0
quade

Tim Cook vs the FBI

By quade, in Speakers Corner

Recommended Posts

quade    3

quade
Quote

I can agree with the general sentiment of your post, but what would be the anticipated death toll of such a "disaster?"



Shall I do the "for want of a nail the war was lost" scenario?

Certainly you must be familiar with the concept. If not;
https://en.wikipedia.org/wiki/For_Want_of_a_Nail

Okay, so . . . let's see.

Let's say you're a reasonably low level flunky at an electrical switch manufacturing plant.

Friday night you lose your phone in a bar. Some guy picks it up and immediately sells it on the black market. Another guy buys the phone and immediately begins to try to crack into it because, you know what, the information in the phone is potentially FAR more valuable than the phone itself. Lucky for that guy he also paid to get a copy of this new FBI iPhone cracking software. He's in and he just downloaded everything. Your porn, your sexts to your girlfriend, your entire collection of WHAM off iTunes. Man, this guy hit the jackpot. Well, no, not really . . . unless you happen to be like a LOT of people and keep the names and email addresses of co-workers and a bunch of password files, because, who the F can remember that crap?

So now that guy resells your contacts and passwords. THAT is the money. Why?

Industrial espionage and hackers in general.

Only he sold it to China who has a bone to pick with the US.

Hey, you know that virus Stuxnet? No? Maybe you should read about that. I'll wait.
https://en.wikipedia.org/wiki/Stuxnet

Okay. Up to speed?

Guess what China wanted your work email and passwords for? They're trying to insert code into a silly $10 electrical switch being made by your company.

Why?

Hey did you know a stupid $10 electrical switch has the potential to cripple the entire US economy for 10 years? No? You didn't now that? The right cascade of failures inserted into the electrical grid could end up shutting down power for the entire country. Also, did you know a lot of things run on electricity too? Like . . . water?

Oops.

Also, do you have any idea how many people in the US might not live through it? No? Never thought about it before? Well, you're in good company really. Most people don't.

Certainly Trump hasn't.

Yep. It's entirely within the realm of possibility a compromised phone could lead to untold deaths.

Now, am I saying that is going to be the case? No.

What I'm saying is you never know which thread is going to unravel the whole thing, but I can tell you this for certain, we're safer with strong encryption than without it.
quade -
The World's Most Boring Skydiver

Share this post

Link to post
Share on other sites

Coreeece    2

Coreeece
quade

Quote

I can agree with the general sentiment of your post, but what would be the anticipated death toll of such a "disaster?"



Shall I do the "for want of a nail the war was lost" scenario?

Certainly you must be familiar with the concept. If not;
https://en.wikipedia.org/wiki/For_Want_of_a_Nail

Hey, you know that virus Stuxnet? No? Maybe you should read about that. I'll wait.
https://en.wikipedia.org/wiki/Stuxnet

I can tell you this for certain, we're safer with strong encryption than without it.



See, this is what I was trying to get to - the reply above would've been a good answer without being swept away by all the other sensationalized nonsense that only detracts from an otherwise suffice response.

Futhermore, if you're going to use hypothetical Chinese cyber attacks to make your case, then perhaps you should stop marginalizing the actual terrorist threat in this country.

Do you really think hypothetical situations are going to help further your cause against those that are making their case using a threat that actually exists today?

I mean seriously, if some paranoid conservative southern christian was rambling on about how "the chinamen is gonna steals ours light switches and turns off our lectricities" - you'd be laughing at him.
Never was there an answer....not without listening, without seeing - Gilmour

Share this post

Link to post
Share on other sites

normiss    620

normiss

I think you misinterpreted his meaning of disastrous when you added deaths to it, so who's being sensationalist?
The internet could stop if encryption was broken, E911 would drop pretty quick given it's traffic is over crypto tunnels.
There's your deaths you're looking for! :P

Share this post

Link to post
Share on other sites

Coreeece    2

Coreeece
normiss

The internet could stop if encryption was broken, E911 would drop pretty quick given it's traffic is over crypto tunnels.



Explain to me how that happens by accessing a stolen iphone and entering millions of passwords until it unlocks.
Never was there an answer....not without listening, without seeing - Gilmour

Share this post

Link to post
Share on other sites

gowlerk    1,903

gowlerk
I don't fully understand encryption either, but that is irrelevant. The phone exists, and the data that is on it exists. Apple may or may not already have the tool that the government wants, but they are capable of making it. Apple will lose in court eventually. I can see both side in the struggle, but big brother has the big stick, and he will use it to get his way.

Time Cook is being a Condescending Prick about this. (Can we just start abbreviating it as CP?) Apple is protecting it's brand, not the general public, and as large and powerful as Apple is, it will lose this battle. The courts are bigger and stronger, and they have many precedents on their side.

This case is not about this phone. It's about control and precedent.

As far as the disaster scenario goes, China could use the above method of sabotage. But there are also many other ways it could put malicious code into that theoretical switch.
Always remember the brave children who died defending your right to bear arms. Freedom is not free.

Share this post

Link to post
Share on other sites

rehmwa    2

rehmwa
Coreeece

I mean seriously, if some paranoid conservative southern christian was rambling on about how "the chinamen is gonna steals ours light switches and turns off our lectricities" - you'd be laughing at him.



That's a little bit too spot on....

You need to understand -

If you are a bit more eloquent, and state that it's very complex and most people are too stupid to understand it and then explain it in a patronizing way - then it's ok, and you're a good smart (smarter than others) liberal.

If you are immediately strawmanned into a cartoon demographic and berated for saying the exact same thing - then you are a simpleton and racist conservative.

(we can flip the players if we touch different subjects)


What really happened here, is people are people and they have the exact same fears and concerns - yet they are berated or cheered based solely on stupid social/political alignments rather than their actual statements.

And we wonder why idiots like the current 5 people (especially Trump) are actually seriously being seen as leaders of the whole thing......

...
Driving is a one dimensional activity - a monkey can do it - being proud of your driving abilities is like being proud of being able to put on pants

Share this post

Link to post
Share on other sites

Coreeece    2

Coreeece
normiss

I don't think you understand encryption.



Ya, see - there's that CP shit again. That's your answer for everything, isn't it? "You don't know wtf you're talking about man, so butt out!"

normiss

Firewalls and encryption have been the most challenging part of my job to be honest.



Ya, that much is obvious given that you can't even explain it without some sensationalist nonsense that you guys don't even believe yourself.

My point was that Quade had a great answer without all the other hypothetical BS that detracted from an otherwise great post.

Those types of condescending hypothetical arguments aren't going to win it for Apple in court because the opposition's real sensationalist bullshit trumps Quade's hypothetical sensationalist bullshit.
Never was there an answer....not without listening, without seeing - Gilmour

Share this post

Link to post
Share on other sites

ryoder    1,381

ryoder
JerryBaumchen

Hi Ken,

Quote

Apple will lose in court eventually.



Bill Gates was on Charlie Rose last night and and this is what he was saying.

http://www.nbcnews.com/storyline/san-bernardino-shooting/bill-gates-backs-fbi-over-apple-san-bernardino-iphone-battle-n524031

Jerry Baumchen


Well, now we know for sure that Apple is on the right side of the issue.:|
"There are only three things of value: younger women, faster airplanes, and bigger crocodiles" - Arthur Jones.

Share this post

Link to post
Share on other sites

normiss    620

normiss
Of course he wants Apple to provide the access! LOL
Once the iPhone has the FBiOS installed on them, they're worthless to a large portion of Apple customers. WTF do I need an insecure device that has been compromised with all the private, personal, and financial data on it?
It would instantly be non-acceptable in corporate America due to VPN configurations on them.
It would be a rather large hit to Apple financially IMO. That would be a gain for Microsoft.
The risk of Key access is really very deep, damn near every bit of information is encrypted over the path of transmission.

This is a precedence case, make no mistake.
Once the government has access, CALEA for everyone - local and state cops have been stuck for quite some time on this little issue.

Share this post

Link to post
Share on other sites

Stumpy    256

Stumpy
ryoder

***Hi Ken,

Quote

Apple will lose in court eventually.



Bill Gates was on Charlie Rose last night and and this is what he was saying.

http://www.nbcnews.com/storyline/san-bernardino-shooting/bill-gates-backs-fbi-over-apple-san-bernardino-iphone-battle-n524031

Jerry Baumchen


Well, now we know for sure that Apple is on the right side of the issue.:|

See this is where the letter Tim Cook wrote seems to imply the opposite of what Gates is saying. Tim Cook kind of implies that its not possible to have a tool that only works on this one device - once you write it for a single device, the danger is that it's out there. If that's true, then I absolutely agree with him (I wouldn't trust the FBI to keep it to themselves). I would have thought however, that Apple are easily capable of hacking their own phone in which case if they do this FOR the feds, then I think that's a reasonable request, especially if they need to get warrants/court orders etc. This is not my area of expertise however so I may just be mixed up with the problem!
Never try to eat more than you can lift

Share this post

Link to post
Share on other sites

normiss    620

normiss
My apologies as that was not my intent.
Once the gate is open, access to the magic keys is easily available.
At that point in time, the "hypothetical sensationalist bullshit" you've had explained would be quite easily accomplished.
Last few times I've looked, there is an abundance of illegal copies of certain powerful tools on the internet that could easily wreak havoc to a lot of connected systems once keys are broken.
And then there’s the risk that this is the first step on a slippery slope. This time, the FBI is very clearly asking for Apple to build software which will never leave Cupertino. But once Apple complies, who is to say that the next request won’t be to hand that software over to the FBI, or even state- or city-level police forces?

Share this post

Link to post
Share on other sites

quade    3

quade
Coreeece

***

Quote

I can agree with the general sentiment of your post, but what would be the anticipated death toll of such a "disaster?"



Shall I do the "for want of a nail the war was lost" scenario?

Certainly you must be familiar with the concept. If not;
https://en.wikipedia.org/wiki/For_Want_of_a_Nail

Hey, you know that virus Stuxnet? No? Maybe you should read about that. I'll wait.
https://en.wikipedia.org/wiki/Stuxnet

I can tell you this for certain, we're safer with strong encryption than without it.



See, this is what I was trying to get to - the reply above would've been a good answer without being swept away by all the other sensationalized nonsense that only detracts from an otherwise suffice response.

Futhermore, if you're going to use hypothetical Chinese cyber attacks to make your case, then perhaps you should stop marginalizing the actual terrorist threat in this country.

Do you really think hypothetical situations are going to help further your cause against those that are making their case using a threat that actually exists today?

I mean seriously, if some paranoid conservative southern christian was rambling on about how "the chinamen is gonna steals ours light switches and turns off our lectricities" - you'd be laughing at him.

You asked. I answered.

You do not get to set the terms of how I answered after the fact.

As for your supposition that Chinese cyber attacks are somehow "hypothetical" . . . oh dear.
quade -
The World's Most Boring Skydiver

Share this post

Link to post
Share on other sites

ryoder    1,381

ryoder
Looks like Gates is trying to walk back his support of the Feds over Apple, but what really caught my eye is this paragraph:

And now it also appears that Gates's assertion that law enforcement is asking Apple to unlock an iPhone only in this particular case is incorrect. A few hours after the FT published Gate’s comments, the Wall Street Journal reported that the Justice Department is also seeking court orders to force Apple to extract data from 12 other iPhones in cases unrelated to San Bernardino. These other 12 cases do not involve terrorism, notes the WSJ and adds that "Privacy advocates are likely to seize on the cases’ existence as proof the government aims to go far beyond what prosecutors have called the limited scope of the current public court fight over a locked iPhone used by one of the San Bernardino shooters."

Source: http://www.fastcompany.com/3057046/fast-feed/bill-gates-sides-with-fbi-says-apple-should-unlock-that-iphone
"There are only three things of value: younger women, faster airplanes, and bigger crocodiles" - Arthur Jones.

Share this post

Link to post
Share on other sites

Coreeece    2

Coreeece
quade

You asked. I answered.

You do not get to set the terms of how I answered after the fact.



I'm just saying that the Feds already have a lock on the whole "we're trying to save lives" approach. You can't beat them with an appeal to the future about some other (hypothetical) threat that may or may not be more serious.

For Apple, and those sympathetic to their cause, this is not about whether or not we are saving lives. It's about privacy and an overreaching government - how far can they can go vs. how far should they go - and the precedent that it may set.

quade


As for your supposition that Chinese cyber attacks are somehow "hypothetical" . . . oh dear.



No, your example was hypothetical.

...and if you're so concerned with hypothetical chineese threats, then fine - that's your prerogative - but just remember that people have been berated and deemed xenophobic bigots for expressing their concern about legitimate Islamic extremist threats that actually exist.
Never was there an answer....not without listening, without seeing - Gilmour

Share this post

Link to post
Share on other sites

quade    3

quade
Coreeece

...and if you're so concerned with hypothetical chineese threats, then fine - that's your prerogative - but just remember that people have been berated and deemed xenophobic bigots for expressing their concern about legitimate Islamic extremist threats that actually exist.



And what makes you think ISIS isn't also attempting to hack into US infrastructure?

http://www.businessinsider.com/isis-and-hacking-us-power-grid-2015-10?op=1

I mean, seriously, it's almost like you have no clue whatsoever what you're talking about.
quade -
The World's Most Boring Skydiver

Share this post

Link to post
Share on other sites

gowlerk    1,903

gowlerk
normiss

One of the articles I was reading earlier mentioned the State of New York has about 100 iPhones they desire access to.
>:(



Yes, the data exists. Now there is a fight for whether or not a court can demand access. Given that with a proper court order nothing else is so sacred that it can't be subpoenaed it's hard to imagine the law will allow us to refuse a legal order to our data.

The DoJ will win this fight. Completely and irrevocably. For better or worse. There is no right to privacy that is absolute for anyone or anything. The only thing that will limit the damage is the procedure that will be required to issue the order. If we are lucky we may be able to avoid having LEOs go on fishing expeditions whenever they can lay their hands on a device. Hopefully there will be a fairly onerous burden of proving a need first.
Always remember the brave children who died defending your right to bear arms. Freedom is not free.

Share this post

Link to post
Share on other sites

gowlerk    1,903

gowlerk
normiss

You do realize how easy search warrants are obtained I assume.
I would hold no hope once this precedent is set.




That may very well be correct. Probably the hassle of getting the order will be the only protection. Which would only stop the police from automatically searching the device at every single stop. People who are arrested will likely be able to count on having their phone searched. That is how it will probably be.

It already is that way if you fail to password protect your device.
Always remember the brave children who died defending your right to bear arms. Freedom is not free.

Share this post

Link to post
Share on other sites

normiss    620

normiss

IIRC, in my CISSP case studies and certifications, the 5th protects passwords and encrypted data as testimony evidence and has been supported by a majority of courts.
I do remember the EFF reps advice is to contact them and obtain legal assistance for those requests specifically due to the technical legal challenges.
Which has always had me scratching my head. :D

Interesting case to be sure.

Share this post

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
0
Go To Topic Listing