phone every time you log in to use BES, the key used for decrypting your messages is stored on the phone somewhere.
The key to decrypt the keys is probably a pin code or possibly up to a 10 character password convenient to type on the BB keyboard without too many shifts, controls, etc...
If I can locate the store of the key, locate the code to decrypt the key, find the location of 2 or more messages which contain headers (all do), then with the proper computational power, I can obtain the key to decrypt all messages stored by BES on the phone. It's only a matter of CPU. While the number of possible passwords to decrypt the keys increases exponentially with each character in length, the fact a laptop can crack 6 characters in a few second, 8 characters in about 10 minutes, throw 65536 CPUs or a few FPGAs at the problem and it would do 10 characters in about 10 minutes.
I never have been figuring out why so many idiots think that BES is secure... to decrypt messages, the phone has to be storing the information required to decrypt them. At some level there must be a way to read the messages and the security isn't as strong as the door and the lock securing it. It's as strong as the box next to the door holding a spare key that is guarded by a simple code.
Re: (Score:2)
From Wikipedia "The product was originally developed in the early 1980s by Canadian company Quantum Software Systems, later renamed QNX Software Systems and ultimately acquired by BlackBerry in 2010.[1] QNX was one of the first commercially successful microkernel operating systems[citation needed] and is used in a variety of devices including cars[2] and mobile phones." ... not developed in a short span of a few years.
So
BB10 has FIPS 140-2 certification
"The company said its BlackBerry 10 platform has rec
Re: (Score:1)
" Unless you are manually typing 768 hexadecimal characters into the phone every time you log in to use BES, the key used for decrypting your messages is stored on the phone somewhere."
The encryption software module generates the keys you never have to type them in. The keys are changed every 24 hours so if you do manage to crack the encryption key you are only able to decrypt messages sent during that 24 hour period.
Ah, (Score:2)
here is the famous shoot in the foot again :-))
Nice to see...
Re: (Score:2)
Actually, this is more in the grand tradition of the circular firing squad.
Living in a fatasy wold (Score:1)
where we have strong security that nobody but the good guys can break.
Your government communications and data stores are secure, approved business communications and data stores are secure, but everything else can be decrypted on demand.
Wonder when non-IT businesses are going to realize they have a dog in this fight.
Not My Job (Score:2)
Protecting the U.S. government communications and information systems against penetration is part of the NSA's charter.
Wait, what?! You guys were breaking encryption as well? Who was supposed to be protecting this stuff?
Damned propaganda mill. (Score:2)
"Missed their chance" - yeah right. The mainstream news is spreading this bullshit bad enough - do we really want Slashdot treating us like a bunch of naval-gazing know-nothings?
NSA-mandated requirements defeat FBI, essentially (Score:4, Interesting)
I wrote something similar on this topic a few weeks ago for a blog post at work, though I went into more technical detail than TFA did:
http://blog.acumensecurity.net... [acumensecurity.net]
The Age of Anti-American American Agencies. (Score:2)
Our founding fathers would be pissed.
Re:The Age of Anti-American American Agencies. (Score:5, Insightful)
The "justice for all" bullshit was because they were pissed at what British Parliament did to the colonies by taxing them. King George III wasn't able to do much more than watch from the side lines. He was pissed at them too.
The truth is, more than half possibly 3/4 of the founding fathers probably would have hung Tim Cook and beat him until he cried like a girl and screamed "open it, open it".
I always wondered if those guys were so great and wise and pure and all that shit... why would they write a constitution which more or less would so easily let the country devolve into some religion where we have now existed for decades without a single amendment to improve the document by modernizing it for the times? Where's the review requirement? We treat the document as an absolute as if it is perfect in every way and to question that is borderline treason. Where is the part of the document which would protect civil liberties regarding electronic data protection? It's not there because the founding fathers didn't absolutely require that the constitution is reviewed and updated.
It was written by a bunch of pissy little bitches and a poet or two. They were all pissy at England and wrote a document to provide freedom from their oppressors for a million people or so and didn't give a shit whether it lasted 200 years in the future and certainly had no clue it would eventually be used to govern 400 million people from every country, race and religion as equals.
If you want to be true to yourself, with a few exceptions, these guys were mostly soulmates with Donald Trump. They weren't wise, they weren't great, they didn't shoot lightning bolts from their eyes and they didn't shit daffodils when they sat upon the bowl. They were men who :
a) Wanted to secure power for themselves and their families
b) Represented a group of truly fucked up people who believed righteousness was the Salem Witch Trials.
c) Believed black people were less valuable than dogs since you could love a dog.
d) Believed that religious freedom meant you should be free to believe in any form of Christianity you want.
e) The one odd ball or two who felt it was a chance to do something wholesome and good.
Don't place politicians pedestals. They might make impressive art, but they sure as hell are nothing more than people and very rarely are they more than sales people.
Re: (Score:3)
Well, they *did* intend for it to be reviewed and updated continously. James Madison suggested it be reviewed by a major national congress based on referendums every 10 years.
Their big mistake was not mandating that in the words - so now it's used like holy writ and it's authors like prophets, exactly what they knew better than to want !
Re: (Score:1)
Re: (Score:2)
...and yet the nation they created became the most successful the world has ever seen.
Which wouldn't have happened without Adolf Hitler. So unless you count him as one of the founding fathers ...
Re: (Score:2)
Hitler made a wreck of Europe, but we were already a very successful country.
Re: (Score:2)
Hitler made a wreck of Europe, but we were already a very successful country.
"A very successful country." is hardly the same as "the most successful the world has ever seen", Hitler destroyed several very successful countries and made the best scientists and artists flee to the US. The only country who has more to thank Hitler for is Israel.
Re: (Score:1)
"We treat the document as an absolute"
Well, duh. If you don't do that then it might as well not exist at all. If you treat it like it's just some flimsy list of "suggestions" then it becomes trivially easy to take away everybody's rights and you end up with a fucking totalitarian militarized nation.
Re: (Score:2)
why would they write a constitution which more or less would so easily let the country devolve into some religion where we have now existed for decades without a single amendment to improve the document by modernizing it for the times? ... Where is the part of the document which would protect civil liberties regarding electronic data protection? It's not there because the founding fathers didn't absolutely require that the constitution is reviewed and updated.
I believe that the part you're looking for is the 4th Amendment. That the current government does not honor the clause has nothing to do with the document itself, but the politicians and the voters who fail to hold them accountable for violating the constitution.
They were men who : c) Believed black people were less valuable than dogs since you could love a dog.
Not all of them. The reason slaves were treated as 3/5 of a person is the fact that the Northerners did not want the South to have undue influence from counting the population of people who could not vote and would, under the compromises they came
not so strong (Score:2)
If Apple can reset the pin count on their phones with a software update, the "native security" isn't so strong. And what that really means is that the FBI's data is owned by Apple, hardly a good situation.
What encryption algorithm? WTF? (Score:1)
"Now in its fervor to force Apple to create software that can break its own encryption algorithm"
It's doing no such thing. Could people please stop writing about this until they have the first clue about the actual issues involved here?
They're not asking Apple to 'break its own encryption algorithm'. They're asking it to provide a customized operating system that disables the automatic lockout and delay while entering PIN numbers.
Just one question remaining for Apple (Score:1)
- Given an order to produce software, and that such a capability will demonstrably then exist.
- Given a duty to maximize shareholder value.
- Given a duty to comply with national laws.
The only satisfactory solution appears to be to create the software for the first government that asks, and then to sell it to the Chinese, Germans, British, India, Brazil and anyone else.
So the question is -- just how much should Apple charge the Chinese government for the back door, so they can at least establish a fair marke
Mobile Device Management (Score:3)
I suppose it's asking too much of the Feds to have properly implemented Apple's mobile device management protocols, so that when the next Ed Snowden takes his government-issued iPhone to Moscow with him, the Feds can read his itinerary from it?
FBI is screwing themselves because... (Score:5, Interesting)
Better yet, they'll move to using programs that are written by people who added security and wouldn't know how to hack them themselves.
So, basically, all they're doing is educating the criminals to use technologies that are more secure written by companies outside of their jurisdiction.
If they open this phone, it basically will guarantee they will never be able to get to "terrorist data" ever again.
How come no one ever bitches about this? I bet you that 99% of all terrorists have moved to using something more secure by now.
support Apple (Score:1)
BB vs iOS? (Score:2)
"One major reason for that is -- you guessed it -- the strong native security."
Blackberries are more secure in many ways than iPhones. They certainly have more remotely manageable security, and can be more locked down, feature-wise.
Ugh (Score:2)
In its rush to gather information, the FBI blew its chance to retrieve data from the iPhone of one of the San Bernardino terrorists when it ordered his iCloud passcode to be reset shortly after the attacks.
This is very misleading. It would have only given them access to the data on the phone stored in iCloud.
Re: (Score:2)
In its rush to gather information, the FBI blew its chance to retrieve data from the iPhone of one of the San Bernardino terrorists when it ordered his iCloud passcode to be reset shortly after the attacks.
This is very misleading. It would have only given them access to the data on the phone stored in iCloud.
This is very misleading,They won't find any useful information on his work phone anyway, because he would have it destroyed it anyway if there were, like he did with his actual phone.
iTunes app store after FBI/Apple settle (Score:1)
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
As delusional as thinking the iPhone is currently secure from "state actors" (including foreign ones) if they physically get hold of it? Because that would be very delusional.
Well, at least a script kiddie with a Rubber Ducky can't get in.