Jump to content

Technology catch-all thread

iamshack

By iamshack
in SLaM

 Share

Recommended Posts

  • Replies 9.9k
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Popular Posts

RockRaines
RockRaines

Comcast modems dont really care about the wireless router, though I'd suggest replacing the modem as well.  My speed is so much better without their crap in the way.  I believe I linked my setup on th

Panerista
Panerista

On Windows it sounds like iTunes is staying.  On Mac, the app is splitting into three (podcasts, music, TV).  Based on what I'm reading, the store will still exist for music and video and will be acce

Big Hurtin
Big Hurtin

https://www.forbes.com/sites/daveywinder/2021/09/04/this-best-selling-router-includes-an-alarming-security-surprise/?sh=51d40a146ce3 They (TP-link) are also known to steal intellectual property.

Posted Images

Y2HH Grand Master

Y2HH

Posted
Posted (edited)

This, in a nutshell (from a staff attorney of the ACLU) is why this is dangerous for the future...and it has a lot to do with today it's just a phone...tomorrow it's your refrigerator, your media hub, your television, etc...all possible (and probable) surveillance devices.

 

It may be 2016, but welcome to 1984.

 

Edited by Y2HH
Link to comment
Share on other sites
iamshack Grand Master

iamshack

Posted
  • Author
Posted
QUOTE (Y2HH @ Feb 19, 2016 -> 05:02 PM)
Meh, this is a touchy subject to me...it's infuriating how the Government leverages incidents and/or uses fear tactics and misinformation in order to pass laws like the Patriot act, and now this...I'm pretty over the top passionate about it.

 

Bmags is a good guy, so I had to tweak my post down, because he commands a certain amount of respect around here, and deservedly so.

 

Instead of getting angry, I need to try to show people why this isn't the same as in the past...so I'm collecting information and posting it here, instead.

Everyone needs a little humility now and again. It was a good time for you to provide that.

Link to comment
Share on other sites
Y2HH Grand Master

Y2HH

Posted
Posted
QUOTE (iamshack @ Feb 20, 2016 -> 11:32 AM)
Everyone needs a little humility now and again. It was a good time for you to provide that.

 

The problem, in this instance, is the government is playing fast and loose with the terms of what it's requesting. That way, technically speaking, what they want isn't a "backdoor", but it is a method to skirt security protocols which would enable them access to kick the front door in via an unlimited number of attempts. Such a method doesn't exist, as safeguards are built in to prevent exactly that behavior. Worse than that, is in addition to requesting the ability to kick at the front door until it fails, they want to automate the process, so a computer could, via physical access, over wifi or over Bluetooth, automate the pin process (i.e., kick the door until they guess right and it opens), which is a brute force.

 

Any security system that allows unlimited brute force attempts is NOT secure. Apple was just all over the news of overlooking this very measure with iCloud leading the the nude picture hack. By allowing unlimited password attempts against iCloud, hackers were able to brute force their way into celebrity accounts and leak information online. Apple was roasted over the coals for this...and now the government wants them to basically create a method of doing exactly that to their OS.

 

The danger comes in, because if allowed, there are no laws that restrict when they can make such requests. Today it's cool because they're targeting terrorism, but what if they decide to start unlocking phones because they "think you're a drug dealer", or because of something they make illegal in the future that isn't illegal now...or perhaps because they think you're pirating music, and they should be allowed to unlock your device and check. That's the danger...

 

They've been waiting to make such a court ordered request for some time now...this case just happens to be the perfect storm for their argument...it's about terrorists...and they know they can leverage American fears over this specific subject and get the public on their side. And, as you can see...it's working.

Link to comment
Share on other sites
Y2HH Grand Master

Y2HH

Posted
Posted (edited)
QUOTE (Iwritecode @ Feb 22, 2016 -> 09:32 AM)
So I have a question. If some average Joe forgets his pin and tries multiple times to get into his phone and ends up locking himself out of it, how do they deal with that?

 

It depends, by default, the action allows you to try a certain amount of times (I believe 6?) before it locks the phone into a delay mode where you can only try guessing the PIN once per minute. This prevents brute forcing the phone open by continuously trying until you guess right. THEN, the next level of security would kick in after a series of more incorrect attempts, which is disable mode. After the phone is in disable mode, it requires you to plug it into iTunes to unlock OR restores it in DFU mode (restore mode), which basically formats the phone, which would clear the PIN, etc.

 

If the phone has "find my iPhone enabled" this requires an additional step, because if find my iPhone is on, the phone CANNOT be formatted regardless of DFU mode. This prevents thieves from restoring stolen iPhone's, which is why stealing a properly configured iPhone basically means you've stolen a brick. In such a case, the user can login to icloud.com and REMOVE the phone from their iCloud configuration, allowing them to fully wipe the phone via DFU.

 

There is, however, an even MORE secure option, which is disabled by default. This option allows just 10 attempts to unlock the PIN or the phone completely wipes itself.

 

And to answer your question, they don't deal with it. If you forget your pin, you have the option of wiping the phone via DFU, or remembering the PIN.

Edited by Y2HH
Link to comment
Share on other sites
Jenksismyhero Grand Master

Jenksismyhero

Posted
Posted (edited)
QUOTE (Y2HH @ Feb 19, 2016 -> 06:36 PM)
Yes, they're absolutely asking to make it easier, so again, I repeat -- you do not know what you're talking about.

 

You can't create software for "that specific phone", that cannot be altered to work on a host of others. If it's created it can be used and reused/tweaked/altered to work on ANY other iPhone. Would it be easy? Nope. Could it be done? Yes. And that's the problem. There is no "this specific device" when it comes to software, because it can be recoded, VERY easily. With a proper crack/tweak, you can install Windows on ANY PC...but how is this possible?! I KNOW that at some point in your life, you've installed Windows on a computer it wasn't made for...because when altered, it's THAT easy to do.

 

This precedent, which you claim exists (it doesn't), which is exactly why Google, Microsoft, Facebook, Twitter, the ACLU, Amnesty International, and a HOST of others stepped forward to publicly back Apple BECAUSE the precedent the government is trying to establish does not exist. ALLLLLLL those companies, and the legal experts working for those companies disagree with you, because if said precedent existed, you wouldn't be reading about it in the news.

 

This isn't the government asking Apple to open a door to which they have the keys to open.

 

This is the government asking Apple to take the locks on that iPhone, to which they DO NOT have the keys, and make them incredibly easy to pick by removing or circumventing the security measures in place that stop them from being picked in the first place. The problem is, Apple used that SAME lock mechanism on ALLLLLLL the doors on every iPhone with iOS 9 installed on it...which is hundreds of millions of them.

 

So stop talking about what you don't understand.

 

(1) I feel like telephone companies could have made these arguments (and probably did) decades ago, and yet wiretaps and surveillance via phone and phone records are absolutely key to our justice system. Same with ISP's and internet search histories and data. It all works without a big "OMG it's 1984!" reaction. Just because it's more difficult to do than plugging in a wire (or checking computer records), the concept and privacy concerns are the exact same.

 

(2) The hacker stuff is a non-issue to me. If Apple can't protect and/or destroy a single piece of software it's using in one single instance, then we should have zero faith that any of our data can ever be kept secret and private. That's all they have to do here - create that software, install it on this phone, and then immediately delete it. There is no fear from hackers if they do that. The only fear would be that an Apple techie could be bought out by a hacker to replicate the software program. Fine, but that fear still exists today before the new software can be written.

 

(3) The only argument I can get behind is that other governments, like China, would repeatedly ask for this to be done going forward. I still think that brings up the telephone company argument (the government will have 24/7 monitoring if we allow them to do it!) which is just a bad slippery slope argument. This is a very, very specific case. This phone involves a dead guy, a terrorist, on a company phone, and the company has given the OK to break into it. This isn't some politician in China that the communist government wants to investigate.

 

And guess what, if China wants to have Apple do that, they already can. They can tell Apple to do the same thing and Apple can decide whether or not to continue doing business there. Just like every other country. Just because they do it once doesn't mean the flood gates are suddenly open. Apple has basically acknowledged already that it CAN do this, but it just doesn't want to.

 

This, to me, has Silicon Valley hype written all over it.

Edited by Jenksismybitch
Link to comment
Share on other sites
Y2HH Grand Master

Y2HH

Posted
Posted
QUOTE (Jenksismyb**** @ Feb 22, 2016 -> 11:38 AM)
(1) I feel like telephone companies could have made these arguments (and probably did) decades ago, and yet wiretaps and surveillance via phone and phone records are absolutely key to our justice system. Same with ISP's and internet search histories and data. It all works without a big "OMG it's 1984!" reaction. Just because it's more difficult to do than plugging in a wire (or checking computer records), the concept and privacy concerns are the exact same.

 

Nope, the phone company does not have to modify anything in order to tap a line, that's how the technology was built from the ground up. There were also strict rules in place on taps, which do not exist in this case. You can't just tap a line and listen to every conversation, you can listen in for a few seconds, and unless the conversation pertains to the court order, you have to turn it back off. Keep in mind, they're leveraging the all writs act in order to compel Apple here, and that act specifically states it cannot place undue burden...having to recode an OS to function exactly how they do not want it function is pretty burdensome.

 

(2) The hacker stuff is a non-issue to me. If Apple can't protect and/or destroy a single piece of software it's using in one single instance, then we should have zero faith that any of our data can ever be kept secret and private. That's all they have to do here - create that software, install it on this phone, and then immediately delete it. There is no fear from hackers if they do that. The only fear would be that an Apple techie could be bought out by a hacker to replicate the software program. Fine, but that fear still exists today before the new software can be written.

 

It's not the governments place to tell Apple how it can code it's operating system. Period. Apple has these safeguards in place, because without them, the OS isn't secure. Once again, Apple isn't fighting the fact that something could be done, it's that that's NOT how they designed it work, AND once a company can be forced to do what the government wants in one instance, the government can continue to compel companies to do so in future cases...and to what end? Since there are no laws/limits on what they can tell a company to do, there are no limits to this power.

 

(3) The only argument I can get behind is that other governments, like China, would repeatedly ask for this to be done going forward. I still think that brings up the telephone company argument (the government will have 24/7 monitoring if we allow them to do it!) which is just a bad slippery slope argument. This is a very, very specific case. This phone involves a dead guy, a terrorist, on a company phone, and the company has given the OK to break into it. This isn't some politician in China that the communist government wants to investigate.

 

See response 2. It's not within the governments right or power to be able to tell a company how they can code software, or the security therein. The way the phone company works over copper wire is NOT the same way communication works over the internet. And for wiretaps, again, the government DOES NOT have the right to 24/7 monitor you even with a tap in place, which is part of the telecommunications act. The issue is, this act which was written for a different technology, and is now applied to Internet communications and computers (for which it was not written), therefore everything lands in a grey area where they're applying these same laws.

 

And guess what, if China wants to have Apple do that, they already can. They can tell Apple to do the same thing and Apple can decide whether or not to continue doing business there. Just like every other country. Just because they do it once doesn't mean the flood gates are suddenly open. Apple has basically acknowledged already that it CAN do this, but it just doesn't want to.

 

No, China cannot. Apple has the ability to simply say no to any demand China has. And that's what you seem to be missing. Apple is telling the US government, "we don't want to write our OS, or any version of our OS, to do what you're asking, it wasn't designed to work that way"...and the government is trying to force them to do so via an act written in 1789.

Link to comment
Share on other sites
Jenksismyhero Grand Master

Jenksismyhero

Posted
Posted (edited)
QUOTE (Y2HH @ Feb 22, 2016 -> 11:57 AM)
Nope, the phone company does not have to modify anything in order to tap a line, that's how the technology was built from the ground up. There were also strict rules in place on taps, which do not exist in this case. You can't just tap a line and listen to every conversation, you can listen in for a few seconds, and unless the conversation pertains to the court order, you have to turn it back off. Keep in mind, they're leveraging the all writs act in order to compel Apple here, and that act specifically states it cannot place undue burden...having to recode an OS to function exactly how they do not want it function is pretty burdensome.

 

Then Apple should have led with that argument. Instead they're going the privacy route, which means it's not a burden to them at all. And like I said, whether it's more difficult to do or not, the same concerns were made or could have been made with phone companies or ISP's, but it's not much of an issue now. The order was extremely limited and it was still provided by a judge. It's not like the FBI called up Apple and told them to do it. They went through the justice system.

 

 

 

It's not the governments place to tell Apple how it can code it's operating system. Period. Apple has these safeguards in place, because without them, the OS isn't secure. Once again, Apple isn't fighting the fact that something could be done, it's that that's NOT how they designed it work, AND once a company can be forced to do what the government wants in one instance, the government can continue to compel companies to do so in future cases...and to what end? Since there are no laws/limits on what they can tell a company to do, there are no limits to this power.

 

Yeah, again, slippery slope on a very specific, limited case is not a good argument.

 

 

See response 2. It's not within the governments right or power to be able to tell a company how they can code software, or the security therein. The way the phone company works over copper wire is NOT the same way communication works over the internet. And for wiretaps, again, the government DOES NOT have the right to 24/7 monitor you even with a tap in place, which is part of the telecommunications act. The issue is, this act which was written for a different technology, and is now applied to Internet communications and computers (for which it was not written), therefore everything lands in a grey area where they're applying these same laws.

 

You still have privacy rights. The government still has to obtain a warrant or something similar in order to access the data. I don't see how it's any different than the process of obtaining a wire tap. All you're doing is asking Apple to create a key versus just opening the door they already have a key for. In the end it's still the same - hey company X, help me look into Y.

 

No, China cannot. Apple has the ability to simply say no to any demand China has. And that's what you seem to be missing. Apple is telling the US government, "we don't want to write our OS, or any version of our OS, to do what you're asking, it wasn't designed to work that way"...and the government is trying to force them to do so via an act written in 1789.

 

Sure they could, they can pass a law tomorrow. They can threaten to ban Apple from the country. Apple still has to abide by Chinese law, so if the Chinese really wanted to do this, they could.

Edited by Jenksismybitch
Link to comment
Share on other sites
Jenksismyhero Grand Master

Jenksismyhero

Posted
Posted
QUOTE (RockRaines @ Feb 22, 2016 -> 12:05 PM)
Nobody should be in favor of the government forcing a company to make your personal data more easily accessible to the wrong people.

 

It's not "everyone." It's a dead terrorist operating within the US. The subject phone being his employer phone. He had no privacy expectations on it anyway.

 

 

Link to comment
Share on other sites
RockRaines Grand Master

RockRaines

Posted
Posted
QUOTE (Jenksismyb**** @ Feb 22, 2016 -> 12:09 PM)
It's not "everyone." It's a dead terrorist operating within the US. The subject phone being his employer phone. He had no privacy expectations on it anyway.

Thats not really what the government is asking Apple to do. I could easily get into that individual's phone, but they want access to all phones through the OS.

Link to comment
Share on other sites
Y2HH Grand Master

Y2HH

Posted
Posted
QUOTE (Jenksismyb**** @ Feb 22, 2016 -> 12:09 PM)
It's not "everyone." It's a dead terrorist operating within the US. The subject phone being his employer phone. He had no privacy expectations on it anyway.

 

No, today it's a dead terrorist.

 

Tomorrow it's you, because you MIGHT have pirated music on your phone.

 

The next day, it's your buddy, because he got pulled over for speeding and he MIGHT be a drug dealer.

 

It's a slippery slope specifically BECAUSE there are no laws limiting when, how and why they can use the courts for this. You may be ok with that, because 'OMG TERRORISTS', but I'm not.

Link to comment
Share on other sites
Y2HH Grand Master

Y2HH

Posted
Posted
QUOTE (Jenksismyb**** @ Feb 22, 2016 -> 12:07 PM)
Then Apple should have led with that argument. Instead they're going the privacy route, which means it's not a burden to them at all. And like I said, whether it's more difficult to do or not, the same concerns were made or could have been made with phone companies or ISP's, but it's not much of an issue now. The order was extremely limited and it was still provided by a judge. It's not like the FBI called up Apple and told them to do it. They went through the justice system.

 

 

 

 

 

Yeah, again, slippery slope on a very specific, limited case is not a good argument.

 

 

 

 

You still have privacy rights. The government still has to obtain a warrant or something similar in order to access the data. I don't see how it's any different than the process of obtaining a wire tap. All you're doing is asking Apple to create a key versus just opening the door they already have a key for. In the end it's still the same - hey company X, help me look into Y.

 

 

 

Sure they could, they can pass a law tomorrow. They can threaten to ban Apple from the country. Apple still has to abide by Chinese law, so if the Chinese really wanted to do this, they could.

 

That doesn't force apple to recode it's operating system. That's a choice. That's the difference. The US Government is trying to strip Apple of that choice...because that's very American.

 

The rest of what you said I already addressed.

 

Now, stop comparing this to a technology from the 1800's in wired communications.

 

It's different because the underlying technology is entirely different. It's a horse and buggy analogy vs a stealth fighter. Not the same.

Link to comment
Share on other sites
Jenksismyhero Grand Master

Jenksismyhero

Posted
Posted
QUOTE (RockRaines @ Feb 22, 2016 -> 12:11 PM)
Thats not really what the government is asking Apple to do. I could easily get into that individual's phone, but they want access to all phones through the OS.

 

No they don't. And they don't have authority to do that. Did you read the order they obtained?

 

They have authority to obtain the information from this one specific phone. They want Apple to remove the feature in the OS that auto-deletes all data once the password attempt limit is reached. They're not asking Apple to do it. They're telling Apple, we're going to break into this thing, make sure when we do it won't delete everything.

 

Given the extremely limited circumstance, I don't see a problem with it.

 

Link to comment
Share on other sites
Jenksismyhero Grand Master

Jenksismyhero

Posted
Posted
QUOTE (Y2HH @ Feb 22, 2016 -> 12:12 PM)
No, today it's a dead terrorist.

 

Tomorrow it's you, because you MIGHT have pirated music on your phone.

 

The next day, it's your buddy, because he got pulled over for speeding and he MIGHT be a drug dealer.

 

It's a slippery slope specifically BECAUSE there are no laws limiting when, how and why they can use the courts for this. You may be ok with that, because 'OMG TERRORISTS', but I'm not.

 

Oh please. Once the NSA starts listening to a phone calls they'll listen to everyone's phone calls! There's no stopping them! 3

 

This is conspiracy theory nonsense.

 

Link to comment
Share on other sites
Jenksismyhero Grand Master

Jenksismyhero

Posted
Posted
QUOTE (Y2HH @ Feb 22, 2016 -> 12:15 PM)
That doesn't force apple to recode it's operating system. That's a choice. That's the difference. The US Government is trying to strip Apple of that choice...because that's very American.

 

The rest of what you said I already addressed.

 

Now, stop comparing this to a technology from the 1800's in wired communications.

 

It's different because the underlying technology is entirely different. It's a horse and buggy analogy vs a stealth fighter. Not the same.

 

You're not seeing the forest through the trees. The complexity of the technology does not matter. It's the government forcing a company to assist with its investigations by utilizing expertise on the company's own product. Be it a landline telephone or a cellphone, it doesn't matter.

 

Link to comment
Share on other sites
Y2HH Grand Master

Y2HH

Posted
Posted (edited)
QUOTE (Jenksismyb**** @ Feb 22, 2016 -> 12:20 PM)
You're not seeing the forest through the trees. The complexity of the technology does not matter. It's the government forcing a company to assist with its investigations by utilizing expertise on the company's own product. Be it a landline telephone or a cellphone, it doesn't matter.

 

Incorrect. It's MORE than the government simply asking for assistance. The government is literally asking a private company to re-code it's operating system, sign it, and install it on a device while setting the legal precedent that they could do the same, in the future, without limits.

 

Apple is under no obligation to work for the government, for free, in recoding their technology in a way in which they didn't design it to be coded. And worse, the government is trying to lean on an act passed in 1789 in order to do so.

 

Unless/until there are laws on the books limiting where and when this power can be leveraged, I want no part of it, for any reason.

 

I see there is no point talking to you about this further.

 

It's a floating man in the sky to you...you know it's there...even when it's not. :P

Edited by Y2HH
Link to comment
Share on other sites
Panerista Grand Master

Panerista

Posted
Posted
QUOTE (Jenksismyb**** @ Feb 17, 2016 -> 01:07 PM)
The government is asking Apple to do it. I haven't read anywhere that the FBI wants to be present or the FBI wants to get the key after it has been completed. They want to make sure that once they start trying to break into the phone the phone isn't going to do an auto-delete and/or that some data isn't encrypted.

Yeah, Apple can't reasonably do this on most devices. Because the device in question is an iPhone 5C, a "FBiOS version" of iOS would be able to cancel the Apple policy of limiting the number of PIN attempts.

 

It sets a horrible precedent, as caving to the FBI would allow foreign governments to do the same thing to Apple. Apple is doing the right thing, especially considering the iPhone 5S through 6S+ have full Secure Enclave encryption which would take an immense amount of effort to break.

Link to comment
Share on other sites
Chisoxfn Grand Master

Chisoxfn

Posted
Posted
QUOTE (RockRaines @ Feb 22, 2016 -> 12:52 PM)
Want to use people's phones to stop unnecessary deaths? Make it impossible to text and drive. Kills WAY more Americans than terrorism.

This I agree with and feel should get addressed. People just do it and it is awful. I have gotten significantly better over the past year, but it still occasionally happens and if something prevented it, or car bluetooth was so good it could address it, it would make driving so much safer.

Link to comment
Share on other sites
RockRaines Grand Master

RockRaines

Posted
Posted
QUOTE (Chisoxfn @ Feb 22, 2016 -> 03:11 PM)
This I agree with and feel should get addressed. People just do it and it is awful. I have gotten significantly better over the past year, but it still occasionally happens and if something prevented it, or car bluetooth was so good it could address it, it would make driving so much safer.

Yes, unfortunately "Carpet bombing" texting and driving isnt nearly the political hot topic as counterterrorism.

Link to comment
Share on other sites
Y2HH Grand Master

Y2HH

Posted
Posted (edited)

Seeing as that I've posted quite a bit on this subject, and in the interest of disclosing my full opinion on the matter, it's not that I'm against helping the FBI or other governing bodies in cases such as this, but I'd be much more open to such assistance in special cases ONLY when the following conditions are met:

 

NEW laws are drafted/voted on and passed that apply to modern technology (with some future proofing) limiting when, how, and why such a request for assistance can be made, and furthermore, strict limitations as to what end they can force companies in making changes fundamental to the security of their products.

 

As it stands, there is a reason the government is literally leaning on laws and acts passed in the 1800's 1700's (yes, you read that right), in order to make these requests. I want some updated laws on the books with STRICT limits BEFORE we continue down this rabbit hole. IF, and only IF that happens would I be open to such requests.

 

Edit: All Writs Act is from 1789, even earlier than I thought.

Edited by Y2HH
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...