Slashdot Mirror

← Back to Stories (view on slashdot.org)

McAfee Says He Lied About iPhone Hacking Method To Get Public Attention

Posted by timothy on from the the-greater-good dept.

blottsie writes: McAfee, who founded of one of the first companies to offer antivirus software, claimed on CNN and Russia Today, as well as in a Business Insider column, that he could bypass the advanced encryption protecting the phone without Apple's help. But he lied in these interviews, he said in an interview with the Daily Dot, to "get a shitload of public attention."

17 of 171 comments (clear)

  1. Yes by blueshift_1 · · Score: 5, Insightful

    Obviously. Move along.

    1. Re:Yes by Penguinisto · · Score: 4, Insightful

      Translation from McAfeeSpeak:

      "I made it all up to sound big, bad, and awesome... but now with the FBI really interested in doing just that, well..."

      --
      Quo usque tandem abutere, Nimbus, patientia nostra?
    2. Re:Yes by Anubis+IV · · Score: 5, Informative

      Ayup. The only thing noteworthy about the earlier press was the fact that he was being taken seriously, despite pulling stunts along these lines for years. The guy wants the spotlight and yearns to be seen as relevant. That time is long-since past, if it was ever here at all.

    3. Re:Yes by ISoldat53 · · Score: 4, Funny

      There goes his opportunity for a job with the FBI/DEA.

    4. Re:Yes by Misagon · · Score: 4, Insightful

      That said. I trust him more than Donald Trump.

      At least McAfee came clean and admitted that he had been lying instead of trying to perpetuate the lie and throwing insults at anyone who questions him.

      --
      "We mustn't be caught by surprise by our own advancing technology" -- Aldous Huxley
    5. Re:Yes by Darron_Wyke · · Score: 4, Insightful

      Hell. With his lovely little South American adventure, any sort of reputation he had before is gone. Not so much burned gone, but covered in napalm and salted-the-Earth-for-good-measure gone. Anything he does now is just an attention grab.

  2. So, he's a lying asshole... by jcr · · Score: 5, Insightful

    Can't understand why he's not as popular as Trump, Sanders, or Clinton. He's doing the same things they are!

    -jcr

    --
    The only title of honor that a tyrant can grant is "Enemy of the State."
    1. Re:So, he's a lying asshole... by Penguinisto · · Score: 5, Funny

      We expect politicians to lie. Geeks, not so much (well, unless they're also vendors, but...)

      --
      Quo usque tandem abutere, Nimbus, patientia nostra?
    2. Re:So, he's a lying asshole... by bluefoxlucid · · Score: 5, Informative

      It's John McAfee. Okay, so maybe it was believable; but if you're honestly surprised by the follow-up, you haven't been paying attention. This is a guy who posted a video on Youtube where he talked about banging underaged girls and smoked a bunch of meth.

      McAfee isn't out to defraud people; he's just out to be a loud caricature. I'm sure some day he'll say something serious in a sensational and ridiculous way; I'm equally sure he'll keep saying things that sound serious and then turn out to be just noise, because that's what he does now. He doesn't get attention because people believe him; he gets attention because he's interposed himself into a situation and drawn attention to himself, and we all recognize the act. You *can* play off that act honestly, but it's not a requirement.

      --
      Support my political activism on Patreon.
  3. Re:McAffee admits he did something to get attentio by NotInHere · · Score: 5, Informative

    He is trying to get attention by being honest? That's brand new it seems.

  4. Shocked by Caitlin2013D · · Score: 5, Funny

    I'm shocked, shocked to find that gambling is going on McAfee lied here!

  5. Maybe he's lying about lying to get attention by JoeyRox · · Score: 5, Funny

    And so he really can crack the iPhone's security.

  6. He can't even get the pronunciation of his own nam by HeyBob! · · Score: 4, Informative

    Mc-Afee not MAC-A-fee

  7. Re:President by supremebob · · Score: 5, Informative

    The big difference between him and most politicians is that he's willing to admit when he's lying. Someone like a Trump or a Clinton would just say that they were just being "misunderstood", or that the media "took them out of context".

  8. Re:McAffee admits he did something to get attentio by Midnight+Thunder · · Score: 4, Insightful

    He is trying to get attention by being honest? That's brand new it seems.

    He is being honest about being dishonest!? Is that a redeeming attribute? - confused-

    --
    Jumpstart the tartan drive.
  9. it's not personal attention that he wants by Gravis+Zero · · Score: 5, Interesting

    he's trying to bring attention to the issue, that the FBI is trying to fool everyone into thinking they cannot crack an iphone.

    “That video, on my YouTube account, it has 700,000 views. My point is to bring to the American public the problem that the FBI is trying to [fool] the American public. How am I going to do that, by just going off and saying it? No one is going to listen to that crap.

    “So I come up with something sensational,” he continued. “Now, what I did not lie about was my ability to crack the iPhone." ...

    Later in the interview, McAfee described his method, which involves “decapping” the phone’s processor and acquiring the device’s unique identifier (UID), that may allow someone to brute force the phone’s password

    he's not wrong either. a grad student explained this in a blog post from October 2014.

    Why Apple's iPhone encryption won't stop NSA (or any other intelligence agency)
    excerpt from the post:

    If Apple did their job properly, however, the UID (device encryption key) is completely inaccessible to software and is locked up in some kind of on-die hardware security module (HSM). This means that even if Eve is able to execute arbitrary code on the device while it is locked, she must bruteforce the passcode on the device itself - a very slow and time-consuming process.

    In this case, an attacker may still be able to execute an invasive physical attack. By depackaging the SoC, etching or polishing down to the polysilicon layer, and looking at the surface of the die with an electron microscope the fuse bits can be located and read directly off the surface of the silicon.

    Since the key is physically burned into the IC, once power is removed from the phone there's no practical way for any kind of self-destruct to erase it. Although this would require a reasonably well-equipped attacker, I'm pretty confident based on my previous experience that I could do it myself, with equipment available to me at school, if I had a couple of phones to destructively analyze and a few tens of thousands of dollars to spend on lab time. This is pocket change for an intelligence agency.

    Once the UID is extracted, and the encrypted disk contents dumped from the flash chips, an offline bruteforce using GPUs, FPGAs, or ASICs could be used to recover the key in a fairly short time.

    --
    Anons need not reply. Questions end with a question mark.
  10. Re:Yes or No? by tlambert · · Score: 4, Informative

    Therefore, a change to iOS is capable of altering the 10-strikes rule on their devices, and that's what the FBI is asking Apple to do.

    Yes. Except one thing.

    Loading a recovery image requires putting the device in *Recovery Mode*, and that's a hardware DFU mode whereby you talk to a small piece of firmware whose only job is to overwrite the Flash contents.

    It doesn't load shit into RAM and run it in order to overwrite the flash contents while preserving data: it's a *RECOVERY* mode, not an *UPDATE* mode. It's what you do as a last resort, assuming you backed your crap up to the iCloud, because if you didn't, that shit is *gone*.

    To do an *UPDATE* without overwriting the user data portion of the flash contents, you talk to the *ptpd*, which implements the DFU protocol at a higher level, in user space. How do you do that? Well, first, you have to make the ptpd willing to talk to you (or iTunes). How you you do that?

    You UNLOCK the frigging phone.

    So to load the image that the FBI wants Apple to write for them, and then to load, you'd have to unlock the phone to enable you to unlock the phone.

    Cluebat here. Knock knock knock... is that you, head? Yeah, there's two DFU implementations in the iPhone. What? You didn't know that? Well now you do. Yeah. Yeah. We can write the image you want us to write, and then we can load it onto the iPhone, but to do that, it will wipe out the very data you seek. What? No, we can't make monkeys fly out our ass... I think you are confusing us with Jim Carrey in that movie "Bruce Almighty".

    People really do not understand technology... especially technology designed to prevent exactly the type of thing the FBI wants done.