Mark Minasi's Tech Forum
Sign up Calendar Latest Topics
 
 
 


Reply
  Author   Comment   Page 1 of 6      1   2   3   4   Next   »
wobble_wobble

Avatar / Picture

Associate Troublemaker Apprentice
Registered:
Posts: 910
Reply with quote  #1 
So what are peoples opinions on Apple being asked to allow the FBI access an iPhone 9.
http://www.rte.ie/news/2016/0217/768635-apple-fbi-san-bernardino/

I'm curious about US opinion on the issue.

My own opinion.
The software that allows the proper legal authorities access devices potentially involved in acts of violence against civilians to further necessary investigations as allowed by a court of our peers should be available.
I don't really care about the general population. I won't get the software, or the kit necessary to deploy the new software.

I've seen too much fall out from terror attacks, too much pain from personal attacks that go against general public acceptance as judged by us and our peers to not support the FBI request and the Court judgement.

So what say the rest of you noisey bunch?

__________________
Have you tried turning it off and walking away? The next person can fix it!

New to the forum? Read this
0
Infradeploy

Avatar / Picture

Senior Member
Registered:
Posts: 167
Reply with quote  #2 
To me that sounds like you have to put an extra door in your house, and the police are the only ones that have the key. Just to let the police in to look for stolen stuff on a random basis.
__________________
Have SpaceSuit, Will Travel

0
jsclmedave

Administrator
Registered:
Posts: 473
Reply with quote  #3 
Is the FBI asking them to crack this phone only or from now on (via an update for existing versions) provide a built in backdoor..?



__________________
Tim Bolton @jsclmedave
Email: [string](0..20|%{[char][int](32+('527377347976847978324785847679797514357977').substring(($_*2),2))}) -replace ' '  

New to the forum? Please Read this
0
wobble_wobble

Avatar / Picture

Associate Troublemaker Apprentice
Registered:
Posts: 910
Reply with quote  #4 
Ton
No I disagree.
The device needs to go to the declared techie lab for the authorities where the chain of evidence is kept. And in that environment the OS is side loaded.
Or the backup is restored.

To use your own conext.
We've already allowed the bad guys come in uninhindered.
Surely the betters guys should have some aids.

__________________
Have you tried turning it off and walking away? The next person can fix it!

New to the forum? Read this
0
wobble_wobble

Avatar / Picture

Associate Troublemaker Apprentice
Registered:
Posts: 910
Reply with quote  #5 
I believe they are asking for this phone to be opened.
Apple have gone nuclear and claim all phones will have a backdoor.

__________________
Have you tried turning it off and walking away? The next person can fix it!

New to the forum? Read this
0
nick

Avatar / Picture

Still Famous
Registered:
Posts: 89
Reply with quote  #6 
If anyone really believes that the FBI or <insert government agency of your liking> really only want a backdoor version of IOS for their own use, you have to be off your game.

If you create a backdoor, of any kind, both the GOOD and BAD guys will eventually get access.   The problem is....

Who are the good....   and who are the bad guys...

Apple are 100% right.

__________________
Nick Whittome | NTES Limited | Personal Blog | New to the forum? Read this
0
Infradeploy

Avatar / Picture

Senior Member
Registered:
Posts: 167
Reply with quote  #7 
This is one of the rare occasions I agree with Nick [wink]
FBI in this case is shortsighted and in for the short haul. Long term effects could be devastating.

__________________
Have SpaceSuit, Will Travel

0
wobble_wobble

Avatar / Picture

Associate Troublemaker Apprentice
Registered:
Posts: 910
Reply with quote  #8 
Nick

The request is not for a back door. And I'm not looking for a back door, nor supporting a back door.

But surely during the investigation of a crime, law enforcement agencies show have additional tools when requested?
If I encrypt a hard drive for a customer, Trend/ PGP (God rest your soul)/ Bitlocker/ Checkpoint etc...
And am then requested to decrypt the laptop, by that same customer, am I installing a backdoor?
What if I'm asked to decrypt the laptop by the CTO? Have I installed a backdoor?

The judgement file or at least the best copy I can find untl I find the court document
https://assets.documentcloud.org/documents/2714001/SB-Shooter-Order-Compelling-Apple-Asst-iPhone.pdf



__________________
Have you tried turning it off and walking away? The next person can fix it!

New to the forum? Read this
0
nick

Avatar / Picture

Still Famous
Registered:
Posts: 89
Reply with quote  #9 
@Infradeploy
I didnt think we disagreed? [wink]

@wobble_wobble
Honestly. If you really believe that Apple would put out a public post like that without a serious fight and research into the consequences of potential security risk, then I have no idea what to say to you. This is a very dangerous and slippery road... Terrorism is being used as the excuse, but its not the reason they want this access.

__________________
Nick Whittome | NTES Limited | Personal Blog | New to the forum? Read this
0
wobble_wobble

Avatar / Picture

Associate Troublemaker Apprentice
Registered:
Posts: 910
Reply with quote  #10 
Nick

It will always be a dangerous and slippery road, because life evolves, changes and adapts.

The phrase itself has origins from the early 1900's.
An interesting read on slipper slopes and my question - http://www2.law.ucla.edu/volokh/slippery.pdf
At least read the first few pages.

We demand, want and expect so much more every generation.
Yet, the policing forces are almost always reactive to the changing world. We're seeing it in this country as well with regard to other issues and policing.

Yes Apple don't want to be the people to be seen to cave in. They are looking at the negative publicity, down turn in profits that could potentially escalate from been seen to cave in to requests. As well as the security risks.

What are the security risks that, the worst case could expose me to?
First off, before even going to the phone manufacturer looking to get access to the device, the police go to the mobile provider and ask for the following:all phone records, inbound and outbound, all SMS messages inbound and outbound and the contents of the messages.
The amount of internet data pushed thru the data connection and potentially the IP results for the last 10 to 60 days.

Then they can go to Cloud Providers and ask for their data:
Google - https://www.google.com/transparencyreport/userdatarequests/countries/
Microsoft - https://www.microsoft.com/about/business-corporate-responsibility/transparencyhub/fisa/
Apple - http://www.apple.com/privacy/transparency-reports/
Couldn't find AWS easily.

Now all of these providers talk about encryption, layered defenses, best in class,  and certifications that I can make alphabets from.
They have webinars on attack surfaces and why you should trust us...yet they publish the records.
Interesting overview - https://www.eff.org/who-has-your-back-2014

So to the potential info protected by the encryption on my phone

My damn phone remembers my contacts, my birthday reminders and my passwords.
It gives me access to my bank account (after I generously donate lumps to the government) as well as some funny web sites - KCCO.
It has photos of my kids, my family, servers and switches on sites.
It has notes, ideas for business, text messages (nothing of real interest I've been married too long)
It has my government assigned ID numbers/ references and my travel plans.
Most recently it now has where I was, how fast I got there, how long I stayed there.
Even remembers where I parked, football matches that my son has an interest in.

Do I want it to remember all of this - ideally no.
Do they give me an option to really turn it off, yes I mean turn it off off. 
Yes they do - don't carry a smart phone.

Am I concerned if I loose all of the above information - in reality no. I'll still have ten fingers, ten toes, food in the fridge, bills paid and the ability to go to the BTSB every 120 days and donate.

I do have the potential to loose some money from my bank account, it the person who steals it also has the three bits of info my bank makes me remember.
All the rest - its saved to the cloud, go back up a few lines and they can get it all.

So what can they not get from getting a warrant and asking the "cloud" for my data?
My user name for some applications that I may use a throw away email address for:
Potential Tinder matches (0, fecking sad), snapchat messages from random people I somehow met in a pub (who tf are you?) and all the other random social media stuff people accumulate.

So not a lot of point, in my world.

So we go more security conscious and I don't use dropbox/ onedrive, iCloud to backup my data/ info.
Interesting question, can one turn off iCloud backup on an iPhone?
And if you can, considering what Apple do and don't do, can I trust them to turn off the backup?

If I follow AWS best practice and encrypt everything, then I have a tiny enclave I carry with me, that potentially has some info not known anywhere else in the world.
But its all hand typed, otherwise its on a pc/ laptop and the CIA probably have it already.
I use a VPN/ Proxy/ TOR to access an anonymous email service and don't save anything to my phone. 
So I've gone to lengths to hide my secrets.

If I'm a law abiding citizen, have I a fear of the government getting this data, no.
If I'm a law abiding citizen, have I a fear of a criminal getting this data, yes. But if they are determined enough to want what I have, they have easier ways to get the information they need that steal my smart phone, steal some nifty firmware and hack my phone.

There is a risk everywhere, with everything - life is a dangerous and slippery road.

If large corporations, whose driving force is to make money for share holders, are standing up protecting personal security on their manufactured devices, who then is the policing force?
If large corporations, whose driving force is to make money for share holders, are standing up protecting personal security on their manufactured devices, who then is the Judiciary in our countries?

Will Apple/ Google/ Microsoft take over and be a better police force or judiciary?

Am I mad to think its a good idea as Tim Cook describes it - no.
But how many marketing people, lawyers, business advisers, lawyers, PR people composed that letter.
Am I mad to think its a good idea as the Judge described it - I think not.

Interesting read on the technology involved and discussion on the case - http://blog.trailofbits.com/2016/02/17/apple-can-comply-with-the-fbi-court-order/



__________________
Have you tried turning it off and walking away? The next person can fix it!

New to the forum? Read this
0
Mafervus

Grumpy Old Men
Registered:
Posts: 34
Reply with quote  #11 
it is a slippery slope, but i honestly don;t believe there is a better way currently to handle it. this process is similiar to what is required to get a warrant to search one's property. Can it abused, certainly, but at least it creates a paper trail and some visibility. The sad part is that any of this is required, and the the reason for this is people who believe the only solution to their problems is to kill as many human beings as possible.
__________________
The problem with troubleshooting is that trouble shoots back. ~Author Unknown
0
jsclmedave

Administrator
Registered:
Posts: 473
Reply with quote  #12 
Honestly to me, the pessimist, I think its all smoke and mirrors for publicity... I mean how may Hollywood actors or Pro Sports figures have had their iCloud hacked by jilted ex spouses or psycho fans?  Your telling me that the FBI cannot do it OR that Apple isn't already assisting..?

On the News we are hearing the version Apple wants to hear, they are the Hero Of The Day..!  Their phones are SO secure..!  Hell even ISIS is saying "Damn we all need to buy these phones!"

Meanwhile in the back office probably weeks if not months ago,,, Apple: "Here you go..."  FBI: "Thank You!  We will not tell anyone that you helped us..."

I see it as another up-side to having a wonderful Nokia 1520 Windows Phone..!   No Apps..? No Worries..!  I have what "I" need to get my work done and it's secure...










__________________
Tim Bolton @jsclmedave
Email: [string](0..20|%{[char][int](32+('527377347976847978324785847679797514357977').substring(($_*2),2))}) -replace ' '  

New to the forum? Please Read this
0
cspanburgh

Avatar / Picture

Senior Member
Registered:
Posts: 252
Reply with quote  #13 
 When bad people abuse freedom, we all lose it.
__________________
Curt Spanburgh
0
wobble_wobble

Avatar / Picture

Associate Troublemaker Apprentice
Registered:
Posts: 910
Reply with quote  #14 
Quote:
Originally Posted by jsclmedave




I see it as another up-side to having a wonderful Nokia 1520 Windows Phone..!   No Apps..? No Worries..!  I have what "I" need to get my work done and it's secure...











LOL

But the Windows Mobile operating system is supposed to be the most secure.
I wonder is that the reason for the feature.

__________________
Have you tried turning it off and walking away? The next person can fix it!

New to the forum? Read this
0
donoli

Senior Member
Registered:
Posts: 598
Reply with quote  #15 
Surely, The FBI can make as many clones of the phone as they need.  Then their password attempts wouldn't be limited to 10. 
0
Previous Topic | Next Topic
Print
Reply

Quick Navigation:

Easily create a Forum Website with Website Toolbox.