The one-time-pad is too costly and too unwieldy. It maybe used for a very small set of ultra-top-whatever messages, but that is it. It is also not proof to attack, as you must under all circumstances keep the pad secret. It is also not necessary. There is absolutely no indicator anybody can break even AES-128 if used right.
I should also note that "Bruce Perens" is apparently utterly clueless about crypto. The absolutely last thing you want to do with an one-time-pad is to put it into a machine that is connected to the network, like in an app.
Nonsense. Modern crypto is only breakable cheaply if the implementation is seriously broken. The terrorists were known and under surveillance, but 24/7 surveillance was apparently too costly. So breaking any reasonably implemented modern crypto would have been the same.
It was. The flight-school was alarmed. The FBI ignored them. Just as the French police ignored the Bavarian police telling them they just had arrested a person with a shipment of automatic weapons in his car and a destination on a Paris parking-lot on his navigation system a week or so before the attacks, apparently with ample time to make the meeting and arrest the people the weapons were going to.
I know to never suspect intent when stupidity is enough to explain a screw-up, but can police-persons really be this utterly demented? The bad thing is that we are in really deep trouble in either case.
That is why they had to let the terrorists try two times to get the weapons into France. The first shipment was intercepted in Bavaria and the attack nearly failed. Fortunately some quick thinkers at the French police stonewalled the Bavarian police who even knew that the shipment of automatic weapons was going to a parking-lot in Paris (from the car's navigation system). The next shipment made it trough and the Bavarian police found out what the first shipment was intended for from the news. They have since complained a few times publicly about being stonewalled by the French, but nobody pays attention to them.
I usually do not go for conspiracy theories, but the second Paris attack had a lot of indicators of having been supported by the French government. And the way they now keep their state of emergency up, it is pretty clear why they would have wanted it. The only other option I see is incompetence so extreme that they would not be able to stop a terrorist attack if the terrorists informed the police a week in advance, because that is about what happened.
No. There is a crypto key stored in a secure microcontroller. Unless they get the key out of that chip, they have nothing. At this time, it depends very much on implementation details whether Apple can even write that mystical software to allow unlimited tries.
And anybody that knows their stuff just uses a secure passphrase with > 100 bits of entropy and Argon2 and nobody besides them will ever be able to unlock that. Apple only needs the hardware to make it very convenient to get secure crypto. It is entirely possible to do this securely in software only, just requires a user that is willing to remember more than 6 characters and letters.
Would take longer that the remaining lifetime of the universe or alternately more energy and matter than is available if the universe goes for heat-death.
That is not the problem. The problem is getting the encryption key out of the secure microcontroller storing it. Seriously, your amateur-level approach is among the very first things the experts will check for feasibility... and will find that it does not work here as.
This only hit you with bleeding-edge kernels. Distro-kernels were fine, I think. Still shows that SSD is not a completely mature technology at this time.
Indeed. And they did actually fix the problems, at least for my 750GB Evo. It was a bit of a pain though, so now I am only buying the Pro models. Zero problems with them so far, quite unlike some other manufacturers I could name. I even have several completely dead SSDs.
Indeed. Our production servers run things that _work_, not things that are _new_. (Some of them may also be new, but if needed we will compile from sources and that is that.)
My sysadmin happens to be my CEO as well. So no. Incidentally, "modern" is a straw-man here, i.e. you are being dishonest and manipulative. (Nice try, amateur...)
And in case you really did not know: You can compile all Linux software yourself! Distros are a _convenience_ feature, they are not strictly _necessary_ (except for the incompetent).
I very much agree on all your points. In particular, someone with physical access can already kill it in many ways, so this additional one does not matter much.
The one-time-pad is too costly and too unwieldy. It maybe used for a very small set of ultra-top-whatever messages, but that is it. It is also not proof to attack, as you must under all circumstances keep the pad secret. It is also not necessary. There is absolutely no indicator anybody can break even AES-128 if used right.
I should also note that "Bruce Perens" is apparently utterly clueless about crypto. The absolutely last thing you want to do with an one-time-pad is to put it into a machine that is connected to the network, like in an app.
Nonsense. Modern crypto is only breakable cheaply if the implementation is seriously broken. The terrorists were known and under surveillance, but 24/7 surveillance was apparently too costly. So breaking any reasonably implemented modern crypto would have been the same.
You are talking out of your backside. Seriously.
Most propaganda and marketing experts these days are. Goebbels was an all-time master at this game and his texts are still in regular use in teaching.
For people stupid enough, you are entirely correct. The human race has a lot of those.
It was. The flight-school was alarmed. The FBI ignored them. Just as the French police ignored the Bavarian police telling them they just had arrested a person with a shipment of automatic weapons in his car and a destination on a Paris parking-lot on his navigation system a week or so before the attacks, apparently with ample time to make the meeting and arrest the people the weapons were going to.
I know to never suspect intent when stupidity is enough to explain a screw-up, but can police-persons really be this utterly demented? The bad thing is that we are in really deep trouble in either case.
A .125 batter can't keep blaming the bat forever.
If he is government-funded and sponsored? Sure he can!
That is why they had to let the terrorists try two times to get the weapons into France. The first shipment was intercepted in Bavaria and the attack nearly failed. Fortunately some quick thinkers at the French police stonewalled the Bavarian police who even knew that the shipment of automatic weapons was going to a parking-lot in Paris (from the car's navigation system). The next shipment made it trough and the Bavarian police found out what the first shipment was intended for from the news. They have since complained a few times publicly about being stonewalled by the French, but nobody pays attention to them.
I usually do not go for conspiracy theories, but the second Paris attack had a lot of indicators of having been supported by the French government. And the way they now keep their state of emergency up, it is pretty clear why they would have wanted it. The only other option I see is incompetence so extreme that they would not be able to stop a terrorist attack if the terrorists informed the police a week in advance, because that is about what happened.
Yea, the classical "Brutus force" attack.
Oh, simple: He cannot do it. He will not get a chance to try either and he does know that as well.
No. There is a crypto key stored in a secure microcontroller. Unless they get the key out of that chip, they have nothing. At this time, it depends very much on implementation details whether Apple can even write that mystical software to allow unlimited tries.
And anybody that knows their stuff just uses a secure passphrase with > 100 bits of entropy and Argon2 and nobody besides them will ever be able to unlock that. Apple only needs the hardware to make it very convenient to get secure crypto. It is entirely possible to do this securely in software only, just requires a user that is willing to remember more than 6 characters and letters.
And how would you do that for the secure key storage hardware that does not offer that functionality?
Would take longer that the remaining lifetime of the universe or alternately more energy and matter than is available if the universe goes for heat-death.
That is not the problem. The problem is getting the encryption key out of the secure microcontroller storing it. Seriously, your amateur-level approach is among the very first things the experts will check for feasibility... and will find that it does not work here as.
He will send hookers to the agents responsible on the FBI-side to distract them, then he will vanish with the phone....
They cannot clone that encryption key.
The limiter is on-die interconnect. You may get individual transistors 100x faster, gates 30x faster and CPUs 1.1x faster (if that). Sorry.
I very much agree on the backups. Sure, catastrophic failures are rarer today, but they happen and only backup protects you.
This only hit you with bleeding-edge kernels. Distro-kernels were fine, I think. Still shows that SSD is not a completely mature technology at this time.
Indeed. And they did actually fix the problems, at least for my 750GB Evo. It was a bit of a pain though, so now I am only buying the Pro models. Zero problems with them so far, quite unlike some other manufacturers I could name. I even have several completely dead SSDs.
Indeed. Our production servers run things that _work_, not things that are _new_. (Some of them may also be new, but if needed we will compile from sources and that is that.)
My sysadmin happens to be my CEO as well. So no. Incidentally, "modern" is a straw-man here, i.e. you are being dishonest and manipulative. (Nice try, amateur...)
And in case you really did not know: You can compile all Linux software yourself! Distros are a _convenience_ feature, they are not strictly _necessary_ (except for the incompetent).
Security involves trade-offs. This is one of them. There is really no good way to make something both fool-proof and attacker-proof at the same time.
I very much agree on all your points. In particular, someone with physical access can already kill it in many ways, so this additional one does not matter much.
Good idea.