Slashdot Mirror
DOJ Says iPhone Is So Secure They Can't Crack It
zacharye writes "In the five years since Apple launched the iPhone, the popular device has gone from a malicious hacker's dream to law enforcement's worst nightmare. As recounted by the Massachusetts Institute of Technology's Technology Review blog, a Justice Department official recently took the stage at the DFRWS computer forensics conference in Washington, D.C. and told attendees that the beefed up security in iOS is now so good that it has become a nightmare for law enforcement."
I've never been too impressed with government agencies and their knowledge of computing.
As far as I know the iphone doesn't use full disk encryption. It's not that difficult to get all the data off it.
What 'law enforcement' means is that it's not convenient to steal people's data.
Gee. The government can't spy on you using your own hardware?
This is truly frightening.
XKCD:Xeric Knowledge Comically Dispen
Law enforcement LOVES the iphone:
http://chris.pirillo.com/why-do-law-enforcement-officials-love-the-iphone/
(also article is a little too breathlessly enamored of apple: PR astroturf?)
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
It's a start.
...I've got some "moon" rocks I'd like to sell you.
Honestly, this seems like a way to trick dumb criminals into thinking their information is secure just because they use an iPhone. If this were truly the case, and the DOJ does really have problems in dealing with iOS devices, I'd expect them to remain tight lipped about it.
How long until they just resort to this?
Unless Apple started using full encryption ten minutes ago getting the data is very easy. With the help of Apple its a piece of cake and much simpler than to get data from a foreign hosted server. Hyperbole much?
Well, yes, that's what they'd like you to believe, isn't it?
I thought all you had to do was use a little social engineering and you can do what you want with the data. /ducks
-- Brought to you by Carl's JR
I think that's my new favorite phrase for the 21st century.
Why, if all them criminals and terrorists were to get iPhones, they'd just be able to blab anything they wanted all day long and there ain't a durn thing we could do to crack 'em, nope. Why, I don't know what we'd do then, no sirree. I sure hope them criminals don't all go out and buy iPhones to openly talk about crime to each other on or nothin'...
iCloud Supoena.
So, the "remote control" is uncrackable? iCloud and Siri and "location awareness" with GSM, WiFi and GPS make the security of the actual device nearly an orthoganal proposition to any enforceable protection for the user or data.
When this is so clearly a form of misdirection, I can't help but wonder the purpose of a DOJ statement like his being made public. Which perception and behaviour are they trying to influence, and by whom?
"Flyin' in just a sweet place,
Never been known to fail..."
It's BS. I can tell you how to crack iphone.
Iphone is vulnerable to side channel "emissions" based attacks. It can easily be cracked with the right equipment even if not be brute force. To say it's encryption cannot be cracked by bruteforce is true but most encryption cannot be cracked by bruteforce.
Anyone care to dispute that Iphone is vulnerable to side channel attacks?
The iPhone sports a master encryption key and DOJ has access to it.
Does Apple not have a back door in the phone? What about the carrier? Some Iphone apps have access to much of the phone's information. All in all, the article sounds like a ridiculous claim.
They will monitor the sudden increase in Iphone users..ofcourse they must be criminal.
iPhone is the most vulnerable phone out there. We hope all criminals will now use it.
Just ask Apple the password they'll give it to you : http://www.wired.com/gadgetlab/2012/08/apple-amazon-mat-honan-hacking/all/
Apple: Our phone might be secure, but our website sure isn't!
I would be very surprised if Apple could not extract any information from any iDevice through some backdoor and/or physical access to the device itself. Therefore, the DOJ only has to ask Apple to "help", and when the government asks, big companies are likely to listen. This is just another case of security through obscurity; you should not trust anything you don't fully control.
5 minutes ago I knew nothing of Apples full disk encryption. Now I find an article that states:
http://anthonyvance.com/blog/forensics/ios4_data_protection/
So I'd say I'm just VERY skeptical that the DOJ can't crack something that wasn't really designed with any security in mind in the first place. Either that, or the DOJ has nobody with any skills whatsoever.
AccountKiller
I find this story incredibly unlikely for some reason...
They are appealing to the crooks to use the platform since Apple gave them all the keys...
TFA and TFS should be modded +5 Funny.
One suspects that there are back doors all over the iPhone, in addition to the various apps that have access to remarkable amounts of stored material and regularly send it home (or elsewhere). Otherwise its alleged impenetrability would hardly be promoted by law enforcement. It's like Brer Rabbit pleading "please don't throw me in the briar patch".
Those who can make you believe absurdities can make you commit atrocities. - Voltaire
Either that, or the DOJ has nobody with any skills whatsoever.
Or they'd like criminals to believethat they can't pull data from an iPhone.
My God, it's Full of Source!
OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
I look forward to Ovie Carroll's next few breathless announcements:
"Hooh, boy, that YouTube is soooo secure, a person could sign up for an account using their real name and home address, then post videos of them committing crimes online and law enforcement would never ever be able to track them! Honest!"
"You know where the safest place to hide stuff is? Underneath the welcome mat at 950 Pennsylvania Avenue, NW in Washington, DC. Really! We did a study and figured out that once that mat is pushed down on top of something, whether it's drugs, cash or big file folders full of industrial secrets, there's NO way that any one can get into it."
"My biggest nightmare is someone committing a crime, then emailing a detailed confession to ovie.carroll@usdoj.gov. Once something gets into those email tubes it's IMPOSSIBLE to get it back out and figure out what happened. Really. You can trust me. I'm with the government."
I think it's a honeypot statement meant to draw perps to iOS, LOL.
I'll start really trusting iOS once Apple receives some Common Criteria certification. For the issues Blackberrys may have, RIM does at least take (data) security seriously:
http://us.blackberry.com/business/topics/security/certifications.html
Maybe iPhones are 'secure', and maybe they're not, but at the very least I'd like some third party checking. Considering that in March we had a story that said just the opposite, colour me skeptical:
http://apple.slashdot.org/story/12/03/27/212254/
First of all TFA is about how difficult it is to grab plaintext from a whole-disk encrypted drive. From what i know, the iphone is NOT whole-disk encrypted.
Secondly, the same could be said about any android phone which employs whole-disk encryption.
Thirdly, this talk from BlackHat2012 seems like an interesting reading to acompany TFA https://viaforensics.com/mobile-security-category/blackhat2012-zdziarski-ios-application-hacking.html
But more importantly than all of the above, i think it's naive to assume Apple doesn't have the master key for every iDevice. When the govermernt comes knocking, if you base your security to just the basics apple gives you, you're pretty much screwed.
I hate to be that Android fanboy, but Android has full OS encryption, which is much harder to crack
So TFA says "iPhone security used to be terrible, but is now much better," and your response is basically, "No it's not: here's a 2 year old article that says that iPhone security is terrible." You haven't exactly disputed the article.
-- Two men say they're Jesus. One of them must be wrong. - Dire Straits
After all, they know what terrible security looks like from 2006
http://washingtontechnology.com/articles/2006/03/17/government-gets-nearfailing-grade-on-fisma-scorecard.aspx
Join the Slashcott! Feb 10 thru Feb 17!
I didn't draw this conclusion at all. From the actual article it states initially the drives weren't encrypted at all so the flash dump lead to completely accessible contents. Now the flash dump is encrypted but the key is in flash memory which is simply locked by a pin. Even with a fully AES encrypted drive, you can brute force that with the standard 4 digit pin in 15 minutes. The hard part is not working out the AES key the hard part is brute forcing the pin sitting in the front which leads to the AES key sitting in standard flash memory. Yes a longer pin takes longer (55 days for the 8 digit pin) but one can imagine emulating the entire flash dumped iphone in software and parallelizing that just to pull out the key from bruteforcing the pin..
-avi
Since the 3GS, the iPhone uses full disk encryption -- but instead of requiring an externally provided key (provided, e.g., by hashing a password), the key is stored on the device and automatically used to decrype data whenever data is requested from the device. The encryption system exists to enable the instant "remote wipe" feature (which is accomplished by simply deleting the key stored on the device), but does nothing to prevent anyone from accessing data on the phone if it is not connected to the network once they acquire physical control of it (or if the user is prevented from issuing a remote-wipe command, as might well be the case if the seizure of the device is concurrent with the user's arrest.)
I have a hard time believing that the DOJ can not crack the iPhone. They are either full of shit or actually telling the truth. I can only assume it is a little bit of both.
Have they not spoken with the hackers that discovered Jailbreaking? They are well known and can be reached rather easily.
Even though I own a few MacBook Pros, I have never wanted to own an 'i' product. However, if the DOJ is this fucking stupid then maybe an iPhone is in my future.
"That's right...I said it."
DOJ Says iPhone Is So Secure They Can't Crack It
I dropped mine off the balcony to the pavement below. It seems that it is very easy to crack an iPhone.
So I'd say I'm just VERY skeptical that the DOJ can't crack something that wasn't really designed with any security in mind in the first place.
That was an iOS 4 bug/misfeature, not a weakness in the hardware encryption.
Last time I checked, the government can't lie. It can only deny.
Now that's funny. I can shatter mine.
“He’s not deformed, he’s just drunk!”
The DOJ wants crooks to rush out and buy iPhones instead of Android phones, so that they can track and eavesdrop on them.
Excuse me, but please get off my Pennisetum Clandestinum, eh!
In other words, AES-256 encryption is still secure. This shouldn't really come as a surprise to anyone.
Or, they're cops and they don't want to have to go through the bother of getting a warrant when the phone is 'obviously in plain sight and thus immune to the regular rules of search and siezure'.
Understanding the scope of the problem is the first step on the path to true panic.
No need to hack an iphone in order to get a users data if you are law enforcement. A subpoena (or perhaps even less than that) would get you all the information you need from apple's iCloud. I said "perhaps even less than that" because there's been numerous articles over the last few years highlighting the fact that your data stored in a third parties' datacenter is not protected by your civil rights.
"it has become a nightmare for law enforcement." Why would they want to crack it in the first place?
Can somebody explain how if the iPhone is so uncrackable/breakable that Apple can still export it? I seem to recall some kind of PGP problem where exporting something that was too secure was a violation of US laws. Or maybe I'm mixing reality with a bad Nicholas Cage movie, which is entirely possible.
https://www.accountkiller.com/removal-requested
And you haven't exactly disputed the article either. Just because it's 2 years old doesn't mean it's not accurate.
I have several IOS devices, and the only "password" you can put into it is the simple 4 character unlock code. You should certainly know that all encryption is based on keeping something secret that's very difficult to guess. If the only secret you're keeping is a 4 digit key, you're completely hosed to brute force attacks.
AccountKiller
would that still be a misdirection?
Oh, I see, anything which is said in favor of iPhone security is "reverse psychology", anything critical of iPhone security is "speaking truth to power".
You guys crack me up.
That sort of says it all. Private communications that resist being intercepted by the cop shop are their worst nightmare. That is pretty sick. I will suggest that if people had a real clue as to what goes on around them society might grind to a dead halt.
I hear so many mixed messages about iPhone security.
On one hand, with later models using full-disk encryption it seems like there are some aspects of the phone that are encrypted well enough that you might not be able to get into them easily. I have one app that even advertises its ability to encrypt data stored in the app providing the phone was full-disk encrypted (pre-iOS4 3GS devices upgraded to iOS4 didn't have full disk by default; you had to blank them and restore to get it).
On the other hand, we hear about third-party forensics tools that claim to be able to snarf data simply through a local connection, and then there's all the jailbreaking, etc. which would seem to bypass or at least make some of that security questionable.
Which is it?
Does anyone know the current status of DoD certification for the iCrap devices? Last time I checked, only Blackberry and some Android were DoD approved. iOS noticeably absent.
If you wanted to snoop on cell phones, would you advertise which cell phones
you really could not crack?
So we know it's true.
Unbelievable BULLSHIT
Last time I checked, the government can't lie. It can only deny.
Sorry, incorrect. Go watch "Don't talk to police" on YouTube. Required viewing for US residency.
My God, it's Full of Source!
OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
Wrong agency to care. I'm sure the CIA are ones that'd be doing cracking work given their history with encryption and the awesome monument to encryption that sits in front of the CIA central HQ.
How can anyone believe anything coming from this corrupt, lying Obama administration agency. These people have nothing but contempt for the American people.
Maybe you should look into iOS security a bit more. In Settings, sitting right there under General -> Passcode Lock, is a setting to switch between the 4-digit pin (aka: 'Simple Passcode') and a full, alphanumeric, arbitrary-length passcode.
Humor
"A person is smart. People are dumb, panicky dangerous animals and you know it." - K
Amen!
In the US, this is another example of political correctness gone overboard.
What the old saying about people not learning from mistakes in the past are bound to repeat them in the future?
Then again...look at Germany, banning most anything Nazi connected....I believe similar type bans happen in other EU countries too?
But seriously....this is a part of US history, and should not be suppressed. I remember seeing old Bugs Bunny cartoons...people got blown up into 'blackface'....if they even show these episodes on tv, these parts are usually edited...
Why? This is part of history, and people should know what attitudes were publicly held and presented to see how much we've changed over the years.
Light travels faster than sound. This is why some people appear bright until you hear them speak.........
So if I wanted to store something in the cloud and only I would have access to it then I would encrypt it and send the encrypted information to the cloud rather than sending the raw text or allow some other company (Apple, or whomever) to encrypt it in transit and store using their own key.
The cloud is great for storing and retrieving information, but unless you control the key then what's the point. Then again would they even allow information that's been encrypted to be re-encrypted again?
Settings -> General -> Passcode lock -> Simple Passcode OFF
You can create a password that is noticeably longer and uses non numeric characters.
You have several iOS devices , security conscious, and never looked into what simple Passcode off did?
"There is no real right or wrong, just what the majority accepts at the time."
Absolutely wrong. iPhone supports complex passwords, and this setting can be forced if the phone is tied into, say, ActiveSync. It is trivially easy to make your phone use a strong password, you just don't know how.
LOL Thanks, that was great!
I'm pretty sure the government can only lie. Maybe you are thinking of some government other than the U.S. government?
Whereas when I was at school the British Empire did nothing but bring peace and civilisation to mankind. Even the wars with the Maori in New Zealand were spun as a success story. It took my uncle living in Australia to tell me that the Aborigines were treated like dirt and were systematically wiped out by the British settlers.
From scarped cliff or quarried stone she cries "A thousand types are gone, I care for nothing, no not one."
Settings -> General -> Passcode Lock -> set "Simple Passcode" to "Off".
But the ECHR does, which is why the Right in the UK want out of the EU. (Incidentally, typo alert - you mean "populace". "Populous" means "with many people". Another spellcheck fail, like brakes/breaks.)
From scarped cliff or quarried stone she cries "A thousand types are gone, I care for nothing, no not one."
Google is your friend. Before you show your ignorance, verify it first with a simple search.
nt
Nice try, DoJ.
Government:
"Oh you're iPhones are SO SECURE... I bet we could *never* crack them (wink). Go ahead, continue to put all your personal data and data about your family and closest friends in your iPhone. And if you have any sexually compromising photographs of yourself doing scandalous things with your friends, your pets, and your friends' pets those are DEFINITELY safe..."
Most people use the standard 4 digit pin, this pin unlocks the keys to the encrypted FS.
With physical access to the phone, one can brute force a 4 digit numeric pin in about 20mins. The brute force has to be done on the phone itself, because you can't access the keys directly, but rather the API of the crypto chip. So you boot your brute force boot image via DFU mode. This of course bypasses any wipe on X failed attempts settings that might have been set in iOS.
Alphanumeric PINs are a PITA, so I'd suggest using a 7 or more digit numeric PIN. This is done by turning off simple passcode and then entering a passcode with only numbers (dispite the full keyboard). When asked for the passcode again to unlock the iPhone will give the normal numbers keypad. (Telling a hacker that your pins only uses numbers, but also make your life much easier).
I do know that, which is why I have a long, complex password on my iPhone. (The fact that you do not know this is possible points out that you still know nothing of Apple's security.) You are committing the equivalent of submitting an article from 1995 as evidence against someone claiming that computers are faster today than they were in 1995.
-- Two men say they're Jesus. One of them must be wrong. - Dire Straits
My girlfriend has cracked hers twice, and she doesn't know the first thing about hacking. A 3' fall onto the sidewalk works almost every time.
That's how how FDE usually works. The standard OS access control system controls which users can request data.
It is true. You can even have the artificial security of manually encrypting a file. However, the file is stored completely unencrypted in backups. And furthermore, you have no iOS encryption AT ALL, unless you put in a security code on the device.
What I don't get is: why don't they go after the data in the "cloud". Police should really be oiling their supoena-sending machines instead of spending time on virtually uncrackable crypto. From Skype, Steam and 3 email accounts (including Google), police could with good certainty know if I was at home or at work at a certain time, by looking at the IP address. If I'm out and about, If I was better at posting to Facebook, they could get geotagged images from my phone. Sometimes I listen to radio streamed over IP, and then they could even know when I go to the toilet (because I pause it). On Android phones, contact information is synced with Google. For legal investigations, where police can get subpoenas, it seems that they have a great future full of useful information ahead. Authorities outside of the US may have more trouble.
I have several IOS devices, and the only "password" you can put into it is the simple 4 character unlock code. You should certainly know that all encryption is based on keeping something secret that's very difficult to guess. If the only secret you're keeping is a 4 digit key, you're completely hosed to brute force attacks.
FYI iOS hasn't been limited to a 4-number password and has been able to use a long, variable-length alphanumeric passcode for over 2 years now, with the release of iOS4. If you used an Apple iPhone config utility to set policies (meant for enterprise, but any user could download the tool), you could use alphanumeric passwords 3 years ago under iOS 3.x.
You can use a more complex passcode that is as long as you want and contains more than just numbers - but it's optional. In settings -> general -> passcode lock, turn off "simple passcode."
Why, no, I haven't meta-moderated lately. Thanks for asking!
And that's the problem - by default, it's a 4-digit pin. You can enable a more complex passcode that can be longer and include other characters, but that option is turned off by default.
Why, no, I haven't meta-moderated lately. Thanks for asking!
Now the law enforcement agencies will actually have to follow the law, and get a warrant to tap someone's phone. They'll have to go through a judge, be clear on what they're looking for, and actually stop monitoring them after they're done collecting evidence.
What's the world coming to? Soon they'll have to stop holding people without trial, and even respect the bill of rights in regards to illegal search a seizure!
Excellent Brer Rabbit reference. Made me go look up why Song of the South is nearly unavailable these days. I enjoyed it as a child.
Sorry, but gray text on gray background is making my eyes bleed.
Sure they can. Police lie all the time. Only idiots still believe what you said.
But Apple products can't get viruses, obviously.
Oliver's law of assumed responsibility: If you're seen fixing it, you will be blamed for breaking it.
First, it means that there have been no cases where an iPhone has been hacked and then used as evidence in a public criminal trial. This is self-evident, because if there had, people would instantly respond to this that: "this is all nonsense, it happened in the case of XYZ". The DoJ hence saves us the trouble of searching to find out.
Second, it means that hacking into an iPhone is nontrivial. This is self-evident, because if it was trivial, you would have two dozen security analysts saying that hacking an iPhone is the easiest thing in the world and the DoJ sucks ass for supposedly not being able to. The DoJ hence saves us time again.
Third, it is likely indeed the case that there is nothing the NSA (and by extension, the DoJ) cannot crack given time. But if they were to actually DO so in a public trial, it would completely negate this statement. That means that at least for a while they CANNOT do so in a public trial.
Fourth, public trials are the norm for almost all crimes.
Conclusion: If you are a mid-level criminal doing something that would likely get you tried in a public trial, you should use an iPhone, because the DoJ either cannot or will not (doesn't matter to you) hack into it and use it as evidence.
The problem is that those shows were made for children, and broadcasting them now means that some number of children, especially younger children, are going to see them (probably over and over, if the parents DVR them). And the last thing we should be doing is broadcasting cartoons with racist jokes in them to those children. When they get older, and are mature enough to understand why its a bad thing, then they can get it from Pirate Bay if they really want to watch it.
OTOH -- when E.T. was "revised" by removing the agents' guns from their hands, I was mortally offended. Showing the out-of-control three-letter-agencies chasing down poor defenseless citizens (kids!) was actually a great thing, and the whitewashing of removing their guns was totally uncalled for. If you love your kids, watch the original version with them.
Excellent. Although I'm surprised Apple didn't use some proprietary encryption into which they would have built a backdoor for the government to use.
Liberty in your lifetime
Dept obviously joking
Where in the article does the DOJ say iPhone is so secure they can't crack it?
The speaker for the DOJ makes a comment about whole disk encryption, but not about iPhone specifically:
'"I can tell you from the Department of Justice perspective, if that drive is encrypted, you're done," Ovie Carroll, director of the cyber-crime lab at the Computer Crime and Intellectual Property Section in the Department of Justice, said during his keynote address at the DFRWS computer forensics conference in Washington, D.C., last Monday. "When conducting criminal investigations, if you pull the power on a drive that is whole-disk encrypted you have lost any chance of recovering that data."'
And there is a quote from some digital forensics woman:
"“There are a lot of issues when it comes to extracting data from iOS devices,” Amber Schroader, CEO of forensic software developer Paraben, told Technology Review. “We have had many civil cases we have not been able to process for discovery because of encryption blocking us.”
Your friend in the other room already told us everything. This is your chance to come clean and maybe get a lighter sentence.
Everyone knows Black Don't Crack! Can't say that about the white one.
From what I see (and I have looked), iPhone security is not that great. The argument in TFA about "pull the plug and you cannot decrypt anything anymore" is bogus. I mean, it is a phone with a battery and a power-jack. Put it in a shielded case with power and you do not need to "pull" any "plug". And for a few hours a classical and cheap tin-can should just do fine. There are some types of evidence that forensics needs to stabilize under time-pressure, mobile phones are just one more instance of that.
What I really suspect is this is a push to have people trust their phones more, maybe even for secret stuff that can then be harvested by the intelligence community. Zero-days in iPhones cannot be that hard to find if you can throw some money at the problem. It is also possible that criminals are not trusting their iPhones at this time, and this is an attempt to make them do so.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
http://www.geek.com/articles/news/michigan-police-can-scan-all-of-your-phones-data-in-less-than-2-minutes-20110421/
What a load of crap.
But I'm sure this will filter far enough into the mainstream to affect the purchasing decisions of a few million retarded apes.
I wonder how much it costs to get the DOJ to endorse your stupid product?
Don't talk to police.
sysadmins and parents of newborns get the same amount of sleep.
Wrong, american audiences are offended. The rest of world is not offended by this B-series film.
And frankly speaking, if Song of the South is banned, then they should also ban Gone with the Wind and the Adventures of Tom Sawyer. Stupid country, unable to cope rationally with your past.
Let me make get this straight. You're making the case that firstly, the choices of one of the most famously image-sensitive and litigious multinational entertainment megacorporations in the world reflect on the values held by the US; and secondly, that the US is somehow unusually unable to cope with its history?
The first contention I shouldn't even have to address. What you've claimed is like saying that because the Church of Scientology is headquartered in the US, the Church of Scientology is typical of American religious beliefs and legal practices--and to the extent that most Americans don't sue people who publicly disagree with them or believe that their personal conflicts are because of an intergalactic genocide, that's a hasty generalization to say the absolute least. Moreover, does the fact that Disney also operates significantly in other countries reflect by-and-large on the sociopolitical identities of those countries?
On the second contention: you yourself have said that Gone With the Wind and Tom Sawyer should be banned under Disney's rationale. If the US is as unable to cope with its history as you claim, why hasn't that happened? Last time I was in Middle School, which was less than a decade ago, I read Huckleberry Finn, which is an even more controversial book. A media system that is constantly comparing current military actions to the Vietnam War, a public that broke previous documentary viewing records with Ken Ken Burns' The Civil War, a Juvenalian, liberal press that spares no expense to remind American nationalists of Manifest Destiny all don't sound like features of a country unable to cope with its history to me, especially as compared with say France, a country which tasks a government-backed academy with maintaining the "purity" of the French language and wouldn't allow Animal Farm to be published without name changes because a pig in the story was named Napoleon; or Japan, where many elected officials continue to deny the Nanking Massacre. Since I've torn down what I think was your only bit of evidence, I must ask what motivates you to claim the United States as a country is exceptionally sensitive to its darker history.
http://en.wikipedia.org/wiki/Self-incrimination#United_Kingdom_law
Which is neither here nor there, just another anal retentive proclamation from Big Blue.
It definitely cracked me up
Best reason yet to get an iPhone and contract.
Give Eric 'Hitler's Son' Holder the FINGER. Hope for ENMASS SUICIDE at DOJ and WH in November just like the Bundestag April 1945.
War On
Don't worry Obama. The 'pieces' will be picked up and disposed of in a suitable landfill in Maryland.
A Good Soldier Never Leaves a Good Man Behind ... the Bad Man is something quite else.
In My Sight. But not for long. :)
But no banana! I'll keep my blackberry, thank you.
Okay, can't watch the youtube video(blocked due to limited bandwidth here), but it let me onto the infowars site.
750M rounds is 2.5 rounds per person in the USA, yes. However: Scare tactics are being used.
First, it's for training ammunition - my training/qualification for the year is at well over 500 rounds between pistol and rifle(~half each). I'm not DHS, but it should be a clue as to how many rounds it takes to train&qualify somebody. It's often an annual requirement.
Second - it's a 'purchase UP TO' order, up to 70M rounds/year, between all winning parties, for a 5 year contract. NOT 'planning to buy 750M rounds of ammo'. Going by the contract, that's a MAX of 350M. The minimum order in a year is 1 lot of 1k rounds. In these sorts of contracts they list the maximum possible they expect for each item - for example, a big purchase of .40S&W handguns, a shift to .357 Sig, whatever. .223 is well represented, though I wonder that they aren't shooting NATO 5.56 spec rifles(the difference is about a human hair; doesn't matter much in training I guess). Going by my figure, a max order of 70M rounds would let you dual-qualify ~140k people. Office types trained 'just in case' would use a bit less ammo, SWAT types far more. A quick search shows 160k employees in DHS. Or maybe it's 188k employees AND 200k contractors. Whatever. I doubt they're going to be qualifying EVERYONE anytime soon, and probably don't plan to short of some crazy doomsday scenarios.
Third - "including 357 mag rounds that are able to penetrate walls." - just about ANY handgun self defense caliber is fully capable of penetrating a wall while remaining potentially lethal. It's a simple fact that a human body, which self defense rounds generally have to be able to completely penetrate to be considered effective, is more difficult to penetrate than 2 sheets of drywall. You want to go back to yea old days - when the .357 was developed, the standard was actually penetrating a car windscreen with a maximum deflection such that you'd still hit the driver. 9mm, btw, is 'normally' powerful enough for this, though you might need 2 shots(not as big of a deal for a semi), but this was back when we were still issuing revolvers to police. While we're at it, the contract also lists rifle calibers - .223, .30-06, and .308; all far more powerful than .357.
In other words, it's a big hoopla over just about nothing.
I don't read AC A human right
"I have several IOS devices, and the only "password" you can put into it is the simple 4 character unlock code."
Settings --> Passcode Lock --> Simple Passcode --> Off
Now you can go crazy if you like...
Erm, if you have no password set encryption is pointless. "Wow encryption! How do I decrypt?" "Turn it on?"
What would be the point?
- "Scientia non habet inimicum nisp ignorantem"
5 minutes ago I knew nothing of Apples full disk encryption. Now I find an article that states:
http://anthonyvance.com/blog/forensics/ios4_data_protection/
So I'd say I'm just VERY skeptical that the DOJ can't crack something that wasn't really designed with any security in mind in the first place. Either that, or the DOJ has nobody with any skills whatsoever.
Well how do you figure any device could use encrypted data if it couldn't decrypt it on demand?
FDE protects offline data, access controls protect online data. Duh.
They dont need to crack it. They just do a deal with Apple and they have all the info they need from a single source.
A quick calc shows that he was 'only' earning $178k/year if he was indeed successful in hiding the 2.5M, instead of actually NOT HAVING IT. Given that he'd have likely gotten at least $1M back(50-50 split, $500k in legal expenses/held property), that's only $107k/year, for a premier lawyer. If he truly lost all the money(possible at this point), he LOST $71k/year. He'd be better off paying the money and just working a few more years.
I figure that one of the reasons they let him go is the increasing probability that he lost the money, and even if he stole it that the 'time served' would exceed the penalty. Heck, you can get a 'mere' 7 years for 3rd degree murder in the state.
I don't read AC A human right
Rediculous argument. By your logic you can't trust any encryption, because "Company X" gave the government the keys.
- "Scientia non habet inimicum nisp ignorantem"
DOJ wouldn't be stupid enough to make a statement like this, unless they want criminals to use more iPhones.
Well there are apps that use the encryption system on the device to encrypt files individually. These files do not get encrypted without a passcode enabled, even if you think that they might. I'm referring to those apps that claim to provide you with a secure place to store your naughty texts, pictures, files, contacts, etc. Unless they use their own encryption, they aren't secure once the device is unlocked, or backed up, or if the device was never locked.
In the age of doublethink, I smell a rat as it crumbles like a house of cards. Checkmate.
Isn't this as good as the DOJ asking crims/terry-wrists/pedo's to use the phone? Y'know, the whole "art of war" thing, "when you are weak, you must appear strong, and when you are strong, you must appear weak".
I'd say that the DOJ has an Apple supplied reader and decryption key at the ready. They may, or may not have a similar device for Andriod, Windows or BB devices, but for sure they have one for Apple devices.
There is no way they would or should give away thier weaknesses.
On the other hand, never put down to conspiracy what can be attributed to incompetance.
Cavaet Emptor.
Q:I was listening to a CD in Grip and it sounded horrible! What's up? A:Perhaps you are listening to country music
Comment removed based on user account deletion
XRY is a software that is able to access your iPhone and Android data even when encrypted. The latest version does even more for the iPhone 4S and iPad2. But there not commenting on it. There's more information on the technology used in this case.
http://www.forbes.com/sites/andygreenberg/2012/03/27/heres-how-law-enforcement-cracks-your-iphones-security-code-video/
I have no doubt that the encryption is neigh uncrackable (or at least too much trouble to bother)...
However, considering the Key to that encryption is a 4 characture limited set, which 90% will be the persons birthday or something stupid, I highly doubt it would withstand any concerted attack.
If they want in there, they are getting in. Might take a couple of days, but it is hardly "uncrackable".
They are simply saying the technology (i.e. the encryption) is strong, not the implemetation of that technology. This is not even considering whatever backdoors Apple may have built into the thing to circumvent for this vary reason.
Apple already helps a few forensic businesses pull data from iOS devices. One popular example is Black Bag, who provide software (and expensive training) for law enforcement.
pure, unadulterated, horse shit.
The most pure thing coming out of the DOJ in years !
But their many contractors have no problem at all !
Wow... the US makes official propaganda statements just like the good ol' USSR, North Korea and China.... Sorta warms your heart to know we keep such good company.
DoJ is essentially inept. Look at Fast and Furious, Philly Black Panthers, voter fraud stance, see how leadership is all politics, with no idea what to do. It would make sense that DoJ does not know how to crack a device. Go ask NSA, or better yet, a smart 23 year old hacker.
The DOJ *SAYS* it cant crack it. This ploy has been around since Enigma.
they tracked me and about broke my door down.
were given to doj by apple for this endorsement?
http://www.denvermacrepair.com/iphone/iphone6.jpg