Navigation

Archive | Cryptography

Apple vs. the FBI — who won?

By on March 29, 2016 in Apple, Big Brother, Cryptography, Data Protection, FBI, IT security, Privacy, US

From the Associated Press Washington desk:

The FBI said Monday it successfully used a mysterious technique without Apple Inc.’s help to hack into the iPhone used by a gunman in a mass shooting in California, effectively ending a pitched court battle between the Obama administration and one of the world’s leading technology companies.

The government asked a federal judge to vacate a disputed order forcing Apple to help the FBI break into the iPhone, saying it was no longer necessary. The court filing in U.S. District Court for the Central District of California provided no details about how the FBI did it or who showed it how.

Justice Department cracks iPhone; withdraws legal action »

But is this really a mystery? I wrote about this some three weeks ago. That was when the ACLU demonstrated that breaking locked iPhones is almost common knowledge in the tech community:

One of the FBI’s Major Claims in the iPhone Case Is Fraudulent »

Never the less many questions remain unanswered. And the FBI is not about to open up. Ars Technica:

Apple likely can’t force FBI to disclose how it got data from seized iPhone »

Here, it is important to understand what this really has been all about:

[The FBI] is not as interested in solving the problem as they are in getting a legal precedent, [Richard] Clarke said. “Every expert I know believes the NSA could crack this phone. They want the precedent that government could compel a device manufacturer to let the government in.”

The Register: Former US anti-terror chief tears into FBI over iPhone unlocking case — They’d just send it to the NSA if they really wanted access, says Clarke »

Now, what about Apple? Have all of this bruised the iPhones reputation when it comes to security?

Well, it shouldn’t. As mentioned, there already are known ways to break into a locked iPhone.

But facts is not the same as the public perception. The general notion is that this is something entirely new.

And, as a matter of fact, the authorities can open up a locked iPhone. Apple do have a very real public relations problem on its’ hands.

Inevitably, Apple will have to beef up the iPhones security shortly. That may, in turn, lead to new conflicts with the FBI & Co.

/ HAX

0

Richard Clarke on the Apple vs. FBI case

By on March 15, 2016 in Apple, Big Brother, Cryptography, Data Protection, FBI, NSA, Privacy, US

“[The FBI] is not as interested in solving the problem as they are in getting a legal precedent,” Clarke said. “Every expert I know believes the NSA could crack this phone. They want the precedent that government could compel a device manufacturer to let the government in.”

The Register: Former US anti-terror chief tears into FBI over iPhone unlocking case — They’d just send it to the NSA if they really wanted access, says Clarke »

0

WhatsApp vs. the FBI

By on March 14, 2016 in Big Brother, Cryptography, Privacy, US

In Saturday’s edition of the New York Times, Matt Apuzzo reports that the Department of Justice is locked in a “prolonged standoff” with WhatsApp. The government is frustrated by its lack of real-time access to messages protected by the company’s end-to-end encryption. The story may represent a disturbing preview of the next front in the FBI’s war against encryption.

EFF: The Next Front in the New Crypto Wars: WhatsApp »

0

The real issue with the San Bernardino shooters iPhone

By on March 10, 2016 in Apple, Big Brother, Cryptography, Data Protection, IT security, Privacy, US

The trench war over the San Bernardino shooters iPhone continues. The FBI demands that Apple should create a special OS to circumvent the “auto erase” function that, if activated, would make the phones contents unavailable after ten failed attempts to unlock it. And Apple is fighting the request.

However, it turns out that all of this might be unnecessary. There are other ways to access the content, as demonstrated by the ACLU.

It is unlikely that FBI didn’t know about this possibility — as it is a commonly used technique in the industry.

ACLU:s Technology Fellow Daniel Kahn Gillmor explains…

“All the FBI needs to do to avoid any irreversible auto erase is simple to copy that flash memory (which includes the Effaceable Storage) before it tries 10 passcode attempts. It can then re-try indefinitely, because it can restore the NAND flash memory from its backup copy.”

So, what is going on here?

“If this generally useful security feature is actually no threat to the FBI, why is it painting it in such a scary light that some commentators have even called it a “doomsday mechanism”? The FBI wants us to think that this case is about a single phone, used by a terrorist. But it’s a power grab: law enforcement has dozens of other cases where they would love to be able to compel software and hardware providers to build, provide, and vouch for deliberately weakened code. The FBI wants to weaken the ecosystem we all depend on for maintenance of our all-too-vulnerable devices. If they win, future software updates will present users with a troubling dilemma. When we’re asked to install a software update, we won’t know whether it was compelled by a government agency (foreign or domestic), or whether it truly represents the best engineering our chosen platform has to offer.”

Of course, it might just be about government incompetence. But never the less, the result would be the same: A judicial trojan horse for weakening device security all over the line.

Having seen what US government agencies have been up to — it is more likely than not that this is all about Big Brother deceptiveness.

• ACLU: One of the FBI’s Major Claims in the iPhone Case Is Fraudulent »
• Security Affairs: Snowden accuses the FBI of lying about his ability to unlock the iphone of the San Bernardino terrorist. “that’s horse sh*t.” he said. »

/ HAX

0

EU and the crypto war

By on March 7, 2016 in Big Brother, Cryptography, Data Protection, EU, Privacy, surveillance

So, where does the EU stand on politicians, law enforcements and intelligence organisations war on encryption?

It is still an open question, to be decided in the e-Privacy Directive.

What is this — and didn’t the EU just set out the framework for data protection? Diego Naranjo at EDRi explains…

“Did you think the data protection reform was finished? Think again. Once the agreement on the texts of the General Data Protection Regulation (GDPR) and the Data Protection Directive for Law Enforcement Agencies (LEDP) was reached, the e-Privacy Directive took its place as the next piece of European Union (EU) law that will be reviewed. The e-Privacy Directive (Directive 2002/58/EC on privacy and electronic communications) contains specific rules on data protection in the area of telecommunication in public electronic networks.”

Here issues such as cookies, government trojans and encryption back doors should be addressed.

So far, this process has attracted very little attention from the public, the media, the industry and internet activists. Nevertheless, these issues are essential when it comes to citizens right to privacy.

While the Apple vs. FBI case in the US is all over the media — what’s going on in the same field in the EU is more or less ignored.

While most EU politicians have held a low profile about encryption backdoors so far, the matter of government trojans already is an existing and very real cause for worry.

The French have since long been suspected to use malware (e.g. Babar, Bunny, Casper, Dino, NBot and Tafacalou) and will most certainly move ahead in its’ new cyber-security strategy. In Germany the government just approved the usage of trojans by federal agencies. And countries like Sweden are fast-tracking legislation in this field.

It is important to remember that this is not “only” about phone calls, text messages and e-mails. With trojans on your phone, tablet or computer — the government can access everything you do. What you write. What you google. Your online banking. Your social media activities. Dating apps that you might use. Your contacts. Your private pictures. Your business plans. Your health apps. You name it…

So we better get busy while it’s still possible to influence the political process.

Don’t let the EU get away with keeping this dossier under the radar. Please.

/ HAX

EDRi: Data Protection Reform – Next stop: e-Privacy Directive »

0

The FBI vs. Apple case is about unlocking your life

By on March 2, 2016 in Apple, Big Brother, Cryptography, Data Protection, Privacy, US

Here is some food for thought, on the FBI vs. Apple case about unlocking the San Bernardino shooters iPhone: It’s not only about your phone calls and text messages, it’s about your entire life.

An iPhone contains apps, surf history and search history that would crack open your private life completely in front of Big Brother.

In a text, Rick Falkvinge lists a few examples…

  • What news articles you read, for how long, and in what order
  • Your travel plans
  • Your dating habits
  • What you’re buying
  • What you’re thinking of buying but didn’t
  • Whom you’re in touch with but didn’t talk to
  • What you were looking for more information about, and when
  • What link(s) you follow, given a selection
  • Your physical movement through cities, and within a city
  • …the list goes on.

Is this really information that should be in government hands?

Falkvinge: Using legacy phonecall wiretapping laws to justify Internet wiretapping is obscene: immense expansion of surveillance »
Slate: An iPhone Is an Extension of the Mind »

0