Few? Literally every day I plug my phone in at my desk and plug the headphones in. If a call comes I can take it hands free while my phone charges. This happens nearly every day. I must be doing it wrong though.
Ok so usb-c is better, we hear you. But, guess what... nobody cares. You'll have to give us both for awhile and let the community make their own decision just like in nearly every other standards conversion to digital. Apple jamming it's ideas down people's throats doesn't surprise me, that's kinda what they do. But I expected more from Intel.
Smart people don't lose objectivity. The government is not a homogeneous entity that requires a single opinion. See my other other post in this thread.
I'll assume it's the user data encryption you have a problem with. Here's Apple's own law enforcement guidelines. Pay specific attention to section I where they talk about how they can easily provide user data (sms, photos, videos, et al.) to law enforcement on request and other unencrypted data for any phone running ios 7 or older. Nobody knows exactly what Apple is doing but it's clear from their own documentation that they were easily able to access user data from locked phones up until 2015. This means it was either unencrypted, or encrypted in a way that is compromised, which is effectively unencrypted.
So I'd encourage you to challenge your pre-formed opinions more and read on, you'll certainly learn more. Or remain gleefully ignorant if you wish. I find Apple customers are typically extraordinarily obtuse due to the price of their products causing a very high level of post purchase rationalisation.
Actually its probably as simple as, not reading the nand, but overwriting it, at least in the 5c implementation. The 5c does not have secure enclave which means the hardware encryption is done on the main soc, and the brute force security checks are likely part of iOS, instead of the secure enclave firmware. This means you could likely image the nand and solder in and out fresh copies to reset the failed attempts counter. This is a theory (not mine, but many others) and the logic is sound.
if you would like to learn anything else by acting knowledgeable and getting schooled I'll be here for a couple more hours.
I'll assume that's not a serious question. Be careful. When you lose objectivity, you become religious. I certainly wouldn't deny the government has done some shitty things and has ultimately become too inefficient and corrupt for its own good. But, at the end of the day, this is a large group of people, agencies, and bureaucracies all charged with working for the people. It's ridiculous to assume every one of them is out to get us, all the time.
So while we need change, what we certainly don't need is religious idealism. In short, I understand that you're angry, but you're not really helping, and no rational person is taking you seriously.
It's really humorous how anarchist the population on this website is becoming. An opportunity to blast the government never seems to be missed, even in an article where they're doing a good thing.
I've already wrecked you in another thread so there's little point going over it all again here. You simply don't understand what you're reading Rosyna. The hardware UID isn't as magical as you think it is. All it does is force you to run brute force attacks on the actual hardware, instead of outside it. The weak pin code becomes a major problem due to a 4 digit pin having a mere 10,000 combinations. This is precisely why the firmware on the chip tries to limit the attempts, and frequency of attempts, and precisely why the FBI wants custom firmware, or security exploits, to remove these limitations.
I didn't explicitly mention the unique UID because it's not particularly relevant. You don't need to know the UID. In fact, the firmware running on the device never knows the UID. If it did, you could just write custom firmware to extract it.
All the UID does is force you to run your brute force on that particular hardware (because you can never know it). Therefore if you use custom firmware to remove the artificial software security checks, you are only limited by the hardware encryption circuitry. I said this is somewhere around 80ms which means a 4 digit pin (10,000 combinations) takes 800 seconds or about 13 minutes to brute force on the actual iPhone hardware.
Now let's consider an alpha numeric password. We wont even worry about uppercase, lets just assume lowercase/numeric. 36^8 = 2.8211099x10^12 or 2,821,109,900,000 combinations. At 80ms per iteration you're looking at 3,761,479,876 seconds or roughly 7000 years (I could be wrong, I did these calculations quickly.. the point is.. its a long fucking time).
The only thing you need to know is approximately what the decrypted data should look like, which I'd imagine looks just like an Apple filesystem. I did read the papers. The only difference here is I actually understood them.
Well, in this sense "Android phone" is a misnomer. Unlike with iPhones there is no centralized, controlled way for Android phones to exist. But I'll address a few things you might be referring to.
AOSP (the Android base) uses the Linux kernel, which has a mature implementation of the standardized dm-crypt subsystem for encryption. AOSP implemented use of dm-crypt in 2010 with version 2.3. Apple wasn't encrypting user data until 2015 with iOS8. In fact, Apple had a well documented policy of co-operating with law enforcement requests (see: section I) until they developed new security measures in iOS8 in an attempt to absolve themselves of responsibility. A responsibility they willingly take on with the provisions in their EULA that explicitly state: they own iOS and you do not.
What you might be referring to is hardware encryption vs. software encryption. Since the AES cipher is a mathematical formula there is no inherent benefit of using it via a hardware circuit, or through software. The only benefit of hardware encryption is that it's immune to parallel brute force attacks, and it can artificially slow down the brute force attempt interval through it's circuitry. This is only a measurable benefit for systems secured with complex passwords, of which phones typically are are not. Because of this, Apple relies on firmware measures on it's chips to artificially increase brute force intervals with a failed attempt counter, and to activate a kill switch on too many attempts. Because this is a software measure it is subvert-able in the same ways all software measures (dm-crypt) are - simply by modifying the software. In an attempt to solve this, Apple has used a SecureBoot bootloader that will only accept software modifications signed with the Apple private key. This means that Apple has an exclusive back door into their own system, a problem you have correctly identified in your signature. A back door that Apple has, can be accessed by law enforcement through subpoena's, could be unknowingly leaked, or could be shared with other private enterprise. In security circles we call this "security through obscurity". It is a false sense of security, at best. Furthermore, Apple's implementation is proprietary. While dm-crypt is a mature industry-wide standard that has the potential for 8 billion code reviews, the Apple encryption implementation is known to only a handful of Apple engineers. This makes it inherently prone to security exploits, and also prone to those exploits remaining secret when discovered. This arguably makes the Apple's hardware encryption system altogether less secure. In fact, it is possible that a security exploit was used by the FBI to break into the San Bernandino phone, even if it was using a strong password.
Finally, what you might be referring to is the idiotic notion that all data *should* be encrypted. Encryption methods have been around for 60 years, and personal computers have been around for over 30. There's a reason most computer systems aren't encrypted by default and that's simply because in 99.9999% of cases it causes more problems than it solves. It is much more common to have hardware damage or failure that requires you to mount and rescue data externally, than to have a use case where your data is important enough to be encrypted. Because of this, encryption is always seen as optional element for data that a user can activate should they chose to. Android phones making encryption an option is a far more sound practice than turning it on by default.
So ultimately the iPhone encryption implementation is using closed standards, is less secure, and far less convenient. Please, please Google - please don't follow suit.
By people that don't know what they're talking about. The San Bernardino case has nothing to do with "restrict[ing] citizens' access to strong encryption". It's about establishing a precedent that law enforcement can tap into a software companies inherent backdoors. In this case, the Apple backdoor is their master signing key for software updates. It seems obvious from their resistance, and other evidence, that even their "secure enclave" is vulnerable to custom firmware images. If Apple wants to truly absolve all responsibility they simply have to let users install ios firmware built with their own private signing key. Of course, this makes even the newest ios build jail-breakable, which prevents Apple from locking you into whatever "experience" they're currently trying to define. Something seemingly more important to them than the security of your data.
As someone already pointed out, I'm well aware of Apple's encryption methods. The fact remains, the weak pincode is their Achilles heel. The leading theory how the encryption was brute forced is a simple nand chip swap since the failed attempt increment is stored on the flash storage. A dedicated engineer with a fancy setup could swap nand chips and brute force at a rate that should discover a 4 digit pin in a few days. 6 digit in maybe a couple months. 8 digit alpha numeric, not in his life time.
Apple's new hardware encryption method is separated from the running processor in a system called "Secure Enclave". Secure Enclave suffers the same problems with weak pins. The biggest threat with secure enclave would be a custom firmware or manipulation of the RAM to remove the failed attempt security checks. This is precisely why Apple is so worried about a precedent that allows law enforcement to demand custom firmware, even in a secure Cupertino lab. It completely reverts their new security methods. Custom firmware could drop the failed attempt interval to whatever the SE hardware limit is, which I believe is somewhere around 80ms. This would mean a 4 digit pin is discoverable in about 30 minutes, 6 digit a day or two, 8 digit alpha numeric probably close to a decade.
Another theory is the ability to use electron microscopes to read the 256-aes key directly from the chip. Again, the weak password becomes your problem when this key is known.
What precedent? Company assistance in a search warrant? Besides the fact that Apple has done exactly this before, have you even read the court order? Here's the full text, and here's my favorite part:
The
SIF will be loaded on the SUBJECT DEVICE at either a government
facility, or alternatively, at an Apple facility; if the latter,
Apple shall provide the government with remote access to the SUBJECT
The actual court order makes several attempts to insist the process only affects this one device, even explicitly suggesting Apple build a sanitized lab and give the FBI remote access, with monetary compensation.
So undoubtedly it's you that has bought the narrative. It's you, and many others that have believed the hyperbole and misinformation without verifying the facts. Apple is playing a political game here. A game intended to sell more phones, as is their duty to their shareholders, and their only duty. The last entity I would ever assume is on my side is private enterprise.
Virtually all of the things you mentioned require Apple to back off, a lot, on their traditional model of tight control and exclusivity. This will be something their culture will have an extraordinary struggle with. A car that only works with iPhones? The manufacturer would have to be suicidal and definitely American. No other country with an auto manufacturer even has close to the market share to justify that. NAS hardware, general security controls, iot infrastructure - none of these areas offer an opportunity for the a tightly controlled "experience" they're accustomed to selling. Virtualization would be a massive undertaking and probably a wasted effort. Many companies have decades of experience over them and open source is rapidly becoming the most robust of all.
They could certainly use integrated group policy controls in osx though with admx extensions into AD or, even better, samba. That's a good idea. Some groupware mail options would be great as well. The first company to better automate phone deployment and security controls like the days of BlackBerry should do very well as well. It's really a complete mystery that no developer seems interested in the enterprise these days. They all seem willing to just repackage consumer grade ideas - even the guys selling the stuff that no one is buying.
Apple's entire selling point is that it's fashionable. Poor people can't afford them, and there's a vestigial status attached to them once appropriately awarded for being a better device. The problem is, the iPhone is neither better, nor cool anymore. They did extraordinarily well being "the" phone for almost a decade. Nightclubs are lucky to get 5 years. They even recycled old Samsung ideas like the large screen, much to the desperately-ignored hypocrisy of their rabid fans that spent years decrying "I don't need a big phone, I can use mine with one hand!". It was truly masterful, but all fashion trends come to an end. Apple does not know how to compete without the "cool" advantage, and they no longer have a visionary, with the will to match, at the helm. So expect this to be the beginning of a trend downwards.
If you're really concerned about your safety all you need to know is that any data encrypted with a weak password or pincode... isn't very secure. I promise you, this "hack" wasnt extraordinary. It was likely just a leak of Apple's encryption algorithms, which is a problem for them, but not really for you. Unless of course you're an Apple customer that enjoys a false sense of security. But I hardly think it's the government's responsibility to maintain the delusions of citizens.
Why? It's not hard. What I can't believe is that anyone thinks Apple can successfully secure a device with a 4 digit pin. You can only obfuscate your encryption methods so much before you sacrifice too much performance, and even then all your work can be undone with a leak or even just a dedicated team of reverse engineers. There's a few things that are astonishing in this case:
1) The sheer amount of misinformation swirling around the media
2) The amount of people weighing in with opinions with no verification of the facts
3) That the FBI paid 1 million dollars for a "hack"
What's not hard to believe, at all, is that the FBI was able to find a way to decrypt data secured with a 4 digit pin or weak password.
It's rather convenient they were in a controversy over phone security this year wasn't it? It certainly gives them a new selling point for declining sales. Be ready for obnoxious ads in September about how the new iPhone 7 is unbreakable (which it won't be). As soon as I read the actual court order involved in that San Bernandino case, juxtaposed with the hyperbole in the media, I knew this was just another marketing campaign from a company that knows no shame. Now we have the confirmed motive.
An emotional response that doesn't address what I was actually saying but rather uses hyperbole to reinforce an already established world view? Oh, your name is dave420, makes sense. I remember the days when adults used to visit this site, what happened?
If you have some better solution please present it, the world will thank you.
The world doesn't need to look to me for better solutions, it just needs to be less lazy. Freakonomic's entire thesis is based on the idea of incentives working better than prohibition. You want to make driving safer? Incentivize. My 2016 Ford Escape reads my text messages to me, at least 8 years too late. Tax breaks for this type of safety could have been brought in sooner. Spend your money and time educating people, or punishing people that actually offend instead of shotgun blasting the entire population with a ridiculous nanny-state law. Do you want to know what this law does? It subconsciously makes people distrust authority, and you're not helping. You want to demonize people that look at their phones while driving because you have a reason to have an emotional reaction to this problem. This is akin to a teenage girl being told she can't have boys over because "I said so". Your reasons are terrible and your methods are despotic, which people will naturally resist. The simple fact is that 99.9999% of time you check your phone you're not going to cause an accident. The problem is negligent drivers - the phone is simply their tool to be negligent. Address an increase in negligent driving due to cellphones with a series of incentives, PSA campaigns, and punishment for the severe cases. Don't shotgun blast the symptoms of a problem with lazy regulations. And then, with astonishing hypocrisy, continue to defend those regulations when they're proven not only ineffective, but more dangerous to the actual problem.
The real hero is actually international consumers. The large US tech companies seem to have been willingly complicit in these surveillance operations. They only started backpedaling and offering encryption on all their services after the international community started looking outside the USA for infrastructure hosting. The American people, while i have nothing bad to say about them, would likely have just taken these revelations on the chin and done nothing (see the patriot act). So thank Snowden for the information, and the world for putting on the pressure. Thank free journalism and free market capitalism, these are the most important tools the world has.
I have never said I do it all the time, just that, like you, I have. I think most people have, and most people are probably able to deal with the distraction of texting responsibly. Distractions are not new, the form has just changed. When I was a teenager we didn't have phones, but I'd need more than two hands to count the number of friends who got in accidents over paying too much attention to the radio or checking their makeup. Remember when we had to use paper maps? That was always fun while driving. Is it worse now with phones? Maybe. The problem isn't the phones, it's the irresponsible drivers. And regardless of the problem, the fact remains that these laws simply make it worse not better; which was my entire point. Now that you've managed to have your little emotional outburst to my admission I have texted and drive before, perhaps you can argue on that point, or do you have nothing to offer other than anecdotes and hyperbole?
you can't wait a couple minutes until the next stoplight or pull over for a moment
I could, but I don't. I suspect in reality you've been guilty of this before as well (since nearly everyone has), I just have the courage to admit it. It's ok, anonymous coward, we understand. Everyone is still doing this. Everyone. Look at your own stats. Your stupid law has done nothing for this problem other than make it worse. Crotch watching is far more dangerous than using your phone freely. So the next time you get the urge to meet reality with an idiotic emotional response and pointless law, try critical thought... It might just work out better. And please, pass it along.
I wish they would pull over every motorcyclist that willingly rides in the blind spots of much larger vehicles for extended periods of time. Seriously, why do you guys do that?
Slashdot Mirror
Few? Literally every day I plug my phone in at my desk and plug the headphones in. If a call comes I can take it hands free while my phone charges. This happens nearly every day. I must be doing it wrong though.
Ok so usb-c is better, we hear you. But, guess what... nobody cares. You'll have to give us both for awhile and let the community make their own decision just like in nearly every other standards conversion to digital. Apple jamming it's ideas down people's throats doesn't surprise me, that's kinda what they do. But I expected more from Intel.
Smart people don't lose objectivity. The government is not a homogeneous entity that requires a single opinion. See my other other post in this thread.
I'll assume it's the user data encryption you have a problem with. Here's Apple's own law enforcement guidelines. Pay specific attention to section I where they talk about how they can easily provide user data (sms, photos, videos, et al.) to law enforcement on request and other unencrypted data for any phone running ios 7 or older. Nobody knows exactly what Apple is doing but it's clear from their own documentation that they were easily able to access user data from locked phones up until 2015. This means it was either unencrypted, or encrypted in a way that is compromised, which is effectively unencrypted.
So I'd encourage you to challenge your pre-formed opinions more and read on, you'll certainly learn more. Or remain gleefully ignorant if you wish. I find Apple customers are typically extraordinarily obtuse due to the price of their products causing a very high level of post purchase rationalisation.
Actually its probably as simple as, not reading the nand, but overwriting it, at least in the 5c implementation. The 5c does not have secure enclave which means the hardware encryption is done on the main soc, and the brute force security checks are likely part of iOS, instead of the secure enclave firmware. This means you could likely image the nand and solder in and out fresh copies to reset the failed attempts counter. This is a theory (not mine, but many others) and the logic is sound.
if you would like to learn anything else by acting knowledgeable and getting schooled I'll be here for a couple more hours.
I'll assume that's not a serious question. Be careful. When you lose objectivity, you become religious. I certainly wouldn't deny the government has done some shitty things and has ultimately become too inefficient and corrupt for its own good. But, at the end of the day, this is a large group of people, agencies, and bureaucracies all charged with working for the people. It's ridiculous to assume every one of them is out to get us, all the time.
So while we need change, what we certainly don't need is religious idealism. In short, I understand that you're angry, but you're not really helping, and no rational person is taking you seriously.
It's really humorous how anarchist the population on this website is becoming. An opportunity to blast the government never seems to be missed, even in an article where they're doing a good thing.
I've already wrecked you in another thread so there's little point going over it all again here. You simply don't understand what you're reading Rosyna. The hardware UID isn't as magical as you think it is. All it does is force you to run brute force attacks on the actual hardware, instead of outside it. The weak pin code becomes a major problem due to a 4 digit pin having a mere 10,000 combinations. This is precisely why the firmware on the chip tries to limit the attempts, and frequency of attempts, and precisely why the FBI wants custom firmware, or security exploits, to remove these limitations.
I didn't explicitly mention the unique UID because it's not particularly relevant. You don't need to know the UID. In fact, the firmware running on the device never knows the UID. If it did, you could just write custom firmware to extract it.
All the UID does is force you to run your brute force on that particular hardware (because you can never know it). Therefore if you use custom firmware to remove the artificial software security checks, you are only limited by the hardware encryption circuitry. I said this is somewhere around 80ms which means a 4 digit pin (10,000 combinations) takes 800 seconds or about 13 minutes to brute force on the actual iPhone hardware.
Now let's consider an alpha numeric password. We wont even worry about uppercase, lets just assume lowercase/numeric. 36^8 = 2.8211099x10^12 or 2,821,109,900,000 combinations. At 80ms per iteration you're looking at 3,761,479,876 seconds or roughly 7000 years (I could be wrong, I did these calculations quickly.. the point is.. its a long fucking time).
The only thing you need to know is approximately what the decrypted data should look like, which I'd imagine looks just like an Apple filesystem. I did read the papers. The only difference here is I actually understood them.
Well, in this sense "Android phone" is a misnomer. Unlike with iPhones there is no centralized, controlled way for Android phones to exist. But I'll address a few things you might be referring to.
AOSP (the Android base) uses the Linux kernel, which has a mature implementation of the standardized dm-crypt subsystem for encryption. AOSP implemented use of dm-crypt in 2010 with version 2.3. Apple wasn't encrypting user data until 2015 with iOS8. In fact, Apple had a well documented policy of co-operating with law enforcement requests (see: section I) until they developed new security measures in iOS8 in an attempt to absolve themselves of responsibility. A responsibility they willingly take on with the provisions in their EULA that explicitly state: they own iOS and you do not.
What you might be referring to is hardware encryption vs. software encryption. Since the AES cipher is a mathematical formula there is no inherent benefit of using it via a hardware circuit, or through software. The only benefit of hardware encryption is that it's immune to parallel brute force attacks, and it can artificially slow down the brute force attempt interval through it's circuitry. This is only a measurable benefit for systems secured with complex passwords, of which phones typically are are not. Because of this, Apple relies on firmware measures on it's chips to artificially increase brute force intervals with a failed attempt counter, and to activate a kill switch on too many attempts. Because this is a software measure it is subvert-able in the same ways all software measures (dm-crypt) are - simply by modifying the software. In an attempt to solve this, Apple has used a SecureBoot bootloader that will only accept software modifications signed with the Apple private key. This means that Apple has an exclusive back door into their own system, a problem you have correctly identified in your signature. A back door that Apple has, can be accessed by law enforcement through subpoena's, could be unknowingly leaked, or could be shared with other private enterprise. In security circles we call this "security through obscurity". It is a false sense of security, at best. Furthermore, Apple's implementation is proprietary. While dm-crypt is a mature industry-wide standard that has the potential for 8 billion code reviews, the Apple encryption implementation is known to only a handful of Apple engineers. This makes it inherently prone to security exploits, and also prone to those exploits remaining secret when discovered. This arguably makes the Apple's hardware encryption system altogether less secure. In fact, it is possible that a security exploit was used by the FBI to break into the San Bernandino phone, even if it was using a strong password.
Finally, what you might be referring to is the idiotic notion that all data *should* be encrypted. Encryption methods have been around for 60 years, and personal computers have been around for over 30. There's a reason most computer systems aren't encrypted by default and that's simply because in 99.9999% of cases it causes more problems than it solves. It is much more common to have hardware damage or failure that requires you to mount and rescue data externally, than to have a use case where your data is important enough to be encrypted. Because of this, encryption is always seen as optional element for data that a user can activate should they chose to. Android phones making encryption an option is a far more sound practice than turning it on by default.
So ultimately the iPhone encryption implementation is using closed standards, is less secure, and far less convenient. Please, please Google - please don't follow suit.
By people that don't know what they're talking about. The San Bernardino case has nothing to do with "restrict[ing] citizens' access to strong encryption". It's about establishing a precedent that law enforcement can tap into a software companies inherent backdoors. In this case, the Apple backdoor is their master signing key for software updates. It seems obvious from their resistance, and other evidence, that even their "secure enclave" is vulnerable to custom firmware images. If Apple wants to truly absolve all responsibility they simply have to let users install ios firmware built with their own private signing key. Of course, this makes even the newest ios build jail-breakable, which prevents Apple from locking you into whatever "experience" they're currently trying to define. Something seemingly more important to them than the security of your data.
As someone already pointed out, I'm well aware of Apple's encryption methods. The fact remains, the weak pincode is their Achilles heel. The leading theory how the encryption was brute forced is a simple nand chip swap since the failed attempt increment is stored on the flash storage. A dedicated engineer with a fancy setup could swap nand chips and brute force at a rate that should discover a 4 digit pin in a few days. 6 digit in maybe a couple months. 8 digit alpha numeric, not in his life time.
Apple's new hardware encryption method is separated from the running processor in a system called "Secure Enclave". Secure Enclave suffers the same problems with weak pins. The biggest threat with secure enclave would be a custom firmware or manipulation of the RAM to remove the failed attempt security checks. This is precisely why Apple is so worried about a precedent that allows law enforcement to demand custom firmware, even in a secure Cupertino lab. It completely reverts their new security methods. Custom firmware could drop the failed attempt interval to whatever the SE hardware limit is, which I believe is somewhere around 80ms. This would mean a 4 digit pin is discoverable in about 30 minutes, 6 digit a day or two, 8 digit alpha numeric probably close to a decade.
Another theory is the ability to use electron microscopes to read the 256-aes key directly from the chip. Again, the weak password becomes your problem when this key is known.
The SIF will be loaded on the SUBJECT DEVICE at either a government facility, or alternatively, at an Apple facility; if the latter, Apple shall provide the government with remote access to the SUBJECT
The actual court order makes several attempts to insist the process only affects this one device, even explicitly suggesting Apple build a sanitized lab and give the FBI remote access, with monetary compensation.
So undoubtedly it's you that has bought the narrative. It's you, and many others that have believed the hyperbole and misinformation without verifying the facts. Apple is playing a political game here. A game intended to sell more phones, as is their duty to their shareholders, and their only duty. The last entity I would ever assume is on my side is private enterprise.
Virtually all of the things you mentioned require Apple to back off, a lot, on their traditional model of tight control and exclusivity. This will be something their culture will have an extraordinary struggle with. A car that only works with iPhones? The manufacturer would have to be suicidal and definitely American. No other country with an auto manufacturer even has close to the market share to justify that. NAS hardware, general security controls, iot infrastructure - none of these areas offer an opportunity for the a tightly controlled "experience" they're accustomed to selling. Virtualization would be a massive undertaking and probably a wasted effort. Many companies have decades of experience over them and open source is rapidly becoming the most robust of all.
They could certainly use integrated group policy controls in osx though with admx extensions into AD or, even better, samba. That's a good idea. Some groupware mail options would be great as well. The first company to better automate phone deployment and security controls like the days of BlackBerry should do very well as well. It's really a complete mystery that no developer seems interested in the enterprise these days. They all seem willing to just repackage consumer grade ideas - even the guys selling the stuff that no one is buying.
Apple's entire selling point is that it's fashionable. Poor people can't afford them, and there's a vestigial status attached to them once appropriately awarded for being a better device. The problem is, the iPhone is neither better, nor cool anymore. They did extraordinarily well being "the" phone for almost a decade. Nightclubs are lucky to get 5 years. They even recycled old Samsung ideas like the large screen, much to the desperately-ignored hypocrisy of their rabid fans that spent years decrying "I don't need a big phone, I can use mine with one hand!". It was truly masterful, but all fashion trends come to an end. Apple does not know how to compete without the "cool" advantage, and they no longer have a visionary, with the will to match, at the helm. So expect this to be the beginning of a trend downwards.
We monitor Pastebin and other sites regularly.
Really?
Oh ya, we have a whole fleet of guys just sitting there hitting F5 all day and night.
This lady must think were pretty stupid.
If you're really concerned about your safety all you need to know is that any data encrypted with a weak password or pincode... isn't very secure. I promise you, this "hack" wasnt extraordinary. It was likely just a leak of Apple's encryption algorithms, which is a problem for them, but not really for you. Unless of course you're an Apple customer that enjoys a false sense of security. But I hardly think it's the government's responsibility to maintain the delusions of citizens.
Why? It's not hard. What I can't believe is that anyone thinks Apple can successfully secure a device with a 4 digit pin. You can only obfuscate your encryption methods so much before you sacrifice too much performance, and even then all your work can be undone with a leak or even just a dedicated team of reverse engineers. There's a few things that are astonishing in this case:
1) The sheer amount of misinformation swirling around the media
2) The amount of people weighing in with opinions with no verification of the facts
3) That the FBI paid 1 million dollars for a "hack"
What's not hard to believe, at all, is that the FBI was able to find a way to decrypt data secured with a 4 digit pin or weak password.
It's rather convenient they were in a controversy over phone security this year wasn't it? It certainly gives them a new selling point for declining sales. Be ready for obnoxious ads in September about how the new iPhone 7 is unbreakable (which it won't be). As soon as I read the actual court order involved in that San Bernandino case, juxtaposed with the hyperbole in the media, I knew this was just another marketing campaign from a company that knows no shame. Now we have the confirmed motive.
An emotional response that doesn't address what I was actually saying but rather uses hyperbole to reinforce an already established world view? Oh, your name is dave420, makes sense. I remember the days when adults used to visit this site, what happened?
If you have some better solution please present it, the world will thank you.
The world doesn't need to look to me for better solutions, it just needs to be less lazy. Freakonomic's entire thesis is based on the idea of incentives working better than prohibition. You want to make driving safer? Incentivize. My 2016 Ford Escape reads my text messages to me, at least 8 years too late. Tax breaks for this type of safety could have been brought in sooner. Spend your money and time educating people, or punishing people that actually offend instead of shotgun blasting the entire population with a ridiculous nanny-state law. Do you want to know what this law does? It subconsciously makes people distrust authority, and you're not helping. You want to demonize people that look at their phones while driving because you have a reason to have an emotional reaction to this problem. This is akin to a teenage girl being told she can't have boys over because "I said so". Your reasons are terrible and your methods are despotic, which people will naturally resist. The simple fact is that 99.9999% of time you check your phone you're not going to cause an accident. The problem is negligent drivers - the phone is simply their tool to be negligent. Address an increase in negligent driving due to cellphones with a series of incentives, PSA campaigns, and punishment for the severe cases. Don't shotgun blast the symptoms of a problem with lazy regulations. And then, with astonishing hypocrisy, continue to defend those regulations when they're proven not only ineffective, but more dangerous to the actual problem.
The real hero is actually international consumers. The large US tech companies seem to have been willingly complicit in these surveillance operations. They only started backpedaling and offering encryption on all their services after the international community started looking outside the USA for infrastructure hosting. The American people, while i have nothing bad to say about them, would likely have just taken these revelations on the chin and done nothing (see the patriot act). So thank Snowden for the information, and the world for putting on the pressure. Thank free journalism and free market capitalism, these are the most important tools the world has.
I have never said I do it all the time, just that, like you, I have. I think most people have, and most people are probably able to deal with the distraction of texting responsibly. Distractions are not new, the form has just changed. When I was a teenager we didn't have phones, but I'd need more than two hands to count the number of friends who got in accidents over paying too much attention to the radio or checking their makeup. Remember when we had to use paper maps? That was always fun while driving. Is it worse now with phones? Maybe. The problem isn't the phones, it's the irresponsible drivers. And regardless of the problem, the fact remains that these laws simply make it worse not better; which was my entire point. Now that you've managed to have your little emotional outburst to my admission I have texted and drive before, perhaps you can argue on that point, or do you have nothing to offer other than anecdotes and hyperbole?
you can't wait a couple minutes until the next stoplight or pull over for a moment
I could, but I don't. I suspect in reality you've been guilty of this before as well (since nearly everyone has), I just have the courage to admit it. It's ok, anonymous coward, we understand. Everyone is still doing this. Everyone. Look at your own stats. Your stupid law has done nothing for this problem other than make it worse. Crotch watching is far more dangerous than using your phone freely. So the next time you get the urge to meet reality with an idiotic emotional response and pointless law, try critical thought... It might just work out better. And please, pass it along.
I wish they would pull over every motorcyclist that willingly rides in the blind spots of much larger vehicles for extended periods of time. Seriously, why do you guys do that?