Yeah me too. Whatever happened with that murder thing?
Also, how are these highly paid, tattooed, pot smoking geniuses working for half a mil a year going to "social engineer" this, when the guy who chose the passcode is dead? Are they going to do a seance?
McAfee is an out-of-control nutcase, but we knew that didn't we?
Probably the same way Anon's get private information to cause domestic terrorism. They get their contacts at AT&T, Verizon, Comcast, Paypal, etc to pull all the information they know about the target, relay that information to others to socially engineer other people who haven't been keeping up with the story (big hint, when something big goes down, EVERYONE knows it and accounts are typically noted to alert management if anyone accesses the account.) This is all information the FBI already has access to inside the US.
Outside the US it's a different story. Why were the other phones destroyed? There is probably something on them, that's why the FBI wants to know what that is on the surviving phone. I'm pretty sure McAfee is full of it however. It's likely that McAfee will get his hacker buddies to "crack" the iCloud backup instead. If there even is one.
I don't k ow if this has been covered before, and I know the analogy is not 100%, but can a safe manufacturer be ordered a) to open a specific safe? b) to implement a master key that would open any safe they make?
It looks like everybody is missing something pretty incredible here. The government wants to essentially trash privacy forever on a one time fishing trip...
just the opposite.
this is the precise reason there is such an outcry, and such an immediate response from Apple.
we understand what is at stake. politicians are the ones that are denying it.
apple ][ said:I don't believe for an instant that he or his team would meet success in three weeks.
He is speaking of using social engineering to figure out what the passcode is for the now expired user; like in the movies where they figure it out in 30 seconds. Only he and his crew won't be able to figure it out, and they would brick the phone.
That would be hilarious, and it would certainly put this argument to rest quickly...at least the claim about just wanting to open this one phone.
Errr, no and no. The drive is encrypted with a very secure key, but the weakest point isn't that key, it's the 4 digit key lock key of the phone (that is used to generate or retrieve or whatever the 'very secure key') that's the weak point and attack vector for the FBI.
You say "Errr, no and no," but then restate my words.
No, I don't. I make clear that it isn't about the key (and max number of tries) you mention.
Errr, no and no. The drive is encrypted with a very secure key, but the weakest point isn't that key, it's the 4 digit key lock key of the phone (that is used to generate or retrieve or whatever the 'very secure key') that's the weak point and attack vector for the FBI.
Only, if you don't have a limit of retries before it gets wiped, correct?
And I am specifically interested in the chances of an attack on the encrypted memory itself by, eg moving it to a different phone. As I understand given a eg ten time limit of retries, and no modified iOS, both attack vectors appear to be equally weak.
A brute force attack on the encrypted memory is difficult because of the very secure key, so the trick is to break the 4 digit code and get the bigger key. But this might be difficult to do off device depending on where the secure key is stored and how the access method works.
Brute force decryption might be a lot easier if Apple provided a piece of the OS source code that's located on a fixed place (I presume), but maybe Apple is not willing to provide this.
The number of tries allowed and the frequency of it is determined by the program running the key entry and check on the phone, if Apple (or someone else) provides a new (boot) image that does this, the restrictions of the old (or separate) images are bypassed...
Only, if you don't have a limit of retries before it gets wiped, correct?
And I am specifically interested in the chances of an attack on the encrypted memory itself by, eg moving it to a different phone. As I understand given a eg ten time limit of retries, and no modified iOS, both attack vectors appear to be equally weak.
A brute force attack on the encrypted memory is difficult because of the very secure key, so the trick is to break the 4 digit code and get the bigger key. But this might be difficult to do off device depending on where the secure key is stored and how the access method works.
Brute force decryption might be a lot easier if Apple provided a piece of the OS source code that's located on a fixed place (I presume), but maybe Apple is not willing to provide this.
The number of tries allowed and the frequency of it is determined by the program running the key entry and check on the phone, if Apple (or someone else) provides a new (boot) image that does this, the restrictions of the old (or separate) images are bypassed...
You say "Errr, no and no," but then restate my words.
No, I don't. I make clear that it isn't about the key (and max number of tries) you mention.
No, you do restate my comments on the subject. You wrote, "the drive is encrypted with a very secure key." Yep, I said that. "You wrote, "nut the weakest point isn't that key, it's the 4 digit key lock key of the phone." Yep, that, too. I've even pointed out that a 4-digit PIN is only a measly 10k possible combinations. You wrote, "[the PIN code is] the weak point and attack vector for the FBI." Again, what I've been writing.
So to disagree with my comment about some people saying you can swap the NAND into another iPhone, you're claiming:
It would be possible to simply swap the NAND to bypass all security measures.
That the "drive" has no encryption.
That a 4-digit PIN doesn't have 10,000 options,
That the encryption key is extremely complex compared to a 4-digit PIN.
McAfee's confidence that his team could crack the iPhone is based on the fact that he does not believe the FBI would hire the type of people he works with. Specifically, he described "prodigies" who sport mohawk haircuts, ear piercings, tattooed faces, and one person "who demands to smoke weed while working and won't work for less than a half-million dollars a year."
"I SAW THE BEST MINDS OF MY GENERATION..."*... who had only high school educations, and who demanded to smoke weed while working and were just getting started at $500,000 a year... but this was on Wall Street 25 years ago brokering corporate bonds, wearing exercise clothes to work but knowing where "the bones were buried" when liquidity was at a premium and a trade was at hand. Scientists are the last to see the real money, and treated more like government mules. Conscription is an 19th Century artifact in the USA and was settled law after the Great Civil War, but today Pharaoh still demands the slaves build pyramids, and Caesar commands the Impressors to fill the Colosseum with gladiators to satisfy their taste for power over the individual mind. Never forget that the fight is the third of the four steps to winning: "First they ignore you, then they laugh at you, then they fight you, then you win." -- Mahatma Gandhi
Comments
Outside the US it's a different story. Why were the other phones destroyed? There is probably something on them, that's why the FBI wants to know what that is on the surviving phone. I'm pretty sure McAfee is full of it however. It's likely that McAfee will get his hacker buddies to "crack" the iCloud backup instead. If there even is one.
a) to open a specific safe?
b) to implement a master key that would open any safe they make?
this is the precise reason there is such an outcry, and such an immediate response from Apple.
we understand what is at stake.
politicians are the ones that are denying it.
A brute force attack on the encrypted memory is difficult because of the very secure key, so the trick is to break the 4 digit code and get the bigger key. But this might be difficult to do off device depending on where the secure key is stored and how the access method works.
Brute force decryption might be a lot easier if Apple provided a piece of the OS source code that's located on a fixed place (I presume), but maybe Apple is not willing to provide this.
The number of tries allowed and the frequency of it is determined by the program running the key entry and check on the phone, if Apple (or someone else) provides a new (boot) image that does this, the restrictions of the old (or separate) images are bypassed...
So to disagree with my comment about some people saying you can swap the NAND into another iPhone, you're claiming:
"I SAW THE BEST MINDS OF MY GENERATION..."*... who had only
high school educations, and who demanded to smoke weed while working and were just getting started at $500,000 a year... but this was on Wall Street 25 years ago brokering corporate bonds, wearing exercise clothes to work but knowing where "the bones were buried" when liquidity was at a premium and a trade was at hand. Scientists are the last to see the real money, and treated more like government mules.
Conscription is an 19th Century artifact in the USA and was settled law after the Great Civil War, but today Pharaoh still demands the slaves build pyramids, and Caesar commands the Impressors to fill the Colosseum with gladiators to satisfy their taste for power over the individual mind.
Never forget that the fight is the third of the four steps to winning:
"First they ignore you, then they laugh at you, then they fight you, then you win."
-- Mahatma Gandhi
* HOWL, Allen Ginsberg (1957)