The FBI already put up a request for additional 11 iphones... Anyway Bill Gates discussion is just FUD because his point is misleading, so 1. he does not understand the case or 2. he has a vested interest in killing privacy
Does Bill Gates understand the case (and encryption technology) or not? This is not about Apple having the data and refusing to give it to FBI. Apple has no data and no key. It's about Apple refusing to create a software facilitating guessing weak passwords that can the be used on old iPhones.
It really depends which was the question by NBC, because most of media outlet reported a lot of wrong. This is not about Apple refusing to open something it could. Apple can't open it. It's about Apple refusing to create a software facilitating guessing weak passwords that can be used on most old iPhones.
I guess the 52% for FBI was just answering a question like "Apple can open the phone and it's refusing to do it protecting the terrorist, are you with FBI or Apple?"
And CSO (where the article is hosted) is interested in spreading FUD about iOS "risks", they live on "analyzing" security threats and they have to identify risks even where there's no risk
The linked article is just FUD. It basically says that using JSPatch the App can circumvent the app sandbox, and without any technical exlication. Just Fud
Managers typically do not understand how software works and are not able to check what have been put into it. We may build a secret Software Engineer Bilderberg Group and rule the world!
What about compromised CPUs? If you are the NSA I think it's easier to build a backdoor into the CPU than try to keep up with ever changing software builds. Isn't it? CPUs are totally controlled by three or four U.S. companies, are closed source nobody has ever seen into it...
And given the way things works in this world some bad guys in the government will begin to sell keys in the black market to some rogue state or organization with deep pockets... You may force a backdoor but you will never be sure being the only one using it:-)
But let's be serious, how can smart people think that any serious terrorist would use gmail or facebook to discuss an attack? If Cameron/Obama "security plan" is to control cloud services then one of the two, they are very naive or they have an hidden agenda that has nothing to do with controlling terrorism...
The problem is that you can't give the capability to decrypt by law... it's open source software, so no backdoors, and if you don't have the key you can't decipher. Unless they ban linux, force everybody to use a backdoored OS and they make open source illegal. Much simpler just backdoor the HW, the processor. There's no opensource processor out there
And I was not talking about server SSL certs, but CA certs, certainly a dev that took the approach to verify a single specific certificate are not understanding very well PKI as well as you don't understand SSL architecture
In other words, just to let you understand, you don't need to have a top CA installed on your phone to be interceped through MITM, and apparently this also happens with your whole government department...
Thanks for the nice words... This (having a rogue top CA ruining the entire SSL system) is a known vulnerability in the SSL architecture and it has already been used to infiltrate MS Windows updates. For this reason if you want real security you dont' use the current SSL CA structure. People don't talk too much about it for various reasons, banks don't want to create panic, government wants easy wiretap, etc.
If you are happy with current top CA lists that comes with the standard browsers you really are giving your security keys to people you don't know and that are not "certified" at all. Good luck!
That's a demonstration of how big data analysis may be worthless and misleading. Nowadays we don't talk about neural networks anymore but they mainly produced these kind of idiot results
So you can basically "mathematically" obfuscate a function that is a"pure" function not implementable in a imperative programming and that it has no IO = you can obfuscate something that has no use and probably nobody knows well what it is doing:-)
Software must be audited to be sure there's no backdoor... Only open source is secure (including open source silicon)
If I were NSA I had built a backdoor in hardware, much more effective and software independent
I guess it can be described differently. As computers are deterministic, true AI is when a computer behaves in a not deterministic manner. Actually no computer has intelligence because given the same input, they give the same results.
Slashdot Mirror
The FBI already put up a request for additional 11 iphones... Anyway Bill Gates discussion is just FUD because his point is misleading, so 1. he does not understand the case or 2. he has a vested interest in killing privacy
Does Bill Gates understand the case (and encryption technology) or not? This is not about Apple having the data and refusing to give it to FBI. Apple has no data and no key. It's about Apple refusing to create a software facilitating guessing weak passwords that can the be used on old iPhones.
It really depends which was the question by NBC, because most of media outlet reported a lot of wrong. This is not about Apple refusing to open something it could. Apple can't open it. It's about Apple refusing to create a software facilitating guessing weak passwords that can be used on most old iPhones. I guess the 52% for FBI was just answering a question like "Apple can open the phone and it's refusing to do it protecting the terrorist, are you with FBI or Apple?"
And CSO (where the article is hosted) is interested in spreading FUD about iOS "risks", they live on "analyzing" security threats and they have to identify risks even where there's no risk
The linked article is just FUD. It basically says that using JSPatch the App can circumvent the app sandbox, and without any technical exlication. Just Fud
If you don't trust your cloud provider then, no matter how many expert they have your data is not secure
Managers typically do not understand how software works and are not able to check what have been put into it. We may build a secret Software Engineer Bilderberg Group and rule the world!
What about compromised CPUs? If you are the NSA I think it's easier to build a backdoor into the CPU than try to keep up with ever changing software builds. Isn't it? CPUs are totally controlled by three or four U.S. companies, are closed source nobody has ever seen into it...
Yes there's no debt... and give me back my cash! It's my right! Revolution! ROFL
For the sake of democracy it would be quite interesting doing a referendum in Germany asking "Do you want to bail-out Greece at their terms"?
And given the way things works in this world some bad guys in the government will begin to sell keys in the black market to some rogue state or organization with deep pockets... You may force a backdoor but you will never be sure being the only one using it :-)
But let's be serious, how can smart people think that any serious terrorist would use gmail or facebook to discuss an attack? If Cameron/Obama "security plan" is to control cloud services then one of the two, they are very naive or they have an hidden agenda that has nothing to do with controlling terrorism...
The problem is that you can't give the capability to decrypt by law... it's open source software, so no backdoors, and if you don't have the key you can't decipher. Unless they ban linux, force everybody to use a backdoored OS and they make open source illegal. Much simpler just backdoor the HW, the processor. There's no opensource processor out there
Has someone explained to Cameron what encryption is and why can't be blocked? I mean it can be blocked, it's just block everything...
Be smart, just use a CA cert you trust, not the ones some else do, like the list provided by the browser or the OS
And I was not talking about server SSL certs, but CA certs, certainly a dev that took the approach to verify a single specific certificate are not understanding very well PKI as well as you don't understand SSL architecture
In other words, just to let you understand, you don't need to have a top CA installed on your phone to be interceped through MITM, and apparently this also happens with your whole government department...
Thanks for the nice words... This (having a rogue top CA ruining the entire SSL system) is a known vulnerability in the SSL architecture and it has already been used to infiltrate MS Windows updates. For this reason if you want real security you dont' use the current SSL CA structure. People don't talk too much about it for various reasons, banks don't want to create panic, government wants easy wiretap, etc. If you are happy with current top CA lists that comes with the standard browsers you really are giving your security keys to people you don't know and that are not "certified" at all. Good luck!
But a smart SSL application would check the cloud server against a specific SSL certificate authority (MS CA?) to protect against MITM
That's a demonstration of how big data analysis may be worthless and misleading. Nowadays we don't talk about neural networks anymore but they mainly produced these kind of idiot results
So you can basically "mathematically" obfuscate a function that is a"pure" function not implementable in a imperative programming and that it has no IO = you can obfuscate something that has no use and probably nobody knows well what it is doing :-)
It will take a long time to see that second!
When you'll be 40+ you'll understand why it was better not doing that and using contacts :-)
Software must be audited to be sure there's no backdoor... Only open source is secure (including open source silicon) If I were NSA I had built a backdoor in hardware, much more effective and software independent
I guess it can be described differently. As computers are deterministic, true AI is when a computer behaves in a not deterministic manner. Actually no computer has intelligence because given the same input, they give the same results.