Slashdot Mirror
FBI Calls Apple 'Jerks' and 'Evil Geniuses' For Making iPhone Cracks Difficult (itwire.com)
troublemaker_23 shares a report from iTWire: A forensics expert from the FBI has lashed out at Apple, calling the company's security team a bunch of "jerks" and "evil geniuses" for making it more difficult to circumvent the encryption on its devices. Stephen Flatley told the International Conference on Cyber Security in New York on Wednesday that one example of the way that Apple had made it harder for him and his colleagues to break into the iPhone was by recently making the password guesses slower, with a change in hash iterations from 10,000 to 10,000,000. A report on the Motherboard website said Flatley explained that this change meant that the speed at which one could brute-force passwords went from 45 attempts a second to one every 18 seconds. "Your crack time just went from two days to two months," he was quoted as saying. "At what point is it just trying to one up things and at what point is it to thwart law enforcement? Apple is pretty good at evil genius stuff," Flatley added.
If it is easy to crack for the FBI, it is easy to crack for anyone.
Any "back doors" will be converted to front doors ( or windows ) soon enough.
And the timing of such a statement. Meltdown and Spectre still in the news, then this.
emt 377 emt 4
Pre-cracked encryption is worthless. Might as well force everyone in the world to use TSA locks for physical security, where there are only 5 keys in the world that open them, providing no security at all.
The FBI is now indicating we should buy Apple devices because the security is good.
Either you have security or you dont. What would be the point to add half ass measures so it can be easily circumvented? then you might as well not have any security.
Apple isn't any "smarter" or "evil-genuis-y" than any of the other guys out there. They just decided to take their customer's privacy seriously. Google, Facebook, etc are just as smart or evil genius-y, they just put their targets elsewhere because having their customers' information more public is their business model.
if not, then its a sales pitch
Congress Is About To Vote On Expanding the Warrantless Surveillance of Americans
I think it's hilarious that they don't realize that it's their own insatiable desire to spy on everyone that is the primary driving force behind the spread of encrypted communications. That they don't realize this truth makes it all the more funny.
Anons need not reply. Questions end with a question mark.
speed at which one could brute-force passwords went from 45 attempts a second to one every 18 seconds
What? Say again?
I'm pretty sure my iPhone doesn't take 18 seconds to verify my password. That would make logging in really slow.
They don't do it to thwart law enforcement. They do it to thwart criminals, terrorists, foreign intelligence agents (aka spies), etc.
If the law enforcement people happen to use the same techniques as those groups, well......
You're not the first Flatley to stomp your feet about something.
Boo hoo.
This is theater, and the FBI / NSA / sppok community at large obviously understands what you are describing. Statements like this are in part how these orgs "prove" to the gov't the need to pass laws to give them what they want.
The only brand of criminals the FBI will catch are the stupid ones.
The more intelligent types realize LE focuses on the phones too much and will simply ensure that they do not conduct their business via the devices in question.
They must know this so it begs the question once again: Are they really interested in criminals phones, or the ability to look at anyones phones on demand ?
Though the way LE treats folks these days, we're all pretty much criminals in their eyes.
It did cross my mind that they're simply blowing smoke to cover the fact that they have methods to break into them.
All the acting ensures folks believe they're still secure.
Just a thought.
I goes: "Oh please Brer Fox, whatever you do, please don't throw me into the briar patch."
Iâ(TM)m sure the government realizes this sort of thing makes people who care about security give Apple more credibility. This is exactly how one could use the Streisand effect to make sure that everyone motivated to hide their tracks uses an iPhone. This is exactly what I would do if I was a government agency with an iPhone master key or back door.
I cannot believe we actually hire allegedly educated individuals to work in the FBI who can't fucking grasp the concept that Apple didn't make good security because of the FBI. Apple made good security because of the actual evil in the world, and to protect their customers.
Wonder how the FBI would feel if we turned around and started asking them the same damn thing about their encryption. How dare they make it very difficult to brute-force. Of all the nerve...
Come back when they're calling them "scoundrels" and "nerf herders".
For Apple stock. You're just making the case for even law abiding citizens to buy. Fourth Amendment support doesn't make or indicate that someone is a criminal.
Courts can order you to unlock your phone, which means that the FBI is talking about investigations, not prosecutions. I suppose it depends on the investigation; if the phone contains the location someone in North America of a nuclear device set to explode in the next hour, then it might be great if the device got unlocked. Google et al. just cooperate with law enforcement; Apple has opted not to give itself a back door so it does not have to deal with the drama. Public opinion might change after the mushroom cloud however.
Alternative Right.
The real jerks are people drawn to law enforcement as a career, from Feds on down to local cops. Many of them WANT to be able to be paid for bullying other people.
A bunch of bitchy little girls.
The question, as always, is whether the good outweighs the bad.
If we could somehow create magical impenetrable *physical* fortresses that cannot be opened or accessed by the duly-empowered law enforcement and judicial powers of a democratic society, would we say that's just the way it is?
Or would we have a discussion about it on the context of public good and the rule of law?
There is no one "right" answer to a question like this save the ones we collectively and imperfectly come to as a society. Absolutist assertions that it is either unbreakable, impenetrable encryption for all, or nothing, are false.
I wrote this on an earlier matter:
Apple believes it is protecting freedom. It's wrong. Here's why:
http://cimsec.org/apple/22159
but geniuses? Thats a stretch.
- FBI
I don't read AC
Hate Apple products.
Hate Apple business tactics.
Hate Apple's complete lack of social responsibility.
Hate Apple design.
Their one redeeming feature: That they don't just make it easy for the FBI (or anyone else).
Tell them off and call them names for anything else, I'll be right there cheering you on. But insulting them because they won't deliberately weaken security just in case their users happen to be a terrorist? Yeah, that I won't just jump on board with.
You never read about this type of complaint regarding any Android device, manufacturer, or Google itself. Yet Android is by far the most widely uses mobile OS.
br.Makes one think.
You mean like when you murdered all those women and children at Waco, TX?
We at the FBI are a bunch of lazy twats who regard the constitution as a piece of toilet paper if it makes our job harder. We also know perfectly well that any backdoor in encrypted software makes the encryption worthless but pretend otherwise in public because we only care about ourselves.
Basically either this guy is evil or an idiot and I'm pretty sure someone at the FBI understands how encryption works so I'm favoring evil. Either way it isn't a good situation for our civil right to have the cops demanding a master key to everyone's (figurative) house.
It's insanely difficult to root and audit the damn things. About time the FBI is working for us and demanding that we get control over the hardware we buy.
(Sarcasm is in the eye of the beholder...)
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
A product you can crack in two months with available technology still has essentially broken security.
"I have never let my schooling interfere with my education." - Mark Twain
Of course it is to thwart law enforcement. The FBI likes to pretend that it is trustworthy, history says otherwise. And of course, the US government is not the only "law" enforcement involved. Meanwhile we have yet to see a case they could not prosecute because of data on the iPhone, on the contrary we've only seen them trying to crack iPhones as a side note to an already established case just in case there is something relevant on there.
This posting is provided 'AS IS' without warranty of any kind, implied or otherwise.
The FBI are the true criminals. If they weren't constantly infringing on constitutional RIGHTS, we wouldn't need such encryption.
Personally, I encrypt the crap out of everything. in fact I have a couple 2 TB files that are just random garbage that I encrypted so if the government ever gets them without a warrant, it will cost them lots of time and effort to end up with NOTHING.
Oh a little Trumpflake. Hey Trumpflake. The FBI was great while it was after Killary wasn't it? Not so great when it's investigating your treacherous hero, though. Funny how that works.
I read the link. Your definition of "terrorist" is a get out of nuance card. Suppose there are those that consider the US military an occupying force - yes I know you're always the good guys. always. - and their definition of "terrorist" is different than yours. And they have seized your phone. With your home address and pictures of your kids. Does "terrorist" include disputing an elected politicians definition of freedom of assembly?
"Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." and you knew that quote was coming.
Companies have spent hundreds of millions of dollars trying to encryption this and that, from various forms of DRM to game console and locked bootloaders. It ALWAYS gets broken, sometimes shortly *before* the product is released. No need to bribe anyone;security is just hard because breaking things is easier than making things. It's a fact that if people can make it, people can break it.
Don't let the FBI know that they have a pool at their new building with "freakin' sharks with lasers" too !
There is a very distinct whiff of nerd resentment here. Don't you just imagine this guy as some popular "sports" kid from high school? It's the same anti-intellectual strain that goes into science denial. Whether or not this particular person feels that way, it's definitely the sentiment he is trying to tap.
Better Evil Genius than just Evil.
Mmm yes, cry more sweet tears for me, privacy invaders! Weep at the reality of encryption! Muahahaha!
"When information is power, privacy is freedom" - Jah-Wren Ryel
Its the very spying by the US Government that is driving encryption. The government needs to stop thinking that they can spy on everyone at all times, it is not okay to spy on everyone.
Seriously, fuck this guy. He can choke to death on my encryption.
Either I need to take my morning coffee or something doesn't add up...
Okay, so from 45 attempts per second to 1 attempt per 18 seconds.
That means that previously there was 810 attempts per 18 seconds, now there is only 1 attempt.
If the crack time used to be 2 days, shouldn't it have gone up to 1620 days, not 2 months?
#DeleteFacebook
Read his comments with a huge grain of salt. Either he is so ignorant of crypto that he thinks that raising the number of iterations is genius rather than normal practice, or he is intentionally making outlandish statements that are calculated to sway public opinion. It seems obvious that it's the latter, and it will probably work.
I was born a jerk. I aspire to be an evil genius. BTW I missed that whole part in the US Constitution that said I should make government's job easier.
This is a smokescreen. Apple has government-requested backdoors built into all their services and devices. By publicly complaining that Apple products are "very hard to crack", the FBI is basically paying Apple back for its cooperation while also trying to encourage people who might have something to hide to buy Apple (which they know they can "crack" - or rather, access, because there's no actual cracking involved - easily.
It should be damn near impossible. How about an AI component where the iPhone would perceive someone was trying to guess the password and then lock it down and call Apple so the person would have to follow a specific set of steps involving fingerprint or face, several email codes, and an iCloud 2-factor code or five requiring each one to be validated via a secondary email. Then it would give you permission to keep guessing, but only 5 more guesses.
Why does he presume that people want security in their phones just to thwart law enforcement? I want security in my phone to keep everyone out. If law enforcement can get in, so can the bad guys.
Funny, "evil geniuses"?!
I am pretty sure that NIST SO 800-132 section 5.2 regsrding the recommended iteration count for password derivation functions had something to do with the change.
Well that coupled with the quantum computing landscape shaping the factoring times being reduced might have been a better explanation than "the big jerks".
Consider, for a moment, that the FBI does have a crack (possibly supplied by Apple Inc.), in the same manner that there was a crack for Enigma in WWII. It would be of utmost importance that said crack were to be kept secret. All actions and communications should both be plausibly consistent with not having the crack and regularly reinforce that notion.
So, who's to say all this is or isn't misinformation? At the end of the day, we can't lose sight of the fact that statements and claims are just that, not reality.
... because Apple is protecting users against criminals, something that the FBI should be doing!
We call the FBI cunts and cocksuckers all the time.
"Evil Geniuses in a Nutshell" by J. D. "Illiad" Frazer was probably the best O'Reilly book ever put out back in the day.
Read his comments with a huge grain of salt. Either he is so ignorant of crypto that he thinks that raising the number of iterations is genius rather than normal practice, or he is intentionally making outlandish statements that are calculated to sway public opinion. It seems obvious that it's the latter, and it will probably work.
Speaking of public opinion, if I were in Tim Cooks position, I would hold a YouTube live stream and call this FBI agent out personally.
Let the FBI stand up there and rant and rave about how unbreakable Apple security is. Let the FBI bitch and moan about hacking attempts on Apple hardware being very difficult.
Then Tim will stand up and ask one simple question; "Why is it hard for hackers to break into your encryption?"
The FBI will provide an obvious answer, to which Tim will reply in front of the world watching, "Thank you for confirming why the fuck Apple takes security seriously." *drops mic*
As a member of the evil genius community, I strongly denounce the use of this minority-oppressing slur by a representative of the US government.
Hey, where can I sue?
Not much that I can say about that.
The FBI has been caught with their hands in the cookie jar entirely too many times to be crying about "we need back doors". Fire up your super computer and use the exploits given to you by the NSA.
What I read is "Your crack time just went from two days to two months"
To me that means it is still possible and not as secure as people tend to say it is.
If you are a person who want to keep things secret for whatever reason, two months is not a long time. 2 years would be a nice start. 200 woo;d be what I want for now
Don't fight for your country, if your country does not fight for you.
I cannot believe we actually hire allegedly educated individuals to work in the FBI who can't fucking grasp the concept that Apple didn't make good security because of the FBI. Apple made good security because of the actual evil in the world, and to protect their customers
Please note that those two groups are in no way mutually exclusive.
'The tyrant will always find pretext for his tyranny.' - Aesop's Fables
... To know one.
If we could somehow create magical impenetrable *physical* fortresses that cannot be opened or accessed by the duly-empowered law enforcement and judicial powers of a democratic society, would we say that's just the way it is?
We would have to. Total strawman you have there but I'll roll with it. To make it tangible the laws of mathematics are not bendable for the convenience of some and not others. Once encryption is broken by one party, it is a trivial exercise to break it for an arbitrary number of other parties or to simply distribute the data being protected. Once you have one key it's cheap and easy to make copies of the key and much more expensive to replace the locks. And once the data is taken there is no point since that would be like locking the door after the thief has already run off with your stuff.
There is no one "right" answer to a question like this save the ones we collectively and imperfectly come to as a society.
Actually there is a right answer here and air quotes are not needed. Your options are either to use encryption properly to keep data secure or to not use it at all and live with the consequences. There literally is no middle ground. Weak encryption or backdoored encryption = no encryption.
Apple believes it is protecting freedom. It's wrong. Here's why:
That article is a complete load of nonsense. The author is either an idiot or has an agenda. His arguments are flawed to their core. The argument is basically that bad guys are lazy and won't be bothered to take advantage of government mandated back doors. That argument is so stupid I barely know were to begin.
Google's customer are the companies who pay money to Google for ads. You do not pay any money to Google so how can you be their customer? You and your profile is Google's product which Google sells to advertizers. They take care to anonymize the data not because you will stop paying money to them (how can you ? you dont pay anything today) but because if profiles end up in their advertizers hands the advertizers can market directly and dont need to go through Google.
Ditto Facebook.
Apple actually gets money from you and me so it cares what we think .
**Life is too short to be serious**
We should have a 2nd Amendment for Nukes where all countries have nukes. May just make USA more polite and stop poking into others' backyards.
**Life is too short to be serious**
They're bitter that Apple rolled over for the Chinese government, but is deliberately advertising their phones as a tool for criminals.
You say that, but Apple has caved to the Chinese government.
So what the FBI is saying is that it's fine for everyone to protect their data with a digital lock. But they really want to be given a master key that they totes mcgotes pinky promise they won't abuse or accidentally lose and most definitely not make copies of for their friends with benefits. It's different this time, they'll even stick a needle in their eye if they lie.
Read his comments with a huge grain of salt. Either he is so ignorant of crypto that he thinks that raising the number of iterations is genius rather than normal practice, or he is intentionally making outlandish statements that are calculated to sway public opinion. It seems obvious that it's the latter, and it will probably work.
Speaking of public opinion, if I were in Tim Cooks position, I would hold a YouTube live stream and call this FBI agent out personally.
Let the FBI stand up there and rant and rave about how unbreakable Apple security is. Let the FBI bitch and moan about hacking attempts on Apple hardware being very difficult.
Then Tim will stand up and ask one simple question; "Why is it hard for hackers to break into your encryption?"
The FBI will provide an obvious answer, to which Tim will reply in front of the world watching, "Thank you for confirming why the fuck Apple takes security seriously." *drops mic*
Oh, yeah!
Put it up on the Apple Events channel TODAY!!!!
It's this.
The FBI already did crack an iPhone. They bought the crack from some Israeli firm if I remember right.
Also, Apple is a US company... a very rich one. It would be a shame if the Feds discovered some large amount of back taxes were due... Or they might not even have to resort to the rubber hose method: the Feds could trivially insert some NSA guys into the engineering teams at Apple and get all the back doors they could ever want for free.
Oh, a nice little bonus: with all this loud and colorful protestation of how secure Apple is their revenue is also bound to increase... and thus also the taxes gleaned from Apple. It's like Apple is paying to be abused by the Feds-- when was the last time a whore paid you for sex?
But but but updating a HOSTS file with a script means he's made an ENGINE!
For HOSTS files! Because reinventing DNS in a completely halfassed way is more secure! It's obvious because he says so, ad nauseam!
Criminals, terrorists, and spies need to break into the phones of criminals, terrorists, and spies to gather evidence in criminal investigations? Wow, that is mind-blowing!
This appears to be the actual vote so you can see how people voted.
Gripe: I wish news articles would include this link or something similar that makes finding this information easier.
HOSTS FILE is educated stupid! YOU are EDUCATED EVIL. Always 4-Corner QUAD-simultaneous HOSTS CUBE! No 1-Day God!
"They were pure niggers." – Noam Chomsky
I think that prior to some relatively recent consumer-level products, most of the information security technology available to non-government consumers was of the easily breakable variety. For example, I bought a Motorola cordless phone that purported to be "secure" so that my neighbors couldn't listen to my phone calls - then I listened to it on my scanner, and found that it mere inverted the audio signal, which could either be easily inverted back, or (with some practice) you could actually learn to listen and decode yourself. Until the advent of Windows XP and MacOS X, most consumer computers had either no real username/password protection, or easily breakable username/password protection. Even after consumer computers had username/password protection, physical access to the console trumped all protections. Alternatively, one could just remove the hard drive and analyze it in a different computer.
The government had access to some technology that produced better results... STU III telephones prevented eavesdropping or line-tapping from yielding much intelligence. Locking computers up in secure facilities with no external access and TEMPEST emissions protections kept information from disclosure. But these things are all very expensive and something that only governments can afford.
In the 2000s and 2010s this changed... full hardwire encryption is available on consumer devices. Mobile phones have secure enclaves and tamper-proof hardware that forms the foundation for some decent lockdown capabilities (that can be diminished for usability purposes). For those who desire it, an end-to end encrypted voice communication system can be had for not too much money.
In the past, I think law enforcement took about as much notice of consumer-level security as a good burglar does of the average lock on a front door (even if its a deadbolt) - i.e., none. It could all be easily defeated/circumvented. Now consumer-level security is starting to provide a real challenge to law enforcement, and they are taking notice. Having failed an early attempt to seize the high ground (the Clipper Chip https://en.wikipedia.org/wiki/Clipper_chip), and now that usability has moved passed the PGP stage, the law enforcement community is seeing a future reality that they don't like much.
'Evil Geniuses'
Crimmany! Coming from the FBI that is a huge complement! They know what they're talking about!
Learn not to speak Esperanto
tl;dr: Esperanto is badly designed, with a lot of irregularity and Eastern European-isms built into it, especially the choice of phonemes.
#naabhaprzrag, #sverubfr-000, #agi-fcbafberq, negvpyr[pynff*=' negvpyr-ary-'] { qvfcynl: abar !vzcbegnag; }
CHINESE CODE. Let them in and in and in and in... until you find
China got the backdoors eh, and why would anybody buy a walled garden device anyway?
Xray the device to get specs? gtfo. Gay CEO? bye.
Also, forget what you heard it was Tim Cook that leaked Jennifer Lawrence's nudes.
Don't forget to read about living conditions of the chinese workers who actually assemble the phones.
Do not forget because I was the one who posted it... that Apple shut down unexpectedly for 7 hours when I published the IP addresses of ever server Snow Leopard made connections to when you boot it in a virtual machine. I used wireshark (ethereal) for the IP addresses then I would firewall them on host and reboot. Then record next round of servers. Until when they were all blocked... you couldn't even log in. Your p.o.s. OS was basically a thin client. Weak shit.
Fuck apple. Use FreeBSD with KDE it's awesome as fuck.
So is Tumbleweed TBH.
rekt. fuck the lies.
That of a random member of a huge organization always speak for and represent the organization as a whole?
Oh dear! I have to ask you. How much time you got? The list of reasons for respecting law enforcement is much shorter. I mean, here, take a look:
Are they still orange?
“He’s not deformed, he’s just drunk!”
To be fair if they think increasing the time it takes to validate the password to make brute force more costly qualifies as "evil genius" territory their own security is probably riddled with the likes of "nobody will ever guess my password is 'password'" level thinking and isn't terribly hard to crack.
https://9to5mac.com/2018/01/11/health-app-data-iphone-6s-crack/
Do you think the great wall of china would allow a phone that it cant crack into their market? This feels more like herding and theater...
Actually, for most phones the encryption keys *are* kept in the phone and obfuscated; they're kept in tamper-resistant hardware storage (which must be rather effective, otherwise the spies wouldn't be complaining).
IIRC, the keys are encrypted with the users PIN or password, and the (good) hardware is designed in a way which doesn't let you either dump the keys for offline bruteforcing or guess the PIN on the device itself. So you still need the PIN to actually access the keys.
You're right in that PIN based security is really a form of obfuscation though, which is why earlier iPhone models could be cracked relatively easily - they had flaws which allowed you to brute-force the PIN. On the other hand my android phone is encrypted with a 16+ character password, and the PIN only unlocks the screen, so if the device is turned off when you get your hands on it you're not brute-forcing it. If it's turned on you might conceivably be able to bypass the lock screen, but I think even that is pretty difficult on newer versions of android.
To quote the article
"At what point is it just trying to one up things and at /what point is it to thwart law enforcement?/"
This is super ironic given that Congress just passed an extension of the law that allows the NSA to collect everyone's email and online communications WITHOUT A WARRANT.
I would ask Mr. FBI, "At what point are you guys going to admit that you don't give two shits about the 4th amendment, and you operate like you're above the law?"
Once the Feds come clean on being assholes and building a surveillance state that has 0.2% to do with fighting terrorism and 98.8% to do with averting civil unrest and regime change here at home, then they can start complaining about how evil tech companies are for allowing people to protect their communications from unwarranted search and seizure.
straight into a black suv, the closest airport and then Gitmo
The FBI say they want security for me and my family. Encryption on my computing devices provides security for me and my family.
Therefore the FBI wants to make me more safe by making me less safe? Is this like that whole, "we had to destroy the village to save the village" thing?
Do the FBI understand that the village paradox did not end well? Or do they not care because they don't live in that village? Perhaps they think that chanting "9/11! Never Again! Terr'ists Bad!" is a magic incantation that makes wise leadership unnecessary? Do they yearn for the simplicity that McCarthy and J. Edgar Hoover brought?
Tamper resistant hardware storage? Don't kid yourself. There are always ways to get at data stored. It's just a matter of time, effort, and expense. Bump the chip with undervoltage/overvoltage, overclocking/underclocking at just the right time and get whatever software protecting the data to become bypassed or confused into giving you access. If that fails, decapitate the chip package and look directly at the silicon under an electron microscope.
apple usestheir tech to provide pedo brothels in Brazil. just open edonkey and look for pthc lucy and watch steve jobs raping a child
... so we can have reasonable conversations about cryptography and secrecy?
There, I said it. I'm probably on a list now. However, doing so would not likely to be by brute force. They like to play dumb but I'm guessing the people at the top that set the FBIs cryptography standards are a bit smarter than the FBI folk make themselves sound when they ham it up about Apple in the media.
"Breathe. Sunflower. Rainbow. Three to the right, four to the left. 450."
Has it? Read again with eyes and mind open
Oh don't fall for the theater.
Not only can theater be used to push legislation, it can also be used as counterintelligence (simultaneously even).
It's quite possible the FBI is having such difficulty but it can also be a show to make people feel hidden. I would be surprised if the NSA has such difficulties.
... the FBI being professional and maintaining their dignity.
This is pure theatre. Your iPhone (or Android) is p0wned before it leaves the factory. It's DUH LAW.
You type like Chineses.
In 2013, the Edward Snowden leaks proved that security of Apple products was laughable by NSA and CIA, they had ability to break into these devices on demand. They had to do something to make the products safer.
44 bits, and acceptable as a remote access password by FAR.
For a passphrase that maps to crypto, you need something much longer- and no, you are correct, you would not want to type it everytime you want to check texts.
How about this phrase:
Milarodinotisizemenrajtvojtahubostnqmakraj
The most important password in my life so far is longer than this and I can type it without thinking in few seconds.
I wonder if anyone here might guess what is the principle behind it? Would dictionary attack work?
Nobody sane stores a plaintext key on a device's permanent memory!
The storage contains an *encrypted* key!
By entering your passcode of whatever, you decrypt the key into (hopefully volatile enough) RAM of the secure storage. Which is only secure in the way of being separated from the main system and physical tampering. (That is what those PSP/IMEs were good for.)
But turn the system off, or lock the storage another way... (like emergency locking) ... and no plaintext key is to be found anywhere!
(In my case, if I pull the key, a udev script automatically locks the data storage and overwrites "ALL the memories", including caches and buffers. And the key is on a chain attached to me, so I can't leave and not pull it. Granted, with untrusted closed consumer hardware, that is only an exercise in "because I can", and not actually much more secure.)
What government? The US has none.
It has a corporate oligarchy of dictators.
A government, as you use it, would imply there was somehow an independent entity with soverign power.
And don't now say you didn't imply that, because you did, until it became useful to you winning the argument, to say that you didn't.
Or is he implying the demons had access to they key in the first place too? Because then that is a useless statement, as the implication is useless.
Given an unavailable key, XORin with a properly random OTP is mathematically uncrackable. Period. ...
So unless you find a way to exploit GÃdel's incompleteness theorem, and "prove" mathematics, in itself, invalid
At some point the Deep State needs to realize that they work for the people, not the other way around.
Heck my safe has been doing the brute force slow down for the last 5 years, Does that mean that I am evil and ugly?
The guys who wrote these words:
"The right of the people to be secure in their persons, houses, papers, and effects..."
Why not just fix society's shortcomings?
There'd be far fewer reasons to invade personal space if there were far fewer reasons to thwart society.
If (we) were all happy with our government and society, we could focus on progress.
Self-importance and self-indulgence is the root of ALL evil.
Cracking 28 characters consisting of 4 words out of a 2000 most frequently used words dictionary: 2000^4 = 1.6e13 .
Except that two out of his 4 words aren't in your 2,000 word dictionary. So now what? Gonna try the whole dictionary?
I like to add some foreign words to my passwords, just for fun. How many dictionaries would you like to try?
Sounds like the FBI is pretending to complain about their partners in national security making it easy for them behind the scenes.
Good lord, saying APK three times is similar to saying Beetle Juice...
This is all fine except for FBI calling Apple evil geniuses for increasing iterations by 1000 times. That's not even high school math.