Apple confirms iOS 12's 'USB Restricted Mode' will thwart police, criminal access [u]

2

Comments

  • Reply 21 of 53
    tshapitshapi Posts: 371member
    How many people actually use usb to obtain data from there phone?  I only use usb to charge my phone. Everything else is wireless.  What this is designed to do, is impede people from hacking into your already locked phone via cable. 
    randominternetperson
  • Reply 22 of 53
    StrangeDaysStrangeDays Posts: 12,936member
    MplsP said:
    So if you play music though your Belkin adapter for an hour with the screen off, it stops suddenly forcing you to unlock your iPhone possibly while driving? That's not a good thing. This needs to be optional. Most of us don't really care if the police look at the crap on our iPhones.
    This will be annoying if CarPlay stops while you are driving. Hopefully there is a setting to disable it while using CarPlay. 
    I wish there was a way to allow legitimate law enforcement access while at the same time maintaining security. The San Bernardino shooting is a prime example - the police had a clear, legitimate and legal need to access the contents of the phone. Unfortunately, back doors and other techniques have virtually universally been hacked and abused, as others have pointed out. Even GrayShift made no attempt to ensure that their device would be limited to legitimate uses. 
    Wait, what was the legitimate need to open the San Bernardino shooters’ phones? By all accounts it was a work place shooting, and the shooters were dead. There was no pressing need, and the investigators knew it. They just wanted to use fear tactics with some of the public to coerce Apple. You fell for it. 
    ronnbonobobcornchipmwhiteMisterKit[Deleted User]icoco3designrrandominternetpersonwatto_cobra
  • Reply 23 of 53
    StrangeDaysStrangeDays Posts: 12,936member

    rob53 said:
    command_f said:
    I prefer to think of this as keeping out the bad guys. In my book, in the UK, that doesn't include the security agencies. YMMV.

    However, it's a Good Thing that Apple is doing this, the agencies should have (be given) different and better methods. Interestingly, the ex-head of GCHQ (UK's equivalent of NSA) is on record as opposing backdoors: he says they're technically difficult and and open to abuse (https://www.theregister.co.uk/2017/07/10/former_gchq_wades_into_encryption_debate/). About what has been said here in the past.

    BTW The original story is here (but it may not be accessible outside the UK):https//www.bbc.co.uk/news/av/technology-40554686/end-to-end-encryption-back-door-a-bad-idea
    Just because the ex-head of your GCHQ says backdoors are bad doesn't necessarily mean they haven't tried forcing them in, just like our NSA might be doing. Everyone watches too much TV but you have to wonder how many of the spying movies actually are based on some fact. We'll never know because I'm sure some are run without too much oversight. How much of the Bourne Identity is based on current "lawful" spying? I'd rather Apple continue to try their hardest to protect my data from criminals, advertisers, and governments who don't need to see my legal data.

    Just saw this: "Microsoft has issued a Windows 10 security update to prevent hackers from breaking into PCs using Cortana." Was this an honest bug or someone forcing in a backdoor?
    If they were sneaking in back doors, do you really think they’d publish updates for you to read about? 

    Sounds like youve been watching too much TV. 
    macxpress
  • Reply 24 of 53
    radarthekatradarthekat Posts: 3,867moderator
    MplsP said:
    So if you play music though your Belkin adapter for an hour with the screen off, it stops suddenly forcing you to unlock your iPhone possibly while driving? That's not a good thing. This needs to be optional. Most of us don't really care if the police look at the crap on our iPhones.
    This will be annoying if CarPlay stops while you are driving. Hopefully there is a setting to disable it while using CarPlay. 
    Maybe this is a dumb question, but are headphones necessarily considered 'USB?' They obviously use the lightning connector, but does the physical connection essentially branch into USB and non-USB functionality, or is it all considered USB? Regardless, it should be theoretically possible to program iOS such that it will maintain an existing connection such as CarPlay or headphones but not allow any new connections and/or terminate the permission as soon as the device is disconnected.

    I wish there was a way to allow legitimate law enforcement access while at the same time maintaining security. The San Bernardino shooting is a prime example - the police had a clear, legitimate and legal need to access the contents of the phone. Unfortunately, back doors and other techniques have virtually universally been hacked and abused, as others have pointed out. Even GrayShift made no attempt to ensure that their device would be limited to legitimate uses. 
    The question is, what is s smartphone in this context. Data transmitted out into the world via public infrastructure like the telephone lines and internet is different, in my opinion, from data stored in a personal device.  In the former it seems acceptable to give up some privacy, but the latter, a smartphone in this case, seems to me to be an extension of one’s inner mind, like the contents of a personal safe.  And so the techniques used to gain access should adhere to those used to gain access to other personal property.  A warrant and whatever techniques law enforcement can devise.

    As an example, if I manufacture a safe used to store documents written on rice paper and the safe contains a tank of water inside, and is designed to dunk the documents into the water such that they will dissolve should the safe be dusturbed or an attempt is made to access it via means other than its combination, and in fact ten erroneous attempts at the combination would also trigger the destruction of the documents stored inside, should government be allowed to force me, the manufacturer, to build in a backdoor means of opening the safe?  Same thing with smartphones.  They are digital information safes, among other utilities they provide. 
    edited June 2018 ronncornchiprandominternetpersonwatto_cobra
  • Reply 25 of 53
    bluefire1bluefire1 Posts: 1,304member
    I love Apple.
    racerhomie3gutengelwatto_cobra
  • Reply 26 of 53
    MplsP said:
    I wish there was a way to allow legitimate law enforcement access while at the same time maintaining security. The San Bernardino shooting is a prime example - the police had a clear, legitimate and legal need to access the contents of the phone. Unfortunately, back doors and other techniques have virtually universally been hacked and abused, as others have pointed out. Even GrayShift made no attempt to ensure that their device would be limited to legitimate uses. 
    Did they find any relevant information on the San Bernadino phone ? 

    Theire should never be a backdoor at all and if some exists why shouldnt the law enforcements in a bad state use it against theirt citizen ?

    Is USA a good or bad state? 

    watto_cobra
  • Reply 27 of 53
    cornchipcornchip Posts: 1,953member
    Better to be pirates...
    watto_cobra
  • Reply 28 of 53
    analogjackanalogjack Posts: 1,073member
    We’ll never know the truth about backdoors because they usually come with gag orders.
    This is not a divorce settlement, if there was a backdoor that information would be leaked, with 100% certainty.
    StrangeDayswatto_cobra
  • Reply 29 of 53
    MplsP said:

    I wish there was a way to allow legitimate law enforcement access while at the same time maintaining security. 
    The problem is that the moment Apple provides a backdoor access, the keys are not safe - even if they are only with Apple.
    edited June 2018 racerhomie3chabigwatto_cobra
  • Reply 30 of 53
    racerhomie3racerhomie3 Posts: 1,264member
    Thank You Apple.
    watto_cobra
  • Reply 31 of 53
    racerhomie3racerhomie3 Posts: 1,264member
    This will be annoying if CarPlay stops while you are driving. Hopefully there is a setting to disable it while using CarPlay. 
    You can disable it.
  • Reply 32 of 53
    tallest skiltallest skil Posts: 43,388member
    Nah that’s just conspiracy theory.
    What the fuck are you even trying to say here? Do you know what a conspiracy is? Do you know what a theory is? Do you know that the CIA explicitly created propaganda to slander that phrase?
     Apple has said clearly that they don’t have any govt backdoors and won’t put any in. They won’t do it. 
    What part of gag order was unclear? We’ve proven that they do it.
    command_f said:
    I prefer to think of this as keeping out the bad guys. In my book, in the UK, that doesn't include the security agencies.
    We know you’re required by law to say that. It’s okay. We get the message.
    rob53 said:
    Add the McCarthy witch hunts…
    Reminder that when the Russian Federation released soviet documents after the collapse of the USSR that Joseph McCarthy was 100% vindicated and everyone he listed was either an actual communist or funded by communists.
    this is supposed to be a democracy.
    No, it fucking isn’t. For fuck’s sake.
    edited June 2018 [Deleted User]gutengelmuthuk_vanalingam
  • Reply 33 of 53
    JFC_PAJFC_PA Posts: 934member
    Once the GrayKey boxes get stolen or sold off, if they haven’t already, NSA lost hacking tools to the criminals, that method is available to criminals. So blocking its access protects us all. 
    watto_cobra
  • Reply 34 of 53
    jbdragonjbdragon Posts: 2,311member
    MplsP said:
    So if you play music though your Belkin adapter for an hour with the screen off, it stops suddenly forcing you to unlock your iPhone possibly while driving? That's not a good thing. This needs to be optional. Most of us don't really care if the police look at the crap on our iPhones.
    This will be annoying if CarPlay stops while you are driving. Hopefully there is a setting to disable it while using CarPlay. 
    Maybe this is a dumb question, but are headphones necessarily considered 'USB?' They obviously use the lightning connector, but does the physical connection essentially branch into USB and non-USB functionality, or is it all considered USB? Regardless, it should be theoretically possible to program iOS such that it will maintain an existing connection such as CarPlay or headphones but not allow any new connections and/or terminate the permission as soon as the device is disconnected.

    I wish there was a way to allow legitimate law enforcement access while at the same time maintaining security. The San Bernardino shooting is a prime example - the police had a clear, legitimate and legal need to access the contents of the phone. Unfortunately, back doors and other techniques have virtually universally been hacked and abused, as others have pointed out. Even GrayShift made no attempt to ensure that their device would be limited to legitimate uses. 

    The police got nothing from that phone.  It was a work phone.  Those terrorists actually destroyed their personal phones and hdd!!!. This was never about wanting to get the phone unlocked.  This was about setting getting the court to force Apple in creating a backdoor.  Once that happens, all bets are off.   Creating a backdoorbmeans not only a security risk with hackers, but do you think the U.S. Would be the only country to get access at that point?.   You don't think China and others would request the same access?. So now you have China spying on Americans also.  You have the FBI passing how to unlock the phone to all the police and China and all the other countries can get in.  In no time that backdoor info will get out to everyone.

    All the while anyone on Android can install 3rd party encryption software not developed in this county as most aren’t and the criminals with a brain will have secure phones.   While most everyone else not a criminal will have worthless encryption.  This country is not going dark.  It’s a police paradise with all the Amazon Echos and Google Homes out there.  You’re wiring up your own house.  Everything you put on the cloud, even Apples, the police can get access to that dats.  Apple had the keys.  The police got that terrorest data which also was a whole lot of nothing.  The police don’t need every piece of data.  They’ve never had it and sure as hell should be going and digging through people’s phones which have their life all through it these days.   The government already has way to much power these days.

    i sure as hell don’t want to give up my rights in the name of security from terrorests.  Looking at a phone after the fact is almost pointless.  Just like San Bernardino, a whole lot of nothing.  The terorests were all dead.   No one was going to court.  It was a government stunt to gain easy access to iPhones.  They even said it themselves how they had hundreds of iPhones they couldn’t get access into.  All those other phones are not from terrorests.    It’s what big government wants to do to it’s citizans, spy on them.

    really want they want is to spy ion everyone in real-time.  Then key in on keyword so that you can get people before they try to so something.  Just spy on everyone and throw the constitution right out the window.


    tallest skilwatto_cobra
  • Reply 35 of 53
    Koll3manKoll3man Posts: 29member
    sflocal said:
    Meanwhile, discussions about security in the world of Android is about as loud as screaming in space.
    Android it's already covered in this situation.
    Connecting an Android phone to a computer via USB does nothing apart from charging it if the phone is not unlocked. Also if USB Debugging is not activated the phone can't receive advance comands from the PC.
    gatorguyjcs2305
  • Reply 36 of 53
    IreneWIreneW Posts: 304member
    Koll3man said:
    sflocal said:
    Meanwhile, discussions about security in the world of Android is about as loud as screaming in space.
    Android it's already covered in this situation.
    Connecting an Android phone to a computer via USB does nothing apart from charging it if the phone is not unlocked. Also if USB Debugging is not activated the phone can't receive advance comands from the PC.
    ...which somewhat irritating for us testers, but makes a lot of sense actually.
  • Reply 37 of 53
    zimmiezimmie Posts: 651member
    MplsP said:
    So if you play music though your Belkin adapter for an hour with the screen off, it stops suddenly forcing you to unlock your iPhone possibly while driving? That's not a good thing. This needs to be optional. Most of us don't really care if the police look at the crap on our iPhones.
    This will be annoying if CarPlay stops while you are driving. Hopefully there is a setting to disable it while using CarPlay. 
    Maybe this is a dumb question, but are headphones necessarily considered 'USB?' They obviously use the lightning connector, but does the physical connection essentially branch into USB and non-USB functionality, or is it all considered USB? Regardless, it should be theoretically possible to program iOS such that it will maintain an existing connection such as CarPlay or headphones but not allow any new connections and/or terminate the permission as soon as the device is disconnected.

    I wish there was a way to allow legitimate law enforcement access while at the same time maintaining security. The San Bernardino shooting is a prime example - the police had a clear, legitimate and legal need to access the contents of the phone. Unfortunately, back doors and other techniques have virtually universally been hacked and abused, as others have pointed out. Even GrayShift made no attempt to ensure that their device would be limited to legitimate uses. 
    Unfortunately, device security boils down to math, and math doesn't care if you have a warrant or not. Think of it as a simple equation: C + K = X. You know X: it's the result of the encryption. A backdoor gives you a known version of K: the key. From that, you can get C: the "cleartext" original data. Whether you have a warrant or not, knowledge of K and X lets you obtain knowledge of C.

    This gets more interesting when you think about what a warrant actually is. It's a grant from the judicial branch allowing the executive branch to break a specific law in a specific way. A warrant can't compel you to produce a key to a lock. You may not have the key. Instead, the warrant grants the police the authority to go through the lock using various other methods. For example, they may call a safecracker, they may pick the lock, or they may break down the door. All of those are ordinarily illegal to do on locks you do not own, but the warrant grants the police the authority to violate those laws. The lock doesn't know or care if the police have a warrant.

    Now, plenty of physical locks have mandated backdoors. For example, TSA approved travel locks or New York's infamous 1620 key. These are universally acknowledged in the security community to be disasters. Many TSA agents have abused their ability to get through approved travel locks to steal things from luggage. A few years ago, a TSA agent held up the keys at a press conference, and photos were taken. These photos were good enough that people were able to create files suitable for rapid prototyping allowing anyone to make their own keys to bypass TSA-approved locks. There is no reason to think a technological backdoor in cryptographic systems would be any less abused or any less subject to idiots leaking the keys.
    chabigrandominternetpersonwatto_cobra
  • Reply 38 of 53
    jkichlinejkichline Posts: 1,369member
    This will be annoying if CarPlay stops while you are driving. Hopefully there is a setting to disable it while using CarPlay. 
    I think the idea is that if USB is started while authenticated, it will continue even if unauthenticated. Apple is trying to prevent the situation where the user had authenticated the device and then have a week to get it connected to a device to crack it. Instead you have one hour since the last authentication to connect it.
    watto_cobra
  • Reply 39 of 53
    frantisekfrantisek Posts: 760member
    We’ll never know the truth about backdoors because they usually come with gag orders.
    Nah that’s just conspiracy theory. Apple has said clearly that they don’t have any govt backdoors and won’t put any in. John Gruber has talked to team leads who told him they’d quit first. Word would get out and Apple would be crucified. They won’t do it. 

    That is probably one of reason Apple try to design more and more HW parts as it give them more protection from HW backdoors.Others are of course performance, price and integration.
    watto_cobra
  • Reply 40 of 53
    joogabahjoogabah Posts: 139member
    So if you play music though your Belkin adapter for an hour with the screen off, it stops suddenly forcing you to unlock your iPhone possibly while driving? That's not a good thing. This needs to be optional. Most of us don't really care if the police look at the crap on our iPhones.
    Why would the music stop just because the phone locks?  
    watto_cobra
Sign In or Register to comment.