±Forensic Focus Partners

Become an advertising partner

±Your Account


Username
Password

Forgotten password/username?

Site Members:

New Today: 0 Overall: 35650
New Yesterday: 0 Visitors: 142

±Follow Forensic Focus

Forensic Focus Facebook PageForensic Focus on TwitterForensic Focus LinkedIn GroupForensic Focus YouTube Channel

RSS feeds: News Forums Articles

±Latest Articles

±Latest Webinars

Apple Unlocking iPhones vs US Government

Computer forensics discussion. Please ensure that your post is not better suited to one of the forums below (if it is, please post it there instead!)
Reply to topicReply to topic Printer Friendly Page
Forum FAQSearchView unanswered posts
Page Previous  1, 2, 3, 4 ... 10, 11, 12  Next 
  

trewmte
Senior Member
 

Re: Apple Unlocking iPhones vs US Government

Post Posted: Feb 20, 16 19:39

- C.R.S.
- hcso1510
I really do wish that we could stop calling this a back door.


Fully agree. It's not even a back door in technical terms, it's exploitation.


Technically fair observations and I don't have a problem with those terms. It might be though others might think this is being a little bit semantically picky. It is possibly far too late in the day to only now start the conversion of institutions (ITU, ETSI, 3GPP etc. that use the term back-door, since 2000) and the media and non-technical people to start now using "front-doors" or "exploitation" with regards to Apple iPhone 5C.
_________________
Institute for Digital Forensics (IDF) - www.linkedin.com/groups/2436720
Mobile Telephone Examination Board (MTEB) - www.linkedin.com/groups/141739
Universal Network Investigations - www.linkedin.com/groups/13536130
Mobile Telephone Evidence & Forensics trewmte.blogspot.com 
 
  

C.R.S.
Senior Member
 

Re: Apple Unlocking iPhones vs US Government

Post Posted: Feb 20, 16 21:01

- trewmte
Technically fair observations and I don't have a problem with those terms. It might be though others might think this is being a little bit semantically picky.


However, it's not only about a semantic nuance but the essential qualitative difference between a state enacted ex ante weakening of a reasonably secure device before it is placed on the market or used, aka back door, and the subsequent access to an originally insecure device. It is an essential difference not only technically but for the legal and civil rights implications.

While I'm not aware of ITU, ETSI or 3GPP using the term back door the wrong way, it's just my observation that media and their "advising" activism groups predictably choose those terms which make the actual, wrongly described undertaking seem the most aggressive, illegitimate or associable with actually illegitimate intents.  
 
  

trewmte
Senior Member
 

Re: Apple Unlocking iPhones vs US Government

Post Posted: Feb 21, 16 13:10

I don't have an issue with your term merely, however, such qualification would require you to go out and change the millions of published words at maybe hundreds of thousands of newspapers, website, new broadcasts etc. etc.

- C.R.S.
- trewmte
Technically fair observations and I don't have a problem with those terms. It might be though others might think this is being a little bit semantically picky.


However, it's not only about a semantic nuance but the essential qualitative difference between a state enacted ex ante weakening of a reasonably secure device before it is placed on the market or used, aka back door, and the subsequent access to an originally insecure device. It is an essential difference not only technically but for the legal and civil rights implications.


So you are in court and you give, as the technical witness in the witness box, the above definition. The Judge asks, ok so what is "aka back door" then if it is not another word being used for exploitation?


- C.R.S.
While I'm not aware of ITU, ETSI or 3GPP using the term back door the wrong way




- "3GPP TSG SA WG3 (Security) Mainz, Germany, 22-24 February, 2000
1 Introduction

With appropriate equipment it may be possible to perform hijacking attacks on a not-ciphered GPRS radio link. Appropriate equipment consists of a combination of a modified base station and a modified mobile station. Hijacking attacks are attacks whereby an intruder inserts his packets on radio resource allocated to a genuine user.

As an effective countermeasure, SMG10 (Oct. '97, and again in Jan. '00) have proposed to make encryption mandatory for GPRS. Mandatory encryption however would prevent world-wide deployment of GPRS (without any non-standard additions), as some countries restrict the use of encryption and to other countries the export of network equipment with the appropriate algorithms is restricted, or – which is more likely due to the importance of the market that is involved – it would make vendors build in there equipment a "back-door" which would result in the fact that encryption is only mandatory "in the specification" but not in reality.


The statement above was made by Siemens a world leader in wireless networks and devices. No mention of the word exploitation. The act Siemens mentions could appear an aggressive, illegitimate etc "intention" to subvert for a vendor's own gain (perhaps) whilst deployed in the field by creating a back door to overcome encryption possibly designated by laws?
_________________
Institute for Digital Forensics (IDF) - www.linkedin.com/groups/2436720
Mobile Telephone Examination Board (MTEB) - www.linkedin.com/groups/141739
Universal Network Investigations - www.linkedin.com/groups/13536130
Mobile Telephone Evidence & Forensics trewmte.blogspot.com 
 
  

RolfGutmann
Senior Member
 

Re: Apple Unlocking iPhones vs US Government

Post Posted: Feb 21, 16 20:27

If you cannot prevent wrong-doing of words created and used by common people in millions, the only way may is to extend the term to make it more precise.

A 'device-customized' backdoor would sound better but in fact is untrue because Apple can do this again and again. The creator knows all about his creature. But people in general simplify words in areas they feel not familiar with. How many people still speak about 'Antivirus'? The majority for a long time are trojans and worms as part of malware, no more viruses.

And to complete: The Islamic State called itself ISIS and the U.S. tried to implement the term 'dash'. Did not work, too late. So either starting immediately to pull of another term or to control the media globally.

If something new calls itself X and stays alive! then it always can say 'My name is X'? The more a term is multiplied in media and simpler to understand, the more people adapt it. Back is clear and door too, so backdoor is most simple for everyone.

No wisdom, just my view  
 
  

C.R.S.
Senior Member
 

Re: Apple Unlocking iPhones vs US Government

Post Posted: Feb 21, 16 23:46

- trewmte
So you are in court and you give, as the technical witness in the witness box, the above definition. The Judge asks, ok so what is "aka back door" then if it is not another word being used for exploitation?


Highly unlikely that a judge will ask this, since I gave him this broad hint in my wording, and jurists have so much joy in distinguishing ex ante and ex post perspectives, which is the entire point here.

- trewmte
The statement above was made by Siemens a world leader in wireless networks and devices. No mention of the word exploitation.


This is because they are talking about a back door that vendors - on request by a government - generally and preemptively to any tangible government access put into their products on an entire market to render the mobile network encryption ineffective for every single user. It doesn't make more sense to call such a back door exploitation than vice versa.

By far not only technical statements use "back door" correctly. In most cases, media and laymen, such as those concerned teenagers who populate IT forums and need to be NSA-safe nowadays, are spot on when talking about back doors in the fear of some kind of Clipper Chip or manipulated proprietary encryption software. Some politicians bring up the idea of "back doors" when they really mean back doors, which both isn't helpful at all. Media are right in criticising such proposals, since they represent a massive governmental intervention to the disadvantage of ordinary citizens and economy.
In this case, there is no such intervention. The authorities just want to take advantage of the given weak security implementation that enables Apple to switch off security functions and that Apple put into their iPhones without any government interference.
Of course, Apple's assistance also affects the entire market, since it can be devolved to any already sold iPhone in past and future cases. But the root cause for this is not government interference, no back door, but Apple's design choice and consumer preference for the intrinsically weak product. The Apple statement in this context is ridiculous, effectively saying: "As long as we don't program the exploitation tool, there is no vulnerability."  
 
  

jaclaz
Senior Member
 

Re: Apple Unlocking iPhones vs US Government

Post Posted: Feb 22, 16 00:22

- jaclaz
The news about the change of i-cloud password after the device was already seized add some further spice to the issue:
www.wired.com/2016/02/...t-iphone/?


Quoting myself, just to say "as expected":
www.zdziarski.com/blog/?p=5695

In a letter emailed from FBI Press Relations in the Los Angeles Field Office, the FBI admitted to performing a reckless and forensically unsound password change that they acknowledge interfered with Apple’s attempts to re-connect Farook’s iCloud backup service.
...
Either the FBI has recklessly interfered with the processing of evidence OR FBI has mislead the courts on the amount and the nature of assistance required by Apple under the All Writs Act.




jaclaz
_________________
- In theory there is no difference between theory and practice, but in practice there is. - 
 
  

LANGWONDE
Member
 

Re: Apple Unlocking iPhones vs US Government

Post Posted: Feb 24, 16 11:53

Hello,there,
McAfee claim that he can solve this situation,does it true and possible Very Happy

"With all due respect to Tim Cook and Apple, I work with a team of the best hackers on the planet. These hackers attend Defcon in Las Vegas, and they are legends in their local hacking groups, such as HackMiami. They are all prodigies, with talents that defy normal human comprehension. About 75% are social engineers. The remainder are hardcore coders. I would eat my shoe on the Neil Cavuto show if we could not break the encryption on the San Bernardino phone. This is a pure and simple fact. "

www.maxim.com/news/joh...hoe-2016-2  
 

Page 3 of 12
Page Previous  1, 2, 3, 4 ... 10, 11, 12  Next