Slashdot Mirror
FBI Paid Professional Hackers One-Time Fee To Crack San Bernardino iPhone
There's another new wrinkle in the never-ending FBI vs Apple saga. The Washington Post is claiming that FBI did not require Cellebrite's assistance in hacking San Bernardino iPhone. Instead, the report claims, the government intelligence organization bought a previously unknown security bug from a group of professional hackers. According to the report, the hacker group provided FBI with at least one zero-day flaw in the iPhone 5c's security, which enabled FBI to circumvent the lockscreen and other security features. The bug hasn't been disclosed. FBI has previously noted that the technique it utilized in breaking into the iPhone 5c does not work with any new iPhone models (iPhone 5s or newer).
i was telling people that the FBI was lying and Cellbright did not sell them anything to do this...
Remember kids, DO NOT TRUST law enforcement. they are not there for your protection.
Do not look at laser with remaining good eye.
Sounds legit to me!
"Please do not change the lock on your door. I assure you my key with a skeleton on it is not actually a skeleton key. Trust me."
How can the evidence have integrity at that rate? I know being of an upright and legal nature is hardly a concern for Big Brother anymore but that's just crazy to me.
After all this drama, there better be some new Jennifer Lawrence nudes on that phone.
In two weeks they'll come out and say that the phone was never cracked at all and that they just wanted to set a precedent.
Just kidding, why would they lie. /s
Have you ever fallen asleep at the keybhanusdiog?
if these guys can do it, and the FBI can now do it, then ANYONE can do it. The chinese, north korea, data theives -
and the american government wants to force companies to put shit like this in their software on PURPOSE?
It was John McAfee! The FBI didn't admit it because they still want to see him eat a shoe!
Which has more power: the hammer, or the anvil?
Do the same (pay a hacker to break a giant's product) and go to jail.
jes sayin'
"FBI has previously noted that the technique it utilized in breaking into the iPhone 5c does not work with any new iPhone models (iPhone 5s or newer). "
GO GET ONE!!! (And we already broke 5s, so don't bother expecting better provacy)
So tell us great sage, who should we turn to for help against criminals, Apple?
Give them a little time - assuming the phone has actually been cracked - and they'll come out and say that they found all kinds of terrorism-related material on the phone. Then they'll start telling us that this is why we shouldn't be able to have encryption or privacy and restart the fight to get laws passed banning it, because terrorism and for the children.
After they "cracked" the San Bernardino phone the FBI publicly came out and said they would use the information they gleaned to start assisting local law enforcement agencies to crack iPhones for their cases as well. I guess that was a bold-face lie, told to make Apple look bad to their security-conscious customers who are concerned that the FBI now has the ability to crack iPhones.
I really wonder which hackers they hired... someone they are investigating, or just a dark web personal ad from Estonia. The more they say the more idiotic they sound. The FBI sounds as inefficient as the TSA and Congress. A bunch of blowhards with authority that can't get the job done properly because nobody trusts or likes how they operate. Public servants that are always at odds with the public, and never have any good news to report. Nevertheless, never getting the job done is the only job security that exists anymore.
A hack for me but not for thee!
FBI has previously noted that the technique it utilized in breaking into the iPhone 5c does not work with any new iPhone models (iPhone 5s or newer).
I wouldn't believe a single word from these assholes.
They then arrested the cracker for DMCA violations and got their money back through civil forfeiture. Whilst at the same time being able to claim they reduced computer crime and cut off funding to terrorists and strike a blow against child pornography rings.
They paid a one time fee for an exploit. That exploit could in theory work on any iPhone 5c (unpatched), and there are plenty of those waiting around in evidence lockers.
If the article stated somewhere that the FBI paid for a one-time crack only, not the exploit itself (which is stupid beyond belief for a government agency) then I'm sorry.
and a potential boon for Apple as all these customers still using last year's model now have to upgrade to this year's models!
So, McAfee was right. He really could have hacked that iphone the whole damn time... well, not him, but the hackers he hires.
Actually... are we sure he wasn't the one to hack it?
bold-face lie
I prefer my lies to be italicized...it blends in better than bold.
So they know about a 0-day vulnerability and are not protecting their country, citizens, allies? Treason!
And the information they'll provide is: "Here use these guys. Don't tell anyone who you paid."
Well, there's spam egg sausage and spam, that's not got much spam in it.
You know the director will be dragged in on the carpet by congress on the ethics of using hackers at this level.
If they paid them using gov't funds, lets hope they kept track of the funds used.
First rule of holes; When in one, stop digging.
Because encryption alone won't stop the state, who will find a way to get in somehow. Especially considering they have access to all the other data products a telecommunications device like a phone produces, without needing one.
My ism, it's full of beliefs.
Not at all. This whole thing was one big security circus. Apple got tons of free press and saved it's face, FBI got what it wanted - a precedent. An local police has a new best friend.
Only one who got fucked in this deal is you, dear tax payer.
They paid a one time fee for an exploit. That exploit could in theory work on any iPhone 5c (unpatched), and there are plenty of those waiting around in evidence lockers.
If the article stated somewhere that the FBI paid for a one-time crack only, not the exploit itself (which is stupid beyond belief for a government agency) then I'm sorry.
Actually, that was one of Apple's less-successful models in terms of sales numbers. So, I would imagine that, while there are undoubtedly some in evidence rooms, they are not as prevalent as some of the other models.
and a potential boon for Apple as all these customers still using last year's model now have to upgrade to this year's models!
The 5c was three revisions ago at this point. Do try to keep up.
Not at all. This whole thing was one big security circus. Apple got tons of free press and saved it's face, FBI got what it wanted - a precedent. An local police has a new best friend.
Only one who got fucked in this deal is you, dear tax payer.
You're so full of shit it's running out of your ears.
Apple got as much negative press as positive. Maybe more. There are a BUNCH of people that still think that Apple is marketing to Terrists. THAT kind of publicity really DOESN'T fall under the adage of "Any publicity is good publicity."
Also, the FBI got NO legal precedent. They FOLDED, right before they were going to court for that, probably because the Amicus Curiae Briefs and even some really high-up Government Officials in the Intelligence Sector in support of Apple were piling up as high as the sky, and the FBI was AFRAID of the "Precedent" they WERE going to set...
My question is: Have they said whether they found useful information on the phone? (Not that I necessarily trust them to answer that truthfully at this stage.)
A lot of people don't give a shit about this kind of minutiae.
If the 5C were hacked, what, if any, information did they obtain from the phone. People assumed and led to believe that Cellurite provided the exploit, now we hear that is not the case at all.
So, was the phone's security actually breached or not? And, given the similarity between the 5C and 5S, it should enable Apple to compare differences in the HW and SW to identify the possible vulnerable areas. That is, of course, assuming that a breech did occur and the exploit only works on the 5C.
Notice the FBI hasn't said what, if anything, it found on the phone. They are probably keeping tight-lipped because they found nothing, and don't want to be known as the organization who raised a giant stink over nothing.
As likely as not a bald-faced lie to make Apple look good. They can probably hack into any Iphone now, but made a big show about a legal case against Apple and now to buy an exploit into an almost obsolete phone as a distraction. People especially bad actors will stay with Apple thinking they are secure.
Apocalypse Cancelled, Sorry, No Ticket Refunds
Keep in mind that the exploit could be as simple as brute forcing the PIN and cutting the power after each unsuccessful attempt: http://blog.mdsec.co.uk/2015/0...
At the machine's rate of one PIN every 40 seconds, that's only about 111 hours to brute force a 4 digit PIN.
while completing that task too.
Do try to keep up.
And the benefit in doing that would be...?
A shill? They asked for a one time use decrypter, to access a phone. They got one, specially designed for the one phone. Now, it still cannot be used as evidence, or a ploy for investigation. They, meaning the FBI, got what they paid for. Now they will have to find someone smart enough in the fbi, to do the same, Just because they have the phone open now, does not mean its fbi good evidence, what has the phone done since then? updated, Its not good evidence then. Something has been added to the phone, what? Bad evidence. But, it shows that apple is rotten to the core with ego. we are so good, blah, blah, blah. but someone took two weeks and came in with proof it can be done? What is everyone else missing then? security.
So...about a year-and-a-half, then.
But it also needed some custom hardware created to make use of the exploit. So unless they are going to build hardware for all the police departments out there, or have them send the phones off to the FBI, it isn't going to do much good.
-- ssoorrrryy,, dduupplleexx sswwiittcchh oonn.. -Quote found on actual fortune cookie.
The lying they did and folding at the last minute should count as precedent anyway. The next judge should say to the FBI, "you lied to the court last time about a large number of things. dismissed with prejudice!".
-- ssoorrrryy,, dduupplleexx sswwiittcchh oonn.. -Quote found on actual fortune cookie.
So...about a year-and-a-half, then.
Nope, sorry.
The iPhone 5C was released in September, 2013.
The iPhone SE (which is the closest thing to an heir-apparent to the 5C, and is also the most-recent model) was shipped in the U.S. and several other countries starting on March 31, 2016.
By my estimation, that is around 2 1/2 years. And in that time, there has been the 5s, the 6 and the 6s in between the 5C and the SE. So that actually sounds like FOUR revisions, not even counting concurrent variants, like the 6 plus and the 6s plus.
The lying they did and folding at the last minute should count as precedent anyway. The next judge should say to the FBI, "you lied to the court last time about a large number of things. dismissed with prejudice!".
We can but hope!
No problem with sending iphones etc - secure evidence transport between law enforcement agencies happens all the time.
Apple has no interest in running afoul of the US government. What they are concerned about is letting the public know that they cooperated. Do they really care if the FBI gains access to this phone? Of course not. I'd have to guess that Mr. Cook is opposed to terrorism and would like it stopped.
My guess is that this was a shady, unofficial back-alley deal between Apple and the FBI. "Here's how you do it. Here's some hardware to help. You never saw us. We don't exist."
The agency they should have turned to for help in the first place?
HACK ATM AND BECOME RICH TODAY
How to hack an ATM MACHINE or BANK ACCOUNT
You can hack and break into a bank's security ATM Machine without carrying guns or any weapon. How is this possible? First of all we have to learn about the manual hacking of ATM MACHINES and BANKING ACCOUNTS HOW THE ATM MACHINE WORKS. If you have been to the bank you find out that the money in the ATM MACHINE is being filled right inside the house where the machine is built with enough security.to hack this machine We have develop the special blank ATM Card which you can use in any ATM Machine around the world. this card is been programmed and can withdraw 2000 USD within 24 hours in any currency your country make use of. The card will make the security camera malfunction at that particular time until you are done with the transaction you can never be trace. getting the card you will forward the company your address details so we can proceed to send the card to you once you agree to the terms and conditions. you can contact us on email now atmmachinehackes@gmail.com
Is there any reason a judge or jury should trust evidence gathered using hired guns whose ethics are questionable at best?
And yet, they're clearly spread thin and underfunded in a lot of places. The same places defeat community policing measures. Because taxes. And the public is outraged, just outraged, that things are then relegated to minimal police response due to this reality. Reminds me of the nursing profession. Snake head? Meet snake tail!
See subject: Don't talk about lying Coren22 considering how easily I shot you to pieces for it here https://news.slashdot.org/comm...
* HOW CORRECT & HONEST WERE YOU COREN22?
(Prepare for a massive lie from him folks - anyone here can read that link and see how the little scumbag Coren22 operates, lies galore WHICH I & OTHERS DISPROVED!)
Going to say I am "abusing" you you little FUCK? You have it coming for the crap you spewed about me & my work you little do nothing nobody (show you've done better).
You've been trolling me for a week now too (last Friday especially & now again today which YOUR POST HISTORY SHOWS).
APK
P.S.=> You have GOT to be the biggest damn weasel I've ever SEEN online & I've been out here since 1985 online... apk
See subject & a quote of myself giving it away since you're too stupid to figure it out:
"I used BRIDGED router firewalls to my cable modem http://slashdot.org/comments.p... might as well tell you since you're TOO dumb to figure it out" - BY ME, here https://news.slashdot.org/comm...
I gave you a clue in a Led Zeppelin lyric "have you seen the bridge" but your OUTISM defective brain didn't pick up on it & took it LITERALLY!
57++ antivirus programs also back my code is safe. What do YOU have vs. that much? Not much. You're a lying troll Coren22, losing badly vs. myself & facts I use.
APK
P.S.=> Coren22, look - IF you want to continue looking stupid & coming off as a damn liar (or illiterate) vs. myself? That's YOUR business... apk
Holy hell, are you a moron?
You use a bridge connection to the internet?? That is like begging to be hacked, and inviting the trouble!
You claim you are a "security expert" and you run a bridged connection, which is the exact opposite of security, as it means you are turning off the firewall?
Wow, just wow, I think I have now lost any possible respect I could have had for you, you know nothing about security, and have now proven it.
APK likes to ask for responses to the same things over and over. Maybe he just likes the responses?
See subject: A firewalling NAT stateful packet inspecting router is the 'brain' then, & layered security Coren22 (it protects me FAR better than cable or DSL modems do for sure) - that's not turning off a firewall. It turns on a BETTER one.
THAT, along w/ other "defense-in-depth"/"layered-security" methods do the rest (in case one of my layers fails).
* It also lets you do a HELL of a lot more too which judging by what I've shown others I do here blowing by any barriers put in my way too? Well, proof's in the pudding... moving target safety in fact. Thus, my system can't be "zeroed in on" typically to BE directly attacked in other words.
This time, since I realize you have a brain damaged inability to read, I actually feel BAD showing everyone how stupid you are, now eating your words.
APK
P.S.=> I use & do a LOT more ontop of that too http://www.bing.com/search?q=%... that works & even got me PAID for it no less - unexpectedly... apk
Keep walking it back, you are the one who claimed you bridged your router, not I.
Yeah, the brain damage is strong in this one, does it come with an inability to admit when you were wrong?
https://slashdot.org/comments....
I used BRIDGED router firewalls to my cable modem
So, keep it up, this is great entertainment for me.
APK likes to ask for responses to the same things over and over. Maybe he just likes the responses?
See subject: It's not worse security as you said - it's better (especially in router level blocklists - good routers have ones that take FAR more entries than std. cable or DSL modems do) https://slashdot.org/comments....
* By the way, on "brain damage": WHO is the assburgers dolt here? Not I, lol... you are.
APK
P.S.=> Coren22, look - I know you're "butthurt" over your BLUNDERS & LIES I cut to shreds vs. myself on here -> https://news.slashdot.org/comm... since you troll nearly all of my posts, lol!
However, when I attempted to give you a clue on 'bridge'? You didn't even UNDERSTAND what I meant taking it all out of context yet NEVER stating what to do (which is what I do in that 1st link above).
Now, in the 1st link above, you do (& you can't stand it vs. "yours truly" + you certainly haven't written guides for security I have a decade++ ago (far longer actually, 2 decades ago) that I was paid for in security & I develop a program that works for more security & speed you NEVER will (You don't have the skills))... apk
secretary at MalwareBytes took a look at his source code and said it looked all good - by Coren22
My code's verified by Mr. Steven Burn of Malwarebytes
"I've seen the code, and yes, it is safe." FROM http://forum.hosts-file.net/viewtopic.php?f=5&t=4290
NOT a secretary!
I don't give away work to be stolen OR misused like GOOGLE CHROME http://it.slashdot.org/story/15/10/20/1254225/efast-malware-hijacks-browser-with-chrome-clone
won't demonstrate security of his product be exposing the source - by Coren22 (1625475)
57 antivirus results show otherwise https://www.virustotal.com/en/file/e01211ca36aa02e923f20adee0a3c4f5d5187dc65bdf1c997b3da3c2b0745425/analysis/1433430542/
MalwareBytes' employee hosts & recommends it -> http://hosts-file.net/?s=Download
* EAT YOUR WORDS Coren22 (you've done better? No - You don't possess the skills)
APK
P.S.=> I'll let others judge "who refuted whom", lol.. apk