Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


Filter this topic showing only the reply marked as answer View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 | 3 | 4 | 5 | 6
3077 posts

Uber Geek
+1 received by user: 1624

Subscriber

  Reply # 1494930 18-Feb-2016 13:47
Send private message

The FBI is wrong, and hopefully will ultimately lose or the appeals will drag on so long as to make it irrelevant that that particular model of phone can be backdoored. What's really good is it will push Apple and other companies to ensure that in the future phones are engineered in such a way that makes this impossible or next to. Apple have already started this with secure enclave, hopefully it will spread. 

 

 

 

 





Information wants to be free. The Net interprets censorship as damage and routes around it.

 

Thinking about signing up to BigPipe? Get $20 credit with my referral link.


2125 posts

Uber Geek
+1 received by user: 608


  Reply # 1494941 18-Feb-2016 14:03
Send private message

gnfb:

 

A question for "the clever ones" Is what they are saying that the apple phone is unhackable true? or is it just a blow up and posturing by Apple and the FBI?

 

 

I would have thought the existing security would have prevented installing a new version without already having the passcode? (except doing it from DFU mode which will erase all data).

 

If iOS can be updated without the passcode, this seems like a pretty big security whole already.

 

Am I missing something?


 
 
 
 


Try Wrike: fast, easy, and efficient project collaboration software
483 posts

Ultimate Geek
+1 received by user: 286

Trusted

  Reply # 1494942 18-Feb-2016 14:07
Send private message

gnfb:

 

A question for "the clever ones" Is what they are saying that the apple phone is unhackable true? or is it just a blow up and posturing by Apple and the FBI?

 

 

Think of it this way, too many wrong guesses at the PIN and it deletes the data. So the FBI has provided a list of protection measures Apple must disable to allow the FBI to brute force guessing the PIN. Apple have not been asked to give the FBI any encryption keys, but to allow the FBI unlimited number of tries at guessing the PIN without artificially added delays.

 

 

 

 


1362 posts

Uber Geek
+1 received by user: 576


  Reply # 1494945 18-Feb-2016 14:13
Send private message

gnfb:

 

A question for "the clever ones" Is what they are saying that the apple phone is unhackable true? or is it just a blow up and posturing by Apple and the FBI?

 

 

Not so much "unhackable" as "currently unhacked"


4343 posts

Uber Geek
+1 received by user: 1871

Trusted
Subscriber

  Reply # 1494981 18-Feb-2016 14:35
Send private message

BlueShift:

 

gnfb:

 

A question for "the clever ones" Is what they are saying that the apple phone is unhackable true? or is it just a blow up and posturing by Apple and the FBI?

 

 

Not so much "unhackable" as "currently unhacked"

 

 

 

 

Maybe. Interesting question: assume the NSA already have knowledge of an exploit that either lets them bypass the anti-guessing protections in the OS (so they can submit as many guesses as they like as fast as they like), or weakens the encryption itself (so they can break it in usefully less than brute force time). How serious does the situation have to be before they would risk compromising that by assisting the FBI to decypher it?

 

Second interesting question: would they share that knowledge with us, another 5 Eyes state?





iPad Air + iPhone SE + 2degrees 4tw!

These comments are my own and do not represent the opinions of 2degrees.


2484 posts

Uber Geek
+1 received by user: 535
Inactive user


  Reply # 1495114 18-Feb-2016 17:37
Send private message

jonathan18:

 

dickytim: Court ordered is different

 

Why?

 

 

Would have hoped I wouldn't have to spell this out, but hey.

 

It isn't simply a government saying "you will do this" it will have been debated and considered.


2484 posts

Uber Geek
+1 received by user: 535
Inactive user


  Reply # 1495116 18-Feb-2016 17:40
Send private message

nigelj:

 

dickytim:

 

nigelj:

 

Linuxluver:

 

I'm trying to tie this story up with what happened when my wife found an iPad at Auckland Airport. 

 

I called Apple and the iPad hadn't been registered by the user. The user also had not enabled Siri so I wasn't able to do the "Who owns this iPad" question by holding down the Home button. 

 

Apple told me to take it to police and have the police call them and they would help the police identify the owner.....presumably by giving the police access to the device.  

 

 

 

 

 

 

Two different things, Police can call up Apple and say "We have found a device with serial number XYZ, we need to make reasonable attempts to return this lost property, can you help", Apple can in turn look up Apple IDs that have signed into the iPad recently (especially if said iPad is a trusted device on someone's iTunes account) and contact the owner directly.   No 'breaking in' required.

 

What the FBI are requesting is that Apple replace the copy of iOS on the phone with one that gives the FBI the ability to use a digital lockpick. That is wrong.

 

I hope Apple can find a way of winning this battle.

 

 

Why is it wrong that Apple put this firmware on a specific device of a mass murdering criminal, your moral compass must be really out of whack.

 

 

As others have said, it sets a nasty precedent, and it also makes the signed code that made it happen desirable for a lot of people that aren't going to be honest with it if they find a way to possess it.

 

What stops the FBI asking that Linux distributions carry backdoors to LUKS, Microsoft to code backdoors to Bitlocker, Google defeating their Full Device Encryption mechanism?

 

Think what you will of me (and know that you are wrong), but my opinion is, if this goes ahead, it's a bad mark for information security which has become critically important.

 

 

My comments were a bit harsh and should have been more questioning the collecting moral compass all around when the rights of a criminal supersedes the rights of law enforcement and the people in general.

 

Would people be happier if Apple (whom I assume can already do this) opened up the phone?

 

I for one want any information contained in the hands of law enforcement so they can potentially capture more of these scum.


4343 posts

Uber Geek
+1 received by user: 1871

Trusted
Subscriber

  Reply # 1495131 18-Feb-2016 18:00
Send private message

No need to be questioning everybody else's moral compass, especially not if you are then going to go on and label other people scum. The arguments against decryption have little to do with the rights of this criminal and everything to do with the rights of everybody else. The simple fact of the matter is that this very idea does far more harm than good.




iPad Air + iPhone SE + 2degrees 4tw!

These comments are my own and do not represent the opinions of 2degrees.


2484 posts

Uber Geek
+1 received by user: 535
Inactive user


  Reply # 1495136 18-Feb-2016 18:20
Send private message

SaltyNZ: No need to be questioning everybody else's moral compass, especially not if you are then going to go on and label other people scum. The arguments against decryption have little to do with the rights of this criminal and everything to do with the rights of everybody else. The simple fact of the matter is that this very idea does far more harm than good.

 

 

 

I sir disagree with your standpoint and stand by calling these people scum.


483 posts

Ultimate Geek
+1 received by user: 286

Trusted

  Reply # 1495151 18-Feb-2016 19:00
Send private message

dickytim: I sir disagree with your standpoint and stand by calling these people scum.

 

 

bfranklin: Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety.

 

It is as if the great war on terror will only be declared at an end once all freedom has been given up.

 

hgoering: All you have to do is tell them they are being attacked, and denounce the peacemakers for lack of patriotism and exposing the country to danger. It works the same in any country.

 

 


4343 posts

Uber Geek
+1 received by user: 1871

Trusted
Subscriber

  Reply # 1495158 18-Feb-2016 19:17
Send private message

Careful; you're now skirting pretty much the only iron-clad rule on the forum.





iPad Air + iPhone SE + 2degrees 4tw!

These comments are my own and do not represent the opinions of 2degrees.


854 posts

Ultimate Geek
+1 received by user: 125


  Reply # 1495159 18-Feb-2016 19:19
Send private message

dickytim:  Would people be happier if Apple (whom I assume can already do this) opened up the phone?

 

I for one want any information contained in the hands of law enforcement so they can potentially capture more of these scum.

 

 

Apple used to have a method of opening up phones/bypassing PINs, they got slaughtered with "Please hack this phone" requests by law enforcement, that is why they implemented Full Device Encryption refer to the likes of http://arstechnica.com/apple/2014/09/apple-expands-data-encryption-under-ios-8-making-handover-to-cops-moot/

 

So the issue becomes, the only way that the data can be obtained is by obtaining the correct passphrase - just like LUKS or Truecrypt or any other FDE method.  So no, Apple just can't magically backdoor the FDE they'd need to do it the same way that the FBI wants to do it.

 

A couple of interesting things, apparently there is a hardware enforced minimum 80ms delay between possible PIN entries, I'm not sure how correct this is, but if correct, anyone want to place bets on if iPhone 7 (or the iPhone 7S since the 7 is apparently near) will contain a new TPM chip that'll magically move more of this enforcement (including the TouchID bricking) out of the firmware and onto hardware?

 

(actually I'm feeling lazy so not going to edit that previous para, but this is interesting from the Ars article:)

 

The passcode is entangled with the device’s UID, so brute-force attempts must be performed on the device under attack. A large iteration count is used to make each attempt slower. The iteration count is calibrated so that one attempt takes approximately 80 milliseconds. This means it would take more than 5 1⁄2 years to try all combinations of a six-character alphanumeric passcode with lowercase letters and numbers.


2484 posts

Uber Geek
+1 received by user: 535
Inactive user


  Reply # 1495176 18-Feb-2016 19:25
Send private message

To clarify my position, if Apple could open up this one phone, or a very specificly court ordered cases, without giving a group the tool to do this, or creating something that doesn't exist i think they should.

By far the sounds of the letter they have already done everything bar creating this tool.

Talk DIrtY to me
4246 posts

Uber Geek
+1 received by user: 2270

Trusted
Subscriber

  Reply # 1495178 18-Feb-2016 19:31
Send private message

nathan:

 

 

 

just pointing out that 6 digit PIN is a lot lot harder to crack than a 4 digit.  I've stopped using 4 digit some time ago

 

 

If my maths is correct, a six digit PIN gives 10^6, or a million possible combinations. That wouldn't take a computer long to try all the combinations.


4343 posts

Uber Geek
+1 received by user: 1871

Trusted
Subscriber

  Reply # 1495180 18-Feb-2016 19:42
4 people support this post
Send private message

dickytim: To clarify my position, if Apple could open up this one phone, or a very specificly court ordered cases, without giving a group the tool to do this, or creating something that doesn't exist i think they should.

By far the sounds of the letter they have already done everything bar creating this tool.

 

 

 

The universe does not work that way. There is no such thing as a door that only the good guys can open. There isn't even an objective definition of a good guy. Maybe it's OK for the FBI to unlock the phone of a woman who shot a whole bunch of people in public. But the same mechanism will let the Chinese government unlock the phone of a woman who wants a democratic government, or a Russian hacking gang to open your phone to steal your banking details.





iPad Air + iPhone SE + 2degrees 4tw!

These comments are my own and do not represent the opinions of 2degrees.


1 | 2 | 3 | 4 | 5 | 6
Filter this topic showing only the reply marked as answer View this topic in a long page with up to 500 replies per page Create new topic



Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

IBM leads Call for Code to use cloud, data, AI, blockchain for natural disaster relief
Posted 25-May-2018 14:12


New FUJIFILM X-T100 aims to do better job than smartphones
Posted 24-May-2018 20:17


Stuff takes 100% ownership of Stuff Fibre
Posted 24-May-2018 19:41


Exhibition to showcase digital artwork from across the globe
Posted 23-May-2018 16:44


Auckland tops list of most vulnerable cities in a zombie apocalypse
Posted 23-May-2018 12:52


ASB first bank in New Zealand to step out with Garmin Pay
Posted 23-May-2018 00:10


Umbrellar becomes Microsoft Cloud Solution Provider
Posted 22-May-2018 15:43


Three New Zealand projects shortlisted in IDC Asia Pacific Smart Cities Awards
Posted 22-May-2018 15:14


UpStarters - the New Zealand tech and innovation story
Posted 21-May-2018 09:55


Lightbox updates platform with new streaming options
Posted 17-May-2018 13:09


Norton Core router launches with high-performance, IoT security in New Zealand
Posted 16-May-2018 02:00


D-Link ANZ launches new 4G LTE Dual SIM M2M VPN Router
Posted 15-May-2018 19:30


New Panasonic LUMIX FT7 ideal for outdoor: waterproof, dustproof
Posted 15-May-2018 19:17


Ryanair Goes All-In on AWS
Posted 15-May-2018 19:14


Te Papa and EQC Minecraft Mod shakes up earthquake education
Posted 15-May-2018 19:12



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.