Apple challenges 'chilling' demand to decrypt San Bernardino shooter's iPhone

[Ask Mr. Religion]

From the company likely behind the recent Apple phone crack for the FBI comes a means of detecting a driver's distraction using a phone while driving and in a subsequent accident:

http://arstechnica.com/tech-policy/...yzer-now-meet-the-roadside-police-textalyzer/

AMR

 

[kmoney]

Can you find someone who says encryption cannot be strong? Who are you arguing with?

Encryption can always be overcome. Privacy cannot be guaranteed. Apple was stupid to pretend it could.

They made a song and dance that put the issue in the headlines and got burned in the PR department when the FBI cracked the phone. They should have quietly aided the FBI.

Why should Apple have aided the FBI if they thought it could damage privacy? Guarantees aside, why wouldn't they avoid doing something that could make it even more vulnerable?

Is your argument that the risk of privacy lost is worth the security gained by unlocking the phone?

 

[Stripe]

Why should Apple have aided the FBI if they thought it could damage privacy?Guarantees aside, why wouldn't they avoid doing something that could make it even more vulnerable?

It didn't harm privacy. Their systems remain vulnerable with or without the FBI.

Is your argument that the risk of privacy lost is worth the security gained by unlocking the phone?

You should try just reading what I say. :up:

 

[rexlunae]

Can you find someone who says encryption cannot be strong? Who are you arguing with?

Encryption can always be overcome. Privacy cannot be guaranteed. Apple was stupid to pretend it could.

Meanwhile, you seem to be arguing with yourself. You think encryption can be strong. But that it can always be overcome. You're not making any sense.

 

[Stripe]

Meanwhile, you seem to be arguing with yourself. You think encryption can be strong. But that it can always be overcome. You're not making any sense.

:darwinsm:

I guess you had to say something. :chuckle:

Let's see. Steel can be strong, but it can always be cut.

You gonna argue with that too?

 

[rexlunae]

:darwinsm:

I guess you had to say something. :chuckle:

Let's see. Steel can be strong, but it can always be cut.

Yes. But we still build things out of steel. And we don't intentionally weaken it, usually. What I don't get is how you get to 'Apple should have just helped the FBI' or 'Apple doesn't understand encryption'.

 

[Stripe]

Yes. But we still build things out of steel. And we don't intentionally weaken it, usually.

Can you find someone who says we should not use crypto? You should start an argument with them. I bet you'd win. :up:

What I don't get is how you get to 'Apple should have just helped the FBI' or 'Apple doesn't understand encryption'.

I can't help you with simple comprehension. Try reading slower? :idunno:

 

[Ask Mr. Religion]

Meanwhile, you seem to be arguing with yourself. You think encryption can be strong. But that it can always be overcome. You're not making any sense.

Is not it the point that there is but one encryption scheme that cannot be broken given the practicality of commercial uses of encryption? Even strong encryption methods (PGP (yes, PGP), AES) may become weak someday given technological advances. As far as I know, only One-Time Pad (OTP), when used properly, is unbreakable, but not very practical. That said, OTP's requirement for a truly random pad value makes the claim I just made a wee bit suspect in real-world vs. theoretical domains.

AMR

 

[rexlunae]

Is not it the point that there is but one encryption scheme that cannot be broken given the practicality of commercial uses of encryption? Even strong encryption methods (PGP (yes, PGP), AES) may become weak someday given technological advances.

They may become weak in time. They may suffer from fatal flaws. He said it can (present tense) always be overcome. The only sense in which that's true is if you have unlimited resources and time, or some other advantage that isn't a given in any circumstance.

As far as I know, only One-Time Pad (OTP), when used properly, is unbreakable, but not very practical. That said, OTP's requirement for a truly random pad value makes the claim I just made a wee bit suspect in real-world vs. theoretical domains.

OTP is pretty hard to use correctly, and the ways it will fail are in the security of generating and sharing the keys. It certainly won't replace public-key crypto for online transactions.

 

[Stripe]

They may become weak in time. They may suffer from fatal flaws. He said it can (present tense) always be overcome. The only sense in which that's true is if you have unlimited resources and time, or some other advantage that isn't a given in any circumstance.

It looks like you're desperate to disagree.

No security can ever be guaranteed to keep people out. You've already agreed that this is "theoretically" and "technically" true. And given that it is all I have said, your argumentative nature is just plain weird.

Oh, I also said Tim Cook is a homo. Is that what you're upset about?

 

[Ask Mr. Religion]

Washington Post claims a zero-day exploit identified by hackers that were paid for the information allowed FBI to access the terrorist's phone:

"The FBI cracked a San Bernardino terrorist’s phone with the help of professional hackers who discovered and brought to the bureau at least one previously unknown software flaw, according to people familiar with the matter.

The new information was then used to create a piece of hardware that helped the FBI to crack the iPhone’s four-digit personal identification number without triggering a security feature that would have erased all the data, the individuals said."
https://www.washingtonpost.com/worl...97814a-00de-11e6-9d36-33d198ea26c5_story.html

AMR

 

[kmoney]

From the company likely behind the recent Apple phone crack for the FBI comes a means of detecting a driver's distraction using a phone while driving and in a subsequent accident:

http://arstechnica.com/tech-policy/...yzer-now-meet-the-roadside-police-textalyzer/

AMR

Not sure yet how I feel about that. :think:

 

[kmoney]

It didn't harm privacy. Their systems remain vulnerable with or without the FBI.You should try just reading what I say. :up:

I have read what you said. I'm just not sure what your point is.

 

[Stripe]

I have read what you said. I'm just not sure what your point is.

OK. :up:

 

[Ask Mr. Religion]

Hacking Tools Behind the San Bernadino Shooter's iPhone Issue Released

Hacking Tools Behind the San Bernadino Shooter's iPhone Issue Released

Hacker Dumps iOS Cracking Tools Allegedly Stolen from Cellebrite

"Cellebrite is an Israeli firm which specializes in extracting data from mobile phones for law enforcement agencies. The company's flagship product, the Universal Forensic Extraction Device (UFED), typically comes as a small, laptop-sized device, and can pull SMS messages, emails, and more from thousands of different mobile phone models. The investigator needs to have physical access to the phone to analyze it.

"In early 2016, the Department of Justice and Apple entered a fierce legal battle, in which the department tried to legally compel Apple to build a custom operating system that would allow investigators to bypass security protections on an iPhone. A concern at the time was that, if such an operating system was created, it could leak and become public."

More here:
https://motherboard.vice.com/en_us/...acking-tools-allegedly-stolen-from-cellebrite

Most news sources claim that the FBI paid Cellebrite around $1.3M for the cracking effort.

AMR