|
| View previous topic :: View next topic |
| Author |
Message |
DuncanIdaho
Franchise Player
Joined: 26 Apr 2004
Posts: 17247
Location: In a no-ship
|
 Posted: Mon Feb 22, 2016 2:19 pm Post subject: |
|
|
| angrypuppy wrote: | | DuncanIdaho wrote: |
Note the bolder parts. The phone password was changed while in FBI custody. So much for the bumblin' county folks changing it, right? |
Not really. This is where we disagree. I think Apple is just as likely to lie, exaggerate or misstate as the FBI. Just because Apple says it was in the FBI's custody does not make it true, just as the FBI stating that it was San Bernardino County who reset the Apple ID password does not make it true. Both are doing their best to manipulate public opinion in order to promote their divergent agendas. |
Um, you have the FBI admitting that what Apple said was true 3 days ago. Did you miss it? Or are you saying that none of this is true? 
|
|
| Back to top |
|
 |
DuncanIdaho
Franchise Player
Joined: 26 Apr 2004
Posts: 17247
Location: In a no-ship
|
| Posted: Mon Feb 22, 2016 2:25 pm Post subject: |
|
|
| Quote: | Former NSA and CIA chief says Apple is right on the bigger issue of encryption back door
Retired General Michael Hayden, former head of both the NSA and CIA, told USA Today that while he “trends toward the government” on the ‘master key‘ approach to the San Bernardino case, he thinks Apple is right that there should never be a back door to encryption. His remarks were made as Tim Cook called for the government to drop its demands that Apple help the FBI break into an iPhone.
Hayden went so far as to specifically call out FBI Director Jim Comey in his comments.
| Quote: | | In this specific case, I’m trending toward the government, but I’ve got to tell you in general I oppose the government’s effort, personified by FBI Director Jim Comey. Jim would like a back door available to American law enforcement in all devices globally. And, frankly, I think on balance that actually harms American safety and security, even though it might make Jim’s job a bit easier in some specific circumstances. |
Comey has repeatedly attacked Apple’s use of strong encryption on iPhones …
Hayden said that while he would have loved a back door into encrypted devices while he was running the NSA, the problem – as I argued – is that others would inevitably gain access to it.
| Quote: |
“When you step back and look at the whole question of American security and safety writ large, we are a safer, more secure nation without back doors,” he says. With them, “a lot of other people would take advantage of it.” |
Hayden said that there were, though, no easy answers.
| Quote: |
What we’re trying to do here is what free people and this free people have done since the inception of the republic, which is to balance two things, both of which are virtues: our security and our privacy. There are no permanent answers to that. We debate them continuously based on the totality of circumstances in which we find ourselves. The point I make to our countrymen: This is not a struggle between the forces of light and the forces of darkness. This is a good people, trying to find the right balance. |
Lest anyone think Hayden has gone soft in his retirement, he had uncompromising things to say about everything from waterboarding (justified to get information to protect America) to the NSA’s mass surveillance of phone records (the NSA should have been a bit more open about it, but people over-reacted).
The entire piece – including Hayden’s assessment of current Presidential candidates – is well worth a read.
Photo: FPA
http://9to5mac.com/2016/02/22/michael-hayden-fbi-apple-encryption/ |
|
|
| Back to top |
|
|
Aeneas Hunter
Retired Number
Joined: 12 Jul 2005
Posts: 31763
|
| Posted: Mon Feb 22, 2016 2:53 pm Post subject: |
|
|
| ringfinger wrote: | | angrypuppy wrote: | | DuncanIdaho wrote: |
Note the bolder parts. The phone password was changed while in FBI custody. So much for the bumblin' county folks changing it, right? |
Not really. This is where we disagree. I think Apple is just as likely to lie, exaggerate or misstate as the FBI. Just because Apple says it was in the FBI's custody does not make it true, just as the FBI stating that it was San Bernardino County who reset the Apple ID password does not make it true. Both are doing their best to manipulate public opinion in order to promote their divergent agendas. |
Yup. Apple lied in the follow-up. They specifically said the government wants a new operating system. That isn't true.
The government, actually, specifically requested in the court order, that Apple develop a software packet that does not modify the operating system. It actually states almost verbatim.
Just wait. The same person wafting about privacy will, at some point in the near future, complain that Apple will not help them get in to their own phone. "It's my data -- waaaaaaaaaah". |
That's not quite correct. The order does contain the language you mention, but this is a description of a suggested means of complying with the order. I believe that Apple is saying that this is not feasible and that a new OS would be required.
We'll see what Apple says in its legal filing. |
|
| Back to top |
|
|
angrypuppy
Retired Number
Joined: 13 Apr 2001
Posts: 32754
|
| Posted: Mon Feb 22, 2016 2:56 pm Post subject: |
|
|
| DuncanIdaho wrote: | | angrypuppy wrote: | | DuncanIdaho wrote: |
Note the bolder parts. The phone password was changed while in FBI custody. So much for the bumblin' county folks changing it, right? |
Not really. This is where we disagree. I think Apple is just as likely to lie, exaggerate or misstate as the FBI. Just because Apple says it was in the FBI's custody does not make it true, just as the FBI stating that it was San Bernardino County who reset the Apple ID password does not make it true. Both are doing their best to manipulate public opinion in order to promote their divergent agendas. |
Um, you have the FBI admitting that what Apple said was true 3 days ago. Did you miss it? Or are you saying that none of this is true?
|
\
The iPhone was in custody of the County, not the FBI. That is not what you posted earlier:
| DuncanIdaho wrote: | | Unfortunately, we learned that while the attacker’s iPhone was in FBI custody the Apple ID password associated with the phone was changed. |
Again, Apple is overstating the case. I don't doubt that the FBI consulted with the County, and that's why Apple is counterattacking. |
|
| Back to top |
|
|
ringfinger
Retired Number
Joined: 08 Oct 2013
Posts: 29418
|
| Posted: Mon Feb 22, 2016 3:04 pm Post subject: |
|
|
| DuncanIdaho wrote: | | ringfinger wrote: | | angrypuppy wrote: | | DuncanIdaho wrote: |
Note the bolder parts. The phone password was changed while in FBI custody. So much for the bumblin' county folks changing it, right? |
Not really. This is where we disagree. I think Apple is just as likely to lie, exaggerate or misstate as the FBI. Just because Apple says it was in the FBI's custody does not make it true, just as the FBI stating that it was San Bernardino County who reset the Apple ID password does not make it true. Both are doing their best to manipulate public opinion in order to promote their divergent agendas. |
Yup. Apple lied in the follow-up. They specifically said the government wants a new operating system. That isn't true.
The government, actually, specifically requested in the court order, that Apple develop a software packet that does not modify the operating system. It actually states almost verbatim.
Just wait. The same person wafting about privacy will, at some point in the near future, complain that Apple will not help them get in to their own phone. "It's my data -- waaaaaaaaaah". |
I think Apple knows more about their software than the government does. If Apple says they have to create a new OS version to get this data, then I believe that. It doesn't matter what the FBI asked for if it's not physically possible.
If the government asked Apple to create a perpetual motion machine, I bet you'd (bleep) about Apple not complying with that order too.
As far as getting your phone's data -- that's what iCloud backups are for. And the FBI would have its hands on that unencrypted data right now had it not ordered the password on the phone changed like a bunch of rookies. |
Let's assume you're right, and that what the government is asking for, is not technically feasible...
... then why has Apple's response been all about privacy and security?
They could have simply responded to the request and said, umm, your request for a perptual motion machine, I mean, non-iOS impacting software packet, is in violation of the laws of physics and cannot be met.
All this privacy/security nonsense is moot if the government is asking for the impossible. |
|
| Back to top |
|
|
DuncanIdaho
Franchise Player
Joined: 26 Apr 2004
Posts: 17247
Location: In a no-ship
|
| Posted: Mon Feb 22, 2016 5:43 pm Post subject: |
|
|
| ringfinger wrote: | | DuncanIdaho wrote: | | ringfinger wrote: | | angrypuppy wrote: | | DuncanIdaho wrote: |
Note the bolder parts. The phone password was changed while in FBI custody. So much for the bumblin' county folks changing it, right? |
Not really. This is where we disagree. I think Apple is just as likely to lie, exaggerate or misstate as the FBI. Just because Apple says it was in the FBI's custody does not make it true, just as the FBI stating that it was San Bernardino County who reset the Apple ID password does not make it true. Both are doing their best to manipulate public opinion in order to promote their divergent agendas. |
Yup. Apple lied in the follow-up. They specifically said the government wants a new operating system. That isn't true.
The government, actually, specifically requested in the court order, that Apple develop a software packet that does not modify the operating system. It actually states almost verbatim.
Just wait. The same person wafting about privacy will, at some point in the near future, complain that Apple will not help them get in to their own phone. "It's my data -- waaaaaaaaaah". |
I think Apple knows more about their software than the government does. If Apple says they have to create a new OS version to get this data, then I believe that. It doesn't matter what the FBI asked for if it's not physically possible.
If the government asked Apple to create a perpetual motion machine, I bet you'd (bleep) about Apple not complying with that order too.
As far as getting your phone's data -- that's what iCloud backups are for. And the FBI would have its hands on that unencrypted data right now had it not ordered the password on the phone changed like a bunch of rookies. |
Let's assume you're right, and that what the government is asking for, is not technically feasible...
... then why has Apple's response been all about privacy and security?
They could have simply responded to the request and said, umm, your request for a perptual motion machine, I mean, non-iOS impacting software packet, is in violation of the laws of physics and cannot be met.
All this privacy/security nonsense is moot if the government is asking for the impossible. |
Well, I mean that is what is happening right? They're saying that to comply they'd have to create a new iOS with a backdoor (aka "non-iOS impacting software packet" won't work), basically opening pandora's Box. |
|
| Back to top |
|
|
tlim
Star Player
Joined: 26 Jun 2002
Posts: 6649
|
| Posted: Tue Feb 23, 2016 5:52 pm Post subject: |
|
|
https://www.mikeash.com/pyblog/friday-qa-2016-02-19-what-is-the-secure-enclave.html
A nice analysis of the cryptography the iPhone. So basically, the checks _are_ on the crypto chip with Secure Enclave for newer ones but not on the older ones.
So even the start wipe is most likely on the cyrpto chip. _But_ the problem doesn't seem to be that, but the exponential back off of acceptance of the chipset getting the keycode.
So even if you circumvent the OS call and nack an OS wipe, even getting the number of guesses will take forever unless you hack the OS to believe the time has changed. |
|
| Back to top |
|
|
DaMuleRules
Retired Number
Joined: 10 Dec 2006
Posts: 52654
Location: Making a safety stop at 15 feet.
|
|
| Back to top |
|
|
DuncanIdaho
Franchise Player
Joined: 26 Apr 2004
Posts: 17247
Location: In a no-ship
|
| Posted: Tue Feb 23, 2016 6:39 pm Post subject: |
|
|
And now Justice Scalia is gone. He would have been the biggest roadblock at the Supreme Court against them. Say what you will about him but he was as firm as it got ruling for the 4th amendment against LEO trying to overstep their authority. |
|
| Back to top |
|
|
ringfinger
Retired Number
Joined: 08 Oct 2013
Posts: 29418
|
| Posted: Tue Feb 23, 2016 8:00 pm Post subject: |
|
|
| DuncanIdaho wrote: | | ringfinger wrote: | | DuncanIdaho wrote: | | ringfinger wrote: | | angrypuppy wrote: | | DuncanIdaho wrote: |
Note the bolder parts. The phone password was changed while in FBI custody. So much for the bumblin' county folks changing it, right? |
Not really. This is where we disagree. I think Apple is just as likely to lie, exaggerate or misstate as the FBI. Just because Apple says it was in the FBI's custody does not make it true, just as the FBI stating that it was San Bernardino County who reset the Apple ID password does not make it true. Both are doing their best to manipulate public opinion in order to promote their divergent agendas. |
Yup. Apple lied in the follow-up. They specifically said the government wants a new operating system. That isn't true.
The government, actually, specifically requested in the court order, that Apple develop a software packet that does not modify the operating system. It actually states almost verbatim.
Just wait. The same person wafting about privacy will, at some point in the near future, complain that Apple will not help them get in to their own phone. "It's my data -- waaaaaaaaaah". |
I think Apple knows more about their software than the government does. If Apple says they have to create a new OS version to get this data, then I believe that. It doesn't matter what the FBI asked for if it's not physically possible.
If the government asked Apple to create a perpetual motion machine, I bet you'd (bleep) about Apple not complying with that order too.
As far as getting your phone's data -- that's what iCloud backups are for. And the FBI would have its hands on that unencrypted data right now had it not ordered the password on the phone changed like a bunch of rookies. |
Let's assume you're right, and that what the government is asking for, is not technically feasible...
... then why has Apple's response been all about privacy and security?
They could have simply responded to the request and said, umm, your request for a perptual motion machine, I mean, non-iOS impacting software packet, is in violation of the laws of physics and cannot be met.
All this privacy/security nonsense is moot if the government is asking for the impossible. |
Well, I mean that is what is happening right? They're saying that to comply they'd have to create a new iOS with a backdoor (aka "non-iOS impacting software packet" won't work), basically opening pandora's Box. |
Sort of. This is where the two entities are having a standoff. At no point has the government requested a master key. That is Apple's spin. The government has requested a single key that only opens one door.
Apple is saying the only way to make a key that opens that door is to make a master key.
The government doesn't agree.
It's an interesting battle. I'll pose what I think is an interesting question on a separate post. |
|
| Back to top |
|
|
ringfinger
Retired Number
Joined: 08 Oct 2013
Posts: 29418
|
| Posted: Tue Feb 23, 2016 8:00 pm Post subject: |
|
|
| Just curious -- if the U.S. government could hack in to the shooter's phone and get what they needed, would anyone care? |
|
| Back to top |
|
|
I Bleed P&G
Starting Rotation
Joined: 01 Dec 2015
Posts: 833
|
| Posted: Tue Feb 23, 2016 9:12 pm Post subject: |
|
|
Also think of off if this way, Apple employees are just like you and me who are American citizen who can don't want their privacy being compromised while trying to provide accesses this phone. . |
|
| Back to top |
|
|
ringfinger
Retired Number
Joined: 08 Oct 2013
Posts: 29418
|
| Posted: Tue Feb 23, 2016 9:32 pm Post subject: |
|
|
| I Bleed P&G wrote: |
Also think of off if this way, Apple employees are just like you and me who are American citizen who can don't want their privacy being compromised while trying to provide accesses this phone. . |
And yet -- no one seems to complain when the police seize a laptop in a criminal investigation and via warrant, gain access to its contents. |
|
| Back to top |
|
|
Aeneas Hunter
Retired Number
Joined: 12 Jul 2005
Posts: 31763
|
|
| Back to top |
|
|
tlim
Star Player
Joined: 26 Jun 2002
Posts: 6649
|
| Posted: Thu Feb 25, 2016 7:44 am Post subject: |
|
|
Two things: the key would open all phones due to how the encruption chip is set up. According to the article I posted, they hack the OS that then lies and tells the chip that a certain amount of time has passed when it actually hasn't. That key will open up everything.
Secondly, file systems are now being encrypted on computers as well. So if they have that, the laptops will also face the same problem soon.
Last edited by tlim on Thu Feb 25, 2016 8:43 am; edited 1 time in total |
|
| Back to top |
|
|
ringfinger
Retired Number
Joined: 08 Oct 2013
Posts: 29418
|
| Posted: Thu Feb 25, 2016 7:54 am Post subject: |
|
|
Yeah this is going to get really interesting because this has never really been feasible before.
On the one hand, having anything secured by something that is impenetrable is a good thing.
On the other, when that time comes, there is going to be a situation where the same folks are going to have a real issue particularly with documents being stored more often in digital formats.
What happens when some kind of glitch or even malware causes your device to fail to recognize your PIN/Password? |
|
| Back to top |
|
|
DuncanIdaho
Franchise Player
Joined: 26 Apr 2004
Posts: 17247
Location: In a no-ship
|
| Posted: Thu Feb 25, 2016 8:51 am Post subject: |
|
|
| ringfinger wrote: |
Yeah this is going to get really interesting because this has never really been feasible before.
On the one hand, having anything secured by something that is impenetrable is a good thing.
On the other, when that time comes, there is going to be a situation where the same folks are going to have a real issue particularly with documents being stored more often in digital formats.
What happens when some kind of glitch or even malware causes your device to fail to recognize your PIN/Password? |
Yeah, that's the major concern. Right now there's the DFU mode on iPhones so Apple can troubleshoot. Since that's being used as an attack vector, eliminating it will eliminate their ability to troubleshoot, but also close the door to everyone. |
|
| Back to top |
|
|
Aeneas Hunter
Retired Number
Joined: 12 Jul 2005
Posts: 31763
|
| Posted: Thu Feb 25, 2016 9:05 am Post subject: |
|
|
| The logical solution is to make it optional on the part of the user. "If you select the Skynet option, your data will not be recoverable if you forget your password, or if malware or hackers cause your phone not to recognize the password. This option should be selected only if you expect to have extremely sensitive data. Even if you select this option, you should consider backing up your non-sensitive data into a recoverable cloud storage system." |
|
| Back to top |
|
|
ringfinger
Retired Number
Joined: 08 Oct 2013
Posts: 29418
|
| Posted: Thu Feb 25, 2016 12:04 pm Post subject: |
|
|
| Aeneas Hunter wrote: | | The logical solution is to make it optional on the part of the user. "If you select the Skynet option, your data will not be recoverable if you forget your password, or if malware or hackers cause your phone not to recognize the password. This option should be selected only if you expect to have extremely sensitive data. Even if you select this option, you should consider backing up your non-sensitive data into a recoverable cloud storage system." |
Yeah it's interesting you say this. What most people don't realize, is that what they think they want, and what they actually want, aren't always aligned. (Ironically, Steve Jobs really understood this).
Do you know what happens when you make things more secure? People work, heck, they'll go out of their way to make it less secure because they are lazy. Back in the day, applications and websites used to allow you to use any password you wish. Now there are all these rules.
Must contain a capital letter, a number, a special character, can't use any of your last 5 passwords, can't use the name of the application in the password. Great, more security!
So now JoeBob just writes his passwords down and keeps them on a sheet paper at his desk or uses a password management tool. LMAO.
My fear, if they ever get to "impenetrable" is that people won't want it once they actually understand what it means, and they'll move to truly unsecure things for easy and guaranteed access. |
|
| Back to top |
|
|
Deathstroke
Star Player
Joined: 10 Dec 2015
Posts: 2131
Location: OC
|
| Posted: Thu Feb 25, 2016 12:35 pm Post subject: |
|
|
| The government trying to force Apple to do this is a fascist move. |
|
| Back to top |
|
|
DuncanIdaho
Franchise Player
Joined: 26 Apr 2004
Posts: 17247
Location: In a no-ship
|
| Posted: Thu Feb 25, 2016 12:43 pm Post subject: |
|
|
About a year ago:
| Quote: | Obama is upset that China wants tech companies to undermine their own security
President Obama came out against back doors in encrypted communications -- if the Chinese government can access them. But the president has avoided taking a position on whether tech companies should build in ways for U.S. law enforcement to access secure communications, a policy endorsed by some high-ranking administration figures.
Obama criticized a far-reaching Chinese counterterrorism proposal during an interview with Reuters released Monday. The Chinese plan would require technology companies to build back doors into their products and hand over encryption keys that secure customer data for use in Chinese surveillance programs.
The laws, the president said, "would essentially force all foreign companies, including U.S. companies, to turn over to the Chinese government mechanisms where they can snoop and keep track of all the users of those services." Obama told Reuters he had directly raised his concerns with Chinese President Xi Jinping. "We have made it very clear to them that this is something they are going to have to change if they are to do business with the United States."
https://www.washingtonpost.com/news/the-switch/wp/2015/03/03/obama-is-upset-that-china-wants-tech-companies-to-undermine-their-own-security/ |
|
|
| Back to top |
|
|
ringfinger
Retired Number
Joined: 08 Oct 2013
Posts: 29418
|
| Posted: Thu Feb 25, 2016 1:21 pm Post subject: |
|
|
| Deathstroke wrote: | | The government trying to force Apple to do this is a fascist move. |
Haha, let's not go overboard here. It was a request, which Apple has declined, and now the two sides will discuss. |
|
| Back to top |
|
|
Aeneas Hunter
Retired Number
Joined: 12 Jul 2005
Posts: 31763
|
| Posted: Thu Feb 25, 2016 1:32 pm Post subject: |
|
|
| I haven't read Apple's brief yet, but apparently Apple is making some sort of first amendment argument. |
|
| Back to top |
|
|
Aeneas Hunter
Retired Number
Joined: 12 Jul 2005
Posts: 31763
|
| Posted: Thu Feb 25, 2016 1:43 pm Post subject: |
|
|
A lot of this is legalese, but this will answer most if not all of the technical questions being discussed here. Apple says that it would need to design a new operating system, and it gives estimates for how much work it would take.
http://www.nytimes.com/interactive/2016/02/25/technology/document-apple-motion-opposing-iphone-order.html
For what it is worth, I find the main legal argument to be compelling. I am not as persuaded by the first and fifth amendment arguments. |
|
| Back to top |
|
|
lakersken80
Retired Number
Joined: 12 Aug 2009
Posts: 38776
|
| Posted: Thu Feb 25, 2016 2:26 pm Post subject: |
|
|
| DuncanIdaho wrote: | About a year ago:
| Quote: | Obama is upset that China wants tech companies to undermine their own security
President Obama came out against back doors in encrypted communications -- if the Chinese government can access them. But the president has avoided taking a position on whether tech companies should build in ways for U.S. law enforcement to access secure communications, a policy endorsed by some high-ranking administration figures.
Obama criticized a far-reaching Chinese counterterrorism proposal during an interview with Reuters released Monday. The Chinese plan would require technology companies to build back doors into their products and hand over encryption keys that secure customer data for use in Chinese surveillance programs.
The laws, the president said, "would essentially force all foreign companies, including U.S. companies, to turn over to the Chinese government mechanisms where they can snoop and keep track of all the users of those services." Obama told Reuters he had directly raised his concerns with Chinese President Xi Jinping. "We have made it very clear to them that this is something they are going to have to change if they are to do business with the United States."
https://www.washingtonpost.com/news/the-switch/wp/2015/03/03/obama-is-upset-that-china-wants-tech-companies-to-undermine-their-own-security/ |
|
Yep, and if the US government has their way who is to say that other foreign governments won't to the same to get access to private data of individuals. I can see a government like China using it to blackmail individuals so they can spy for their government. |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
