Likes: This whole thing is crazy, respect to Apple for their stance.
Faceplams: 0
Super Moderator
This whole thing is crazy, respect to Apple for their stance.
Active Member
Some of us actively try to get special attention so that we can get infected by the NSA and then study the infection just like malware.Originally Posted by allegro
I can almost guarantee that you are in xkeyscore. Just mathematically, the "2 hop" association puts most people in it. Personally, I am 1 hop away from nearly a dozen targets. I don't know if posting together on ETS counts as a hop, but you are welcome to connect with me on facebookI've been meaning to run a FOIA on myself. However, I just had lunch with <person from active target list> and said he was concerned about FOIA because of all that resulting info becoming public record. This is especially concerning for people who have some level of publicity. You ever FOIA yourself?
Last edited by DigitalChaos; 02-21-2016 at 01:30 AM.
Active Member
The story on this has advanced: http://www.buzzfeed.com/johnpaczkows...overnment-cust
cliffnotes:
- Apple points out that a backdoor probably wouldn't be needed if the iCloud password wasn't reset after the FBI got their hands on the phone. (the phone was pushing full backups to icloud, which the FBI can get with ease)
- SB County's IT people were blamed for resetting the password completely on their own. (not sure if the blame came directly from FBI, or from press being confused)
- Later, SB County tweeted that they only reset the iCloud password because the FBI asked them to.
- Later, the FBI confirmed this to be true with a "but that doesn't stop Apple from making our backdoor!"
- The FBI's court filing completely glances over the fact that the FBI fucked this up. There are multiple instances in the court filing that fit this pattern of lame ass covering.
Next time the govt complains about the "Going Dark" problem, remind them that things might not be so dark if they didn't poke their own goddamned eyes out.
I have a feeling this is going to keep getting uglier and much more info will come out. This is also really interesting to watch unfold being that most of the public talks about how much control the govt and big corporations have over eachother. You can't get much bigger than Apple.
Last edited by DigitalChaos; 02-21-2016 at 01:33 AM.
Bite me
Nah, I'm anonymous for a reason, LOL.Some of us actively try to get special attention so that we can get infected by the NSA and then study the infection just like malware.
I can almost guarantee that you are in xkeyscore. Just mathematically, the "2 hop" association puts most people in it. Personally, I am 1 hop away from nearly a dozen targets. I don't know if posting together on ETS counts as a hop, but you are welcome to connect with me on facebook
Active Member
And how do you plan on getting past Secret Service with that rifle, chief?
Back on topic, very interested in to see where this case goes next week.
tempus est umbra in mente
I swear I'm going to slap the next person I hear bitching about how Apple is sympathizing with terrorists. I'm going to see if I can make time to head out to one of these protests on Tuesday
Active Member
Throbbing Member
http://www.maximumpc.com/john-mcafee-we-are-20-years-behind-china-and-russia-fbi-apple-iphone-san-bernardino/
Holy hell this shit is scary and very concerning. Most of this is news to me.
I had absolutely no idea about some of the things you guys talked about earlier and had to look most of it up.
I thought I was fairly competent on some of this stuff but in reality I'm completely ignorant about all of it.
I'm glad I read this thread.
The article I linked above is a compelling read.
Here is some stuff I found to be interesting.
Tuan: Why is the FBI not hacking the iPhone itself? Why does it need Apple to do it?
McAfee: I don't believe the FBI has the capacity to do so. I think our government is illiterate in cybersecurity for the following reasons:
Number one, it's become a massive bureaucracy, where no one is ever fired—you're just promoted. And the technology departments are out of date; they do not keep up with changing technology. And they have a life time job so, why should they care? Number two, they will not hire the only people who can help them; that is the hackers of the world.
And why? Have you ever been to Defcon or Hack Miami or any hacking group? Well you see what people look like. Mohawks a half mile high, pierced ears, face tattoos. And every one of them is going to demand that they smoke weed on the job. Now, the government isn't going to hire those people. But I promise you, if you went to China, or Russia, and knocked on the doors of the Kremlin or the equivalent in China, and said, "I'm the world's greatest hacker, will you hire me," they'll say absolutely! And you say "Well wait a minute, I need to smoke weed," they'll say "Perfect, we'll put you in the basement and you can smoke as much as you want." Why? Because they're smart! We're stupid.
We want everybody to look like the bureaucracy. To wear a three-piece suit, polish your shoes, blue tie, and look and act like everyone else. Well that's not hacking. And that is not creative. And it does not create a society that can keep up. We're twenty years behind the Russians and Chinese.Tuan: So do you think the Russians and Chinese already have the tools to decrypt the iPhone?
McAfee: That's common knowledge in the hacking community—absolutely. And not just decrypt the phone! The Chinese and Russians have the ability to bring our society to its knees. With the push of a button, the Chinese can terminate our electrical production and put us permanently without power. This is a known fact in the hacking community. We are so far behind that it's incomprehensible that we still call ourselves a world power.
Tuan: I read your piece on the OPM mission, and it said that the other countries easily penetrated our security systems. Out of all the possibilities, how high of a priority would it be to get access to our phones?
McAfee: I would say that it's extremely high. And in fact, I guarantee you, that the Chinese and Russians are praying on their knees now, that Apple gives in. In fact, they probably would pay a hundred billion dollars to Tim Cook to cave in. Why? Because it would get them total access, total control, to everything in America.
Now the FBI thinks that they have it. But the FBI and the NSA don't even have the data reduction capacity. Sure they can tap everybody's phone, but there's so much data they can't refine and use it. Trust me. The Chinese can. They're that far ahead. So, they would love for Apple to cave in. They would love for a federal judge to say, "Yes, [Apple], do this," because that means they just won the cyberwar. Why? Because every man and woman in America, carries [a smartphone].
Tuan: There seems like there's a big gap in terms of America's cyber-warfare capabilities. You're running for president, but it seems like cybersecurity is a non-partisan issue. What sort of advice would you give to the Democrat and Republican nominees?
McAfee: I would give them minus numbers! Here's an example. I explained the Apple situation, that backdoors are the worst things we could ever do. We stopped using backdoors in the nineties—for anything, any purpose whatsoever. Because hackers immediately got access to them, and caused havoc. He wants to boycott Apple, to force Apple to put backdoors in their software. And he's running for president! It shows, an unbelievable lack of understanding, of the technology of cybersecurity. In a world where if you do not understand that, and we are approaching a cyberwar, why are you running for president?
Bite me
I love this advice:
Tuan: Do you have any advice for our readers and the public in general. How should we secure our phones and laptops and desktops?
McAfee: Don't worry about your laptops and desktops. There are very few people who hack these anymore. On your smartphones, every time you download an app, look at the permissions that it asks for, and read them. And if it's a Bible reading app, and late at night you're too tired to read, and you turn the lights off and you ask it to read Genesis to you... all it needs is access to the microphone. Let's face it. And if that app, and all of them do, ask permission to [access] the camera, to read your emails, to read your text messages, to make phone calls on your behalf, to read your contacts, then don't use that app. I don't care how good the app is. That's my advice. That's how we screw ourselves, every time.
Bite me
DOJ would allow Apple to keep or destroy software to help FBI hack terrorist's iPhone
The Obama administration has told a U.S. magistrate judge it would be willing to allow Apple Inc. to retain possession of and later destroy specialized software it has been ordered to design to help the FBI hack into an encrypted iPhone used by the gunman in December's mass shootings in California.
"Apple may maintain custody of the software, destroy it after its purpose under the order has been served, refuse to disseminate it outside of Apple and make clear to the world that it does not apply to other devices or users without lawful court orders," the Justice Department told Judge Sheri Pym. "No one outside Apple would have access to the software required by the order unless Apple itself chose to share it."
Active Member
It really is good. The android platform gives you a lot of freedom and control over the phone, but people are lazy and can't handle freedom. Some apps ask for way too much access out of crappy coding practices and/or ulterior motives.
The advertising and retail industries contain plenty of surprising examples. I'm happy to provide citations for any of these, but here are some:
- Certain apps can listen for ultrasonic thumbprints embedded into audio of commercials on your TV, radio, or even some ads while you are on your computer. This allows advertising agencies to pair the identity of your phone with your computer and figure out quite a lot about your TV/Radio usage.
- Retail spaces are starting to track you by the wireless and/or bluetooth radios on your phones. They can tell where you went in the store and for how long you were there. Several companies then use those perks/coupon smartphone apps to then associate your phone with your identity & credit card. There are various attempts at sharing this data between stores. So now they can tell where you are going around town, when, and for how long.
If these are examples of what the commercial space is openly doing, imagine the possibilities for surreptitious actors.
Active Member
Meanwhile... Google just announced a new Android messaging app called Jibe. jibe.google.com It's based on RCS.
Deep in the RCS specs you'll find that it is designed to "allow compliance with legal interception procedures" by stripping encryption from the messaging. Fuck off google stop with all these shitty messaging apps that hand our privacy away.
People need to start DEMANDING security and privacy in the products and services they use. Apple has a long way to go, but they are leading. Other companies seem to have much less integrity.
Active Member
if only Apple could also keep/destroy the horrible legal precedent that this would set if the FBI wins.
This stuff is so fucked up that Apple has now posted a FAQ http://www.apple.com/customer-letter/answers/
Here is their answer to this one:
Could Apple build this operating system just once, for this iPhone, and never use it again?
The digital world is very different from the physical world. In the physical world you can destroy something and it’s gone. But in the digital world, the technique, once created, could be used over and over again, on any number of devices.
Law enforcement agents around the country have already said they have hundreds of iPhones they want Apple to unlock if the FBI wins this case. In the physical world, it would be the equivalent of a master key, capable of opening hundreds of millions of locks. Of course, Apple would do our best to protect that key, but in a world where all of our data is under constant threat, it would be relentlessly attacked by hackers and cybercriminals. As recent attacks on the IRS systems and countless other data breaches have shown, no one is immune to cyberattacks.
Again, we strongly believe the only way to guarantee that such a powerful tool isn’t abused and doesn’t fall into the wrong hands is to never create it.
Active Member
I understand the concern about precedent, so for the love of god, please leave that out of any answer to this question. That's not what I'm asking about. This is mostly just devil's advocate/trying to see things from both sides/get my head wrapped around this.
Apple is arguing over and over again that if they create this backdoor, it'll mean hackers WILL end up with it. Not an IF, but a WHEN. But they also keep saying that newer phones are absolutely bulletproof, and that the only reason they might be able to install a hack on this is because it's running older hardware. This leaves me with a few questions.
1) If they're already admitting that it's a matter of refusing to compromise the old phone, by their logic aren't they admitting that hackers will eventually figure out how to break into that system anyway?
2a) Couldn't the backdoor be written on offline computers, pushed to the phone, then destroyed? I'm talking fire and brimstone, industrial magnets, running the computers over with tanks...just completely obliterate any and all trace of the code that had been written.
2b) Once said backdoor was written, IF they decided to keep a copy of the code, save it as a text file on one of these supposedly bulletproof phones and store it in a safety deposit box in one of the Fort Knox-esque vaults in NY or freaking Belgium or something? Even if the physical bank is compromised, hackers wouldn't be able to get it off the phone, right? If they can, then it would prove that the encryption is already broken, making the code moot.
Just things that I've been curious about. Again, please don't bring precedent into this, because I know damn well already that it's the #1 concern.
24.24.1.1397
Thoughts on Bill Gates siding with the FBI?
Active Member
it's little more nuanced, but it's not like Gates has a strong record as a user rights/privacy advocacy.
Bite me
I agree, and at some point this is such a weird 1x situation that applies to homeland terrorism and the White House has specified that this does not apply to drug dealers or whatever, and that it is not setting precedent, that it is applying only to this one situation of trying to figure out this couple's situation in killing all those people in an act of terrorism and if they belonged to a bigger network, etc.
We live in different times, now. We may have to have the magic exploding hack that Apple uses once and then sets on fire. No, this doesn't set a precedent, it is used once it is then set on fire, the FBI or the government never takes possession of it, especially because it applies to an old iOS that will be extinct very soon. And this is a one-time situation applying to a few outlying terrorists. But I think the CIA or another division of the government needs to take over, because the FBI has already shown themselves to be totally incompetent.
I think a whole other division of the government needs to be created, and that the FBI needs to be disbanded and all of them need to be fired, actually. They're fucking useless suits.
Last edited by allegro; 02-23-2016 at 11:59 AM.
RA-MEN ROPPAI
Comprising the "old phone" has little to do with hackers (in my opinion), and much more to do with the fact that you can be forced to unlock your phone with a fingerprint but not forced to enter in your code. They are attempting to break into an iPhone 5C, if I remember correctly, which doesn't have Touch ID. You said you didn't want precedent brought up, but that's all this is, they are trying to "set" legal precedent.
As far as doing something offline, I believe that's part of the technology they're complaining about having to build. Every major change to someone's account gets authenticated somewhere/somehow by Apple servers, whether it has to wait for you to be online or whatever the case may be. I'm assuming the technology they come up with would still involve connecting to a LAN, as I doubt they would build a whole new platform with the backdoor.
Active Member
well, its the big component that everyone keeps forgetting in the national discussion.
I wasn't aware I was answer your question seeing as how you haven't asked any prior to this post. I'm certainly happy to answer questions though.
Sure, and those hackers have released tools for doing this compromising. It's these very hacker tools that the FBI has used in the past. Thing is, these hacker tools have only made it to iOS 8.1.1. Current version is 9.2.1. Shooter phone is 9.x. Pre 8.1.1, the phones were getting cracked while they were still newest generation. There is now an extremely large hurdle to cracking anything after 8.1.1. I would actually not be surprised if Apple was able to keep all of their now current products out of the reach of hackers for some time. They are already a full year of iOS versions since the last tool could crack the phone. (please keep in mind, this is only talking about a locked phone with a good passphrase and good security options enabled)
So, hopefully that leads you toward some of the bad reasons for creating such a tool.
It's also important to keep in mind just how hard it is to do this with current phones. So keep these two possibilities in mind:
1- There is the custom OS that Apple is being asked to write. I have no idea how difficult that would be for a 3rd party to do
2- There are talks of extracting the hardware key (half the puzzle) in these phones with some microscopic magic that would run north of $1mil for the first attempt, but then would be trivial after that. This would have to be redone each time Apple creates new crypto hardware though.
3- Some yet to be discovered bug/hole in the software or hardware of the phone. This is where every hacker has approached the topic. This is also why everyone says that a backdoor WILL be discovered and used eventually. It's just a question of time.
However, this is where I don't fully understand Apple... because what they are being asked to do isn't placing a hole in every version of iOS. They are essentially being asked to exploit a current hole in their phone. It's entirely possible I am missing something... but read on...
All of these things can be done, and it would be a great cost to Apple and their employees, especially to do it safely. But it still leaves many doors open. The biggest concern is that this phone still has to go back to the FBI with the custom OS on it? Remember, the FBI is asking for a custom OS from Apple so that the FBI can then guess the pin without risk of wiping the phone and to make guess attempts faster. There is very likely a huge possibility of extracting that OS right back off the phone.
Have I mentioned how completely FUCKED it would be to for a governmetn force people to do this against their own free will?
And why would they want to wipe this backdoor when they are going to have dozens or hundreds of similar requests pouring in after this when the legal precedent opens that door? Sure the FBI says Apple can keep the code and burn it, probably because the the FBI isn't the one who has to pay for the code.
There are much more secure ways of storing data than on an iPhone. However, there are also many easy ways of getting access to that data. A working backdoor is worth a LOT of money, as I've already outlined. Compromising just one of the engineers working on the project, or one of the people working physical security, or or or... Our government is already using this approach to insert bugs into enterprise equipment. It's been demonstrated on a large scale multiple times just this year. There are just way too many ways this code could be obtained.
But there are probably other concerns beyond just someone getting the custom OS code, or pulling it off a device (of which there will be hundreds of). I don't know exactly what this custom OS will look like and there may be much larger avenues for abuse that nobody realizes but Apple at the moment.
Active Member
so just as I was typing the prior post, this came out: https://theintercept.com/2016/02/23/...ocked-iphones/
Apple has objected to 12 government request to break into iPhones, just since September. Some of those phones were running earlier versions than 8.1.1 and Apple still rejected because they don't want to be forced to become an agent of law.
I was nobody. Nothing.
yup. this is what i think about it, precisely.
also @thevoid99 , why you so murderous
Bite me
Yes, but we knew that the Feds have wanted to get into drug dealers' phones and they are right, that is indeed setting precedent and making them an "agent of law enforcement."
But this is the first time two idiot Islamic terrorists have used an iPhone. I think in the entire world, because generally terrorists are too smart to use iPhones but not these two morons (who picked the husband's OFFICE as a target).
Active Member
That's exactly why it's debatable that these weren't islamic terrorists as opposed someone going postal... but ignoring that... where is the legal justification for conscripting people to build backdoors? We already have CALEA which is supposed to be the updated version of All Writs Act for computers and networks. It absolutely does not cover this request.
Obviously the FBI is arguing that the All Writs Act allows for this, but there does not seem to be any support for that claim.
Last edited by DigitalChaos; 02-23-2016 at 01:03 PM.
I was nobody. Nothing.
i have a feeling that apple will fold, even if they don't do so publicly.
they may have ALREADY folded.
Bite me
Personally, I don't think the All Writs Act does shit. I think the Patriot Act (Section 215) which is now in that stupid Freedom Act probably applies more than the fucking All Writs Act.
I STILL don't understand why they asked the employer to change the passcode. WHY THE FUCK DID THEY DO THAT? I just don't understand. It was the passcode to iCloud for backups? What the fuck was the reasoning for that? Did anybody explain?
Last edited by allegro; 02-23-2016 at 01:17 PM.
Member
Cause I'm in a very bad fucking mood. Part of me died last month and he's not coming so I'm already on edge at this point.
Active Member
Tim Cook promised to take this to SCOTUS if needed.
I'm betting a lot of Scalia haters are suddenly missing his presence, meanwhile the Scalia loving neocons who side with the FBI won't wanna talk about that. I'm now questioning the timing of the Apple v FBI situation and Scalia's death too. I'm not fully informed on everything Scalia has done, but I feel he would have sided with Apple here. Anyone disagree?
Check this out.
Source is Plum Creek Lumber Company v. Hutton (1979)
"The All Writs Act, read with the New York Telephone gloss, permits the district court, in aid of a valid warrant, to order a third party to provide nonburdensome technical assistance to law enforcement officers. It does not give the district court a roving commission to order a party subject to an investigation to accept additional risks at the bidding of OSHA inspectors."
http://www.leagle.com/decision/19791...%20v.%20HUTTON
wtf is the FBI doing?! I'm still standing next to the idea that this is a plan to push Congress into making a law that forces companies into helping. Maybe a change to CALEA or something. Patriot Act type stuff is too specific to terrorism, even though "terrorism" can be easily applied to most things.
Throbbing Member
I don't see that type of law passing Congress. The privacy rights people will have a field day. Also, I'm willing to bet that corporations would also have a problem with that law, because it's just asking for corporate espionage. There would be a back door in any phone used for communications.
Apple filed a response today. Ars Technica has an overview of their response; they're using a combination of First Amendment and Fifth Amendment rights, with a dash of "this order violates the 3 part test imposed by United States v. New York Telephone Company".
Active Member
As Granick just pointed out: This is the only case in which the FBI Director has blogged about pending litigation. This probably suggests the FBI doesn't believe the data will yield critical evidence about other subjects.
Active Member
Discussion bait:
Let's talk about how Citizens United helps Apple. It seems that much of Apple's case would fall apart if corporations weren't people. How else would a corporation have 1st and 5th amendment rights?
Posting Permissions
Reply With Quote