Slashdot Mirror

← Back to Stories (view on slashdot.org)

FBI Telling Congress How It Hacked iPhone (theverge.com)

Posted by BeauHD on from the next-in-line dept.

An anonymous reader quotes a report from The Verge: According to a new report in National Journal, the FBI has already briefed Senator Diane Feinstein (D-CA) on the methods used to break into the iPhone at the center of Apple's recent legal fight. Senator Richard Burr (R-NC) is also scheduled to be briefed on the topic in the days to come. [Feinstein and Burr are both working on a new bill to limit the use of encryption in consumer technology, expected to be made public in the weeks to come.] The disclosures come amid widespread calls for the attack to be made public, particularly from privacy and technology groups. However the FBI's new method works, the ability to unlock an iPhone without knowing its passcode represents a significant break in Apple's security measures, one Apple would surely like to protect against if it hasn't already. Just days after the FBI broke into the terrorist's iPhone, the FBI told law enforcement agencies it would assist them with unlocking phones and other electronic devices. We still do not know how the iPhone was hacked, nor do we know how many iPhones may be able to be unlocked from the hack. The FBI did tell USA Today the hack has not been used in any other case beyond San Bernardino.

20 of 346 comments (clear)

  1. Diane Feinstein by Anonymous Coward · · Score: 5, Insightful

    The queen of "laws for thee, but not for me."

    Guns? Why, those should be illegal! But I'm going to need some armed guards for myself, of course.

    Encryption? Consumers can't be allowed to have that! Now how do I configure my secure Senate email account?

    What a hypocritical cunt.

    1. Re:Diane Feinstein by ArylAkamov · · Score: 4, Insightful

      She is the QUEEN of hypocritical, scaremongering cunts. Naturally it would be her trying to limit this NEW TERRORIST CRIMINAL ENABLING technology.

    2. Re:Diane Feinstein by LynnwoodRooster · · Score: 4, Insightful

      I want to just give you a personal anecdote about terrorism, because less than 20 years ago, I was the target of a terrorist group. It was the New World Liberation Front. They blew up power stations and put a bomb at my home when my husband was dying of cancer. And the bomb was set to detonate at two o'clock in the morning, but it was a construction explosive that doesn't detonate when it drops below freezing. It doesn't usually freeze in San Francisco, but on this night, it dropped below freezing, and the bomb didn't detonate. I was very lucky. But, I thought of what might have happened. Later the same group shot out all the windows of my home. And, I know the sense of helplessness that people feel. I know the urge to arm yourself, because that's what I did. I was trained in firearms. I'd walk to the hospital when my husband was sick. I carried a concealed weapon. I made the determination that if somebody was going to try to take me out, I was going to take them with me.

      - Diane Feinstein, Concealed Weapons Permit holder. Concealed permits and firearm ownership was all fine and welcome and useful for Diane when she felt threatened, but we can't have the general public enjoying such luxury to protection...

      --
      Browsing at +1 - no ACs, I ignore their posts. So refreshing!
  2. we do not even know IF the phone was hacked by TheGratefulNet · · Score: 5, Insightful

    so we can't even talk about anything further.

    who is going to tell us the honest truth? all we get is the dishonest truth from every 'official' that speaks up about this.

    disinformation and even more disinformation. you'd be nuts to take anything on face value, given what's at stake.

    --

    --
    "It is now safe to switch off your computer."
    1. Re:we do not even know IF the phone was hacked by rch7 · · Score: 4, Insightful

      The honest truth is that nothing on Internet or phone or computer is private. You must be nuts to believe in some overhyped security illusion on inherently insecure interconnected devices.

      Ironically, what Apple has achieved is that it will not be able to fix its security issues. The exploits are going to be sold to law enforcement agencies, or just anybody ready to pay around the world, for big money and kept secret. Maybe the times when such bugs were send to vendor for free for fixing are long gone anyway, but such cases make it even worse.

    2. Re:we do not even know IF the phone was hacked by somenickname · · Score: 4, Insightful

      We also don't know if the device *needed* to be hacked by a third party. To me it looked like the FBI wanted a precedent, realized it might not get the one it wanted and then decided to back down with a, "Oh, wait, we found another way" story.

      You know it's scary times when the guy wearing the tinfoil hat is starting to seem like the most sane person in the room.

  3. More alarming than the "hack"... by TigerPlish · · Score: 5, Insightful

    More alarming than the hack is the following bit in TFS:

    [Feinstein and Burr are both working on a new bill to limit the use of encryption in consumer technology, expected to be made public in the weeks to come.]

    The "hack", as I understand, was on an 5C, which is weak by comparison to the 5S and beyond. Non-event.

    But the bit I quoted? Really? Limit what encryption consumers can have? I find that more alarming than "old-ass insecure phone got cracked."

    I hope this dies a flaming painful death before it goes anywhere.

    --
    The "Civilized World" jumped the shark ca. 1973.
    1. Re:More alarming than the "hack"... by Dunbal · · Score: 4, Informative

      Let the US shoot itself in the foot. The rest of the world will encrypt.

      --
      Seven puppies were harmed during the making of this post.
    2. Re:More alarming than the "hack"... by Anonymous Coward · · Score: 5, Insightful

      Yeah, Apple, Google, Microsoft, Blackberry, etc should all come out publicly and say
      "We will produce secure encryption for the rest of the world, however the US government has mandated that US citizens are only entitled to 2nd best, now here is a list of YOUR representatives who voted for the bill"

      If the representative were Named, Shamed and Blamed they might just loose their cushy jobs.

    3. Re:More alarming than the "hack"... by swb · · Score: 4, Insightful

      Be careful, or they will outlaw mathematics.

    4. Re:More alarming than the "hack"... by sjames · · Score: 5, Insightful

      We are not the worst! Yeah USA!

      I that really your yardstick for excellence?

    5. Re:More alarming than the "hack"... by sjames · · Score: 5, Informative

      Are you sure?

  4. Diane Feinstein - Queen of a fascist state by Taco+Cowboy · · Score: 5, Insightful

    Diane Fienstein was born in the wrong country

    She fits much more snugly in a fascist state

    --
    Muchas Gracias, Señor Edward Snowden !
    1. Re:Diane Feinstein - Queen of a fascist state by Anonymous Coward · · Score: 5, Insightful

      Then she is in the right country.

  5. am I misrememberinfg by Swampash · · Score: 4, Interesting

    or wasn't there some law about circumventing security measures on a computer device?

  6. Re:FBI hack should not be made public by xaosflux · · Score: 4, Insightful

    Because Apple helps to fund the FBI, the FBI doesn't help to fund Apple.

  7. More importantly ... by mattyj · · Score: 5, Interesting

    What info did the FBI get off the phone? I think it's generally considered that time was a crucial element in getting any meaningful info from the phone, and perhaps days or hours after the event, anything in there would be useless.

    I'm not sure anyone has yet to convince me that more encryption = more terrorism.

  8. When math is outlawed... by ZipK · · Score: 4, Funny

    Feinstein and Burr are both working on a new bill to limit the use of encryption in consumer technology, expected to be made public in the weeks to come.

    When math is outlawed, only mathematicians and those who can read their papers will have math.

  9. bash, Outlook, Photoshop, grep, awk, make by raymorris · · Score: 4, Interesting

    I could have said that more concisely as:
    --
    My last two employers needed me to use Outlook and Photoshop.
    My personal workflow uses bash, perl, grep, awk, and make.

    All of those required tools work great on my Mac, even after I've dropped it on the concrete.
    ---
    Mac is full-fledged certified UNIX, and it's corporate helpdesk approved. Where else are you going find that combination ?

    My MacBook Pro does run Linux, Windows, and FreeBSD virtual machines all the time too, though. I click whichever OS is suited to the moment. Last week, in 18 hours, we found thousands of vulnerabilities in 14 machines running those operating systems plus Cisco, so I know none are bulletproof, but I also know some are much more secure than others. (Out full vulnerability report for 14 targets was over 1600 pages long - for the exposures we found in 18 hours).

  10. Re:FBI hack should not be made public by Plus1Entropy · · Score: 5, Insightful

    As with most theoretical ethics problems, it only seems as if there is a conflict because the proposed scenario is too vague. This is why I find philosophy irritating sometimes, once you define enough details (as you would have in a real world scenario) you'll often find that the "right" thing to do is less ambiguous than it seems.

    How do we know there is a nuke that is about to go off at all, if we don't know where it is? How did we locate the person who delivered the bomb in the first place? We were tracking them closely enough to know that they planted the bomb, but not closely enough to know where? How do we know that the location and the disarming codes are on the iPhone at all? What kind of guarantees do we have that if we do get into the iPhone we can stop the bomb going off in time anyway?

    If we have a 100%, no bones about it, guarantee that gaining access to this one particular iPhone will prevent a nuke going off somewhere, then by all means, break into this particular iPhone. But you'll never have that kind of guarantee, so people will always argue that we need to be able to get into all the iPhones just in case.

    This is always the problem with this kind of reasoning, it leads inexorably to mass surveillance: "We have to watch everybody because somebody, somewhere, at some time will do something dangerous, and this is the only way to stop them." How about: most people are good, so let them be free.

    I'd rather die in a nuclear blast in a free country, than live a long life in a police state. The real fight is not to prevent deaths due to terrorism, the real fight is to prevent terrorists from changing who we are. They can only win that fight if we let them.

    --
    Only crack the nuts that crack. You don't put the ones that don't crack in the sack.