The focus on "one device" is a diversion. For a back door to be
effective the FBI needs to be sure that every phone has the compromised
security system because they can't know ahead of time which phone they
might need to get unlocked. That opens the door for any interested party
with legitimate or illegitimate influence to get the key from Apple.
Sooner or later that key will slip out into the wild or someone will
fabricate their own. So the emphasis about this being just for this one
case is really not tenable.
CB
On 2/20/16 4:56 PM, Tyler Thompson wrote:
It’s a pipe dream. Without going into crazy technical detail you’re talking
about either bypassing or giving up their cryptographic private key, the moment
you do that it’s all over, for 1 device or for a million devices. Unlike, say,
a firewall where you can open a port to 1 specific device based on MAC address,
let it get it’s information then close it off again. This is a different
concept.
On Feb 20, 2016, at 2:52 PM, Eric Oyen <eric.o...@icloud.com> wrote:
hmmm. good points.
now, I am not a crypto specialist. I am a basic IT/security tech. my thing is
firewalls, intrusion detection and disinfection
There has to be a way where apple doesn't have to give up security and still
allow the FBI access to that one device (without compromising all others). Is
this possible or am I smoking a real pipe dream here?
-eric
On Feb 20, 2016, at 1:41 PM, Tyler Thompson wrote:
So I feel it’s about time to throw in my 2 cents here. I’m a Certified Ethical
Hacker and I’ve got qualifications and certifications in regards to
cryptography, steganography and cyber security. I don’t bring this up to brag
but instead to outline that I’m speaking from a place of experience. In this
letter to us, the customers Tim Cook does a decent job of outlining the issue.
I can say with 100% certainty that by creating access to a single phone apple
will significantly reduce it’s ability to protect your data, and, what’s worse
they’ll give that access to the FBI. There’s no such thing as a backdoor into 1
device. One of the most potent security measures, and one that Apple has
implemented is to ensure that nobody again nobody has access to secured data,
including Apple themselves. When I’m contracted out to build secure apps or
websites I do the same thing, for example, once a password has been created for
a user I do not, and cannot ever gain access to that users account.
In order to build a “backdoor” you have to build it into the operating system.
This means every iOS operating system would become vulnerable to both malicious
hackers and our government. But let me give it to you in an analogy: Imagine
that the iPhone is your home. Now imagine that your home is in a bad
neighborhood and is a high-profile home. So the FBI comes along and asks you to
please smash out one of your own windows in broad daylight. When you say it
lowers the security of your home the answer is “Well it’s ok, thieves in the
area don’t know which window you smashed out.”
I’ve been a very avid Apple fan for years now, I love their accessibility, I
love their products but knowing about cyber security I can guarantee you right
now that if they build this backdoor I will immediately stop using apple
products.
You want one even scarier? Think about a backdoor to an operating system that
houses your credit card info for Apple Pay. That’s not enough for you? What
about your keychain? You know, the one where you store all your passwords for
things like your bank account.
We can say “Surely you can just do it this once” all we want to but I’m here to
tell you there’s no such thing. Once you’ve lowered your security it’s done and
the product will never be as secure again.
Tyler K. Thompson
-Software Engineer
On Feb 20, 2016, at 1:22 PM, Eric Oyen <eric.o...@icloud.com> wrote:
ok,
the way I see it, apple can come up with a method to access the device. Hell,
if the fingerprints of the terrorists are still available, and that were the
only method of encryption, then the FBI already has its problem solved. If,
however, there was a secondary method (like a passcode) used, then it becomes a
lot harder to get into the device. Note: I did not say impossible.
Now, apple can develop a method by which they can access the phone. they aren't
required to publish it nor to provide it to law enforcement. all they need to
do is provide a technician who knows the method (and has the program). since
that program will not be turned over to the FBI, there is essentially no
problem. Apple would retain custody of the program and the method and law
enforcement would have to follow the law (file a warrant, etc.). At this point,
there would be no back door to exploit To further secure it, I would props that
the program be placed on a specialized (and isolated) device. THis device
cannot be plugged into any network and would also require the use of a password
(only known to apple) to work.
does this sound like a decent proposal?
-eric
On Feb 19, 2016, at 4:34 PM, Simon Fogarty wrote:
I agree,
It's not just terrorist that this will effect it's all IOS device users.
A back door access to one device is a back door to all devices of that type.
Iargree
-----Original Message-----
From: macvisionaries@googlegroups.com [mailto:macvisionaries@googlegroups.com]
On Behalf Of George Cham
Sent: Friday, 19 February 2016 9:21 PM
To: macvisionaries@googlegroups.com
Subject: Re: Any comments on Apple's position against unreasonable search
That's a good point about the fingerprint. But my question is this doesn't make
apple an accessory to terrorism if they don't cooperate with the FBI?
George,
Sent from my iPad
On 19 Feb 2016, at 6:53 PM, Simon Fogarty <si...@blinky-net.com> wrote:
Apart from that point where if your phone battery dies and you need to
use the pin code to open it for the first time
Or did they even have finguerprints setup on the devices.
-----Original Message-----
From: macvisionaries@googlegroups.com
[mailto:macvisionaries@googlegroups.com] On Behalf Of Scott Granados
Sent: Friday, 19 February 2016 8:11 AM
To: macvisionaries@googlegroups.com
Subject: Re: Any comments on Apple's position against unreasonable
search
Karen, you raise a really really good question. Why don’t they just use the
fingerprint of the phone owner. He’s dead anyway so you don’t have to worry
about his specific rights, he’s dead.:) Couldn’t they lift a print or even a
finger and just use that?
Now I really smell a rat since they had the body and had a means in.
On Feb 18, 2016, at 2:08 PM, Karen Lewellen <klewel...@shellworld.net> wrote:
Not only is Apple 100% correct here, the FBI is not using other doors, such as
the fingerprints of those involved.
A master key like the one the FBI desires seeing created is simply unwise to
develop. Hackers have anoth leeway, and no one should have their privacy
compromised in this fashion.
After all consider how often the government has themselves been
hacked, not only could this key be abused by the government, it could
be stolen by others. Just my take, Karen
On Thu, 18 Feb 2016, Scott Granados wrote:
Wonder if anyone else is following Tim Cook’s position against being forced to
cripple the security on iPhones. Anyone have any comments?
--
The following information is important for all members of the Mac Visionaries
list.
If you have any questions or concerns about the running of this list, or if you
feel that a member's post is inappropriate, please contact the owners or
moderators directly rather than posting on the list itself.
Your Mac Visionaries list moderator is Mark Taylor and your owner is
Cara Quinn - you can reach Cara at caraqu...@caraquinn.com
The archives for this list can be searched at:
http://www.mail-archive.com/macvisionaries@googlegroups.com/
---
You received this message because you are subscribed to the Google Groups
"MacVisionaries" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to macvisionaries+unsubscr...@googlegroups.com.
To post to this group, send email to macvisionaries@googlegroups.com.
Visit this group at https://groups.google.com/group/macvisionaries.
For more options, visit https://groups.google.com/d/optout.
--
The following information is important for all members of the Mac Visionaries
list.
If you have any questions or concerns about the running of this list, or if you
feel that a member's post is inappropriate, please contact the owners or
moderators directly rather than posting on the list itself.
Your Mac Visionaries list moderator is Mark Taylor and your owner is
Cara Quinn - you can reach Cara at caraqu...@caraquinn.com
The archives for this list can be searched at:
http://www.mail-archive.com/macvisionaries@googlegroups.com/
---
You received this message because you are subscribed to the Google Groups
"MacVisionaries" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to macvisionaries+unsubscr...@googlegroups.com.
To post to this group, send email to macvisionaries@googlegroups.com.
Visit this group at https://groups.google.com/group/macvisionaries.
For more options, visit https://groups.google.com/d/optout.
--
The following information is important for all members of the Mac Visionaries
list.
If you have any questions or concerns about the running of this list, or if you
feel that a member's post is inappropriate, please contact the owners or
moderators directly rather than posting on the list itself.
Your Mac Visionaries list moderator is Mark Taylor and your owner is
Cara Quinn - you can reach Cara at caraqu...@caraquinn.com
The archives for this list can be searched at:
http://www.mail-archive.com/macvisionaries@googlegroups.com/
---
You received this message because you are subscribed to the Google Groups
"MacVisionaries" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to macvisionaries+unsubscr...@googlegroups.com.
To post to this group, send email to macvisionaries@googlegroups.com.
Visit this group at https://groups.google.com/group/macvisionaries.
For more options, visit https://groups.google.com/d/optout.
--
The following information is important for all members of the Mac Visionaries
list.
If you have any questions or concerns about the running of this list, or if you
feel that a member's post is inappropriate, please contact the owners or
moderators directly rather than posting on the list itself.
Your Mac Visionaries list moderator is Mark Taylor and your owner is Cara Quinn
- you can reach Cara at caraqu...@caraquinn.com
The archives for this list can be searched at:
http://www.mail-archive.com/macvisionaries@googlegroups.com/
---
You received this message because you are subscribed to the Google Groups
"MacVisionaries" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to macvisionaries+unsubscr...@googlegroups.com.
To post to this group, send email to macvisionaries@googlegroups.com.
Visit this group at https://groups.google.com/group/macvisionaries.
For more options, visit https://groups.google.com/d/optout.
--
The following information is important for all members of the Mac Visionaries
list.
If you have any questions or concerns about the running of this list, or if you
feel that a member's post is inappropriate, please contact the owners or
moderators directly rather than posting on the list itself.
Your Mac Visionaries list moderator is Mark Taylor and your owner is Cara Quinn
- you can reach Cara at caraqu...@caraquinn.com
The archives for this list can be searched at:
http://www.mail-archive.com/macvisionaries@googlegroups.com/
---
You received this message because you are subscribed to the Google Groups
"MacVisionaries" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to macvisionaries+unsubscr...@googlegroups.com.
To post to this group, send email to macvisionaries@googlegroups.com.
Visit this group at https://groups.google.com/group/macvisionaries.
For more options, visit https://groups.google.com/d/optout.
--
The following information is important for all members of the Mac Visionaries
list.
If you have any questions or concerns about the running of this list, or if you
feel that a member's post is inappropriate, please contact the owners or
moderators directly rather than posting on the list itself.
Your Mac Visionaries list moderator is Mark Taylor and your owner is Cara Quinn
- you can reach Cara at caraqu...@caraquinn.com
The archives for this list can be searched at:
http://www.mail-archive.com/macvisionaries@googlegroups.com/
---
You received this message because you are subscribed to the Google Groups
"MacVisionaries" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to macvisionaries+unsubscr...@googlegroups.com.
To post to this group, send email to macvisionaries@googlegroups.com.
Visit this group at https://groups.google.com/group/macvisionaries.
For more options, visit https://groups.google.com/d/optout.
--
The following information is important for all members of the Mac Visionaries
list.
If you have any questions or concerns about the running of this list, or if you
feel that a member's post is inappropriate, please contact the owners or
moderators directly rather than posting on the list itself.
Your Mac Visionaries list moderator is Mark Taylor and your owner is Cara Quinn
- you can reach Cara at caraqu...@caraquinn.com
The archives for this list can be searched at:
http://www.mail-archive.com/macvisionaries@googlegroups.com/
---
You received this message because you are subscribed to the Google Groups
"MacVisionaries" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to macvisionaries+unsubscr...@googlegroups.com.
To post to this group, send email to macvisionaries@googlegroups.com.
Visit this group at https://groups.google.com/group/macvisionaries.
For more options, visit https://groups.google.com/d/optout.
--
The following information is important for all members of the Mac Visionaries
list.
If you have any questions or concerns about the running of this list, or if you
feel that a member's post is inappropriate, please contact the owners or
moderators directly rather than posting on the list itself.
Your Mac Visionaries list moderator is Mark Taylor and your owner is Cara Quinn
- you can reach Cara at caraqu...@caraquinn.com
The archives for this list can be searched at:
http://www.mail-archive.com/macvisionaries@googlegroups.com/
---
You received this message because you are subscribed to the Google Groups
"MacVisionaries" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to macvisionaries+unsubscr...@googlegroups.com.
To post to this group, send email to macvisionaries@googlegroups.com.
Visit this group at https://groups.google.com/group/macvisionaries.
For more options, visit https://groups.google.com/d/optout.
--
¯\_(ツ)_/¯
--
The following information is important for all members of the Mac Visionaries
list.
If you have any questions or concerns about the running of this list, or if you
feel that a member's post is inappropriate, please contact the owners or
moderators directly rather than posting on the list itself.
Your Mac Visionaries list moderator is Mark Taylor and your owner is Cara Quinn
- you can reach Cara at caraqu...@caraquinn.com
The archives for this list can be searched at:
http://www.mail-archive.com/macvisionaries@googlegroups.com/
---
You received this message because you are subscribed to the Google Groups "MacVisionaries" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to macvisionaries+unsubscr...@googlegroups.com.
To post to this group, send email to macvisionaries@googlegroups.com.
Visit this group at https://groups.google.com/group/macvisionaries.
For more options, visit https://groups.google.com/d/optout.
