[cryptome] Re: Farook Backup: Password Screwup
- From: Michael Best <themikebest@xxxxxxxxx>
- To: cryptome <cryptome@xxxxxxxxxxxxx>
- Date: Sun, 21 Feb 2016 17:19:52 -0500
I don't think reverse engineering it is a problem unless they try to
distribute that info or profit from it. Plus, reverse engineering is its
own analysis which provides some degree of separation (I think).
On Sun, Feb 21, 2016 at 5:16 PM, Andrew Hornback <achornback@xxxxxxxxx>
wrote:
Would the FBI be liable in the event that they reverse engineered Apple's
product in order to break it? I'm sure that's part of the problem.
Personally, I've heard that the NSA has the capabilities to handle this
issue without making a big deal out of it, but they don't want to tip their
hand and prove that they do... so, we end up with the smoke and mirrors
show asking Apple to get involved. Of course, it could simply be their way
of asking Apple to validate the NSA's process...
From looking at the court documents, it appears that the FBI is simply
wanting Apple to circumvent the "self-destruct" routine within iOS so they
can brute force the password on the device. That doesn't break or negate
the encryption, it merely prevents the device from pulling a "Mission
Impossible" after they get the code wrong the 10th time.
Now, if Farook's employer had done things properly and implemented an
appropriate MDM solution prior to deploying the phone, we wouldn't be
having this conversation since the MDM client/widget/whatever you want to
call it operates at a low enough level to allow administration of the phone
without it being unlocked.
I also wouldn't be surprised to find some young, enterprising lawyer in
California to be soliciting those beneficiaries of Farook's employer's
services to file suit agains them for failure to properly safeguard their
data on those mobile devices. I figure someone's going to be screaming
about HIPAA and PII security in order to make a few bucks...
--- A
On Sun, Feb 21, 2016 at 4:11 PM, Michael Best <themikebest@xxxxxxxxx>
wrote:
What does copyright have to do with it? FBI isn't trying to redistribute
the code. Apple's NDAs and IP agreements might apply, but I don't see what
role copyright plays. (I'm asking, not arguing. I haven't exactly following
the case though, and I already got one major detail wrong lol.)
Sent from my iPhone
On Feb 21, 2016, at 3:45 PM, douglas rankine <
douglasrankine2001@xxxxxxxxxxx> wrote:
see url: https://twitter.com/cfarivar/status/701430905076731906
Even if the FBI did screw up...or Farooks Employer screwed up...or they
both screwed up...It wouldn't have made a lot of difference regarding what
is at present on Farooks phone. The back up was done on October 19th
whereas the crime was committed one and a half months later. In that time,
up until the time of the crime, the phone had NOT been backed
up...according to the affadavit from the FBI. From looking at the
affadavit, the FBI is saying that they agreed to trying to change the
password to see if they could get access to the back up, and the phone.
It didn't work, so that makes the FBI stupid because they should have
known. Does this mean that if the FBI/Farooks employer hadn't changed the
password that there would have been an automatic backup made?
Remember, according to the FBI, it is Apple software, it is copyright
and the FBI is not allowed under US Law to breach that copyright. Any
experts out there on Apples end-to-end encryption software, who isn't bound
by Apple's copyright and non-disclosure agreements? Perhaps they could
enlighten us.
Whom do I believe? I'll reserve my judgement until the facts come out!...
:-) . Coward that I am...
ATB
Dougie.
--
Veritas aequitas liberabit vos
Veri universum vici
That 1 Archive <
http://that1archive.neocities.org/>
@NatSecGeek <
https://twitter.com/NatSecGeek>
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: SKS 1.1.5
Comment: Hostname: pgp.mit.edu
mQINBChG9zoBEADKzALG4UHCjY6L9OFUxWRVGGCW7LY71K2EAK/0jkRh1wPkJ4chPaVJ3vVD
nJ0d8HxsyR5R3+y7GH6GCc/tK0IDPJah+xpQnraS1nWUvAlSaaxsBK4hJfuVGyfBg/joQVKU
OhpqJLQhRIkUWk30QC94IbOKiCTb6V4pStLYyrLieewjT481vvRIYp/48IS5eiveZW0/IpcA
HBON7xJw6P1murC8PNOJSWRCp9FJhcs3wIPG3cFTfsxSZnGcoivMgFLtGAfLbztpZkcHEMOR
4qamVvirzYGHma0UlOzyNr7xpxyLXFsU5kKzQ8Az2nP1GG7vuqXSjPNLIvvHFL+g+gKuCe9W
xTa9Ac038RRSiBGdDrvTFpQ/h9h5GWIHP7nsA4TCeZSpL81aqp7Cb0MK3KPQmteTPIujVCnx
jXXHrOe9Tj6iYUU8edApISyBEVFZMd+EtfDEDf/ZwDjzSGE85vv1dZ/ck7iJvS8FwM8hsRBG
U9huCKiItGs26teUJ2Sum49YaEiDL4QLQhJ+FbsAusxJg+V3GE/4w75K/6/czT0p10Mf66Uo
fRFTvYRE7S6CNDxzTI4q7+pnRlxMBduGC33KY4eq4Py/O3LWHBDxZ+LffIa/tWcB/7oZ6yDo
bdWleNk5wnJdPGr6lUTHTM4tpDIEcXYpvjzyLcMtg4tFm/Dc0QARAQABtGVNaWNoYWVsIEJl
c3QgKFByaXZhdGUsIG5vdCBzZWN1cmUuIEZvciBzZWN1cmUgZW1haWwsIHJlcXVlc3QgYSBv
bmUtdGltZSBrZXkuKSA8dGhlbWlrZWJlc3RAZ21haWwuY29tPokCPQQTAQoAJwUCKEb3OgIb
AwUJNXc1AAULCQgHAwUVCgkICwUWAgMBAAIeAQIXgAAKCRCiYH9hY4dAS3e+D/sFwyJER4/4
ZnHYC/1EzCpHeDikSmULEgsvNgzo73thOV9/Q2I8mCJTlQjsK4rZ2YiDzi4b0CN8kzjpxtVz
BsBsxfyPLrdH4VoqeqeBVzbwHxSk7bYUI3vFt+e3gBgpAxbVfPXCnYUnWPRlr9dc/JZoPJH4
p8yRIqktehbAE3Fa3gkfrXJ5e6+/nKlQhikyvo9VuErrLpPMXBzOq4/2LVfurkcOzlp1RBjs
hWr6B98EiOXs44ZGLEkINxJiW8koFhw/WDuON8LKi/DtLiqqtBVTjrkqKCuKzSAVncGGcEVO
3Om3aOIOvG0do/wQKYXnpbeGsHwx2PGrJ7H+lb2bIb5KhbZkbG4rMTjsVnuGN+IF4BxBhmGz
MYoooWy4VCLL0o8keomU8JPXt+fZDqJ9sNjY/asTsjOa6aE3bIa6w3mWUeefGwA25oXur3Rr
L3wmu1pPzCejumfA1X93dS9UZS3xni+7W34g6YbsREuaZ+YBxFLN227JXAx2pEdjLsuVOaqM
9CO7ARHsxDZoE9U7n0s3txnSw/2YYwjEK1wDhdLnHBL3ZzaAcaHnpzsTYQAVW7uXKKHhzeSK
GP3O4ByCisM/7WLFvIIpaNNs85jI1PvKH0GutSTl9xXDfWuYMl9rwwbteBB/oGSxlIFe0pqq
IDNfAJdR/HjTLqrTES2wdXJS1bkCDQQoRvc6ARAAmltXrhVfpePdIFrfEHCet4nkQvmRI+AX
rUgiNlxQDW8M5FzlUfT2xpMXHMWuKehTYpFq7bNbFi+fwBhMajgvgDsTuLInftKSFp+sisbR
n8psv7CpGB4jp0Xd4y1Wm/HejV/kga0kcUVVetaqyzgZedn1UnccQRzDBVWW2j2ed+hi/8g0
/d7mbVG81yzJo8tLidM90xFF7JGlijm0dBAqmhD4UgkxSnJQ3PK5onqdjdbx7HkP68RrkeTQ
vhWK1978qzdSl9ljJ0jLnoAaDNPs5Dj/TyYCtqoKHUqMbTwU5nIQnJG7geMeSw/7OVnKlypF
Rs/JesZzMBooZTRxZJuIB/q0wOfE/MYTwGSwLs2brUwJFJ6bSYmerZ+81S8W/Y4mehJ3o6Vl
SabrrVN+LlBfUuRqd5U909WECzk6HVnwnRfL07zD+1y5cLU+e4MQs2227kLriTIxtDZ/umeG
hKQgNgFGTAPHJxA96xGvQ8Ovv+XEivlO0jxBNMIiopNSlMDE+k3nigWHuavt9LUUCOd45aw7
0pgKstQQgpFfVAwV98LPpUKxa61q6wQiQHAcP7YxuQG0dsr4nUq2xids5l1IpOLzZJ3nRThM
k7alkljBbqphbocV3FsSXOkpcSWns94k1QGmrPzEPLF0FHFBG6whWoaoEySMkdsN1zVu4GMU
o2EAEQEAAYkCJQQYAQoADwUCKEb3OgIbDAUJNXc1AAAKCRCiYH9hY4dASzTaEACKXVgc8KmZ
xWyYTUQgIwrj3J/re68uIilq0iBBDocgEZZpxyf6lD1V3IKBjAPpWyYHMrrrLY64rFDR+8DE
Xyhm1Wv2S6YJuWJtyAlS4bciXjJE6evirIH5GoFq++vzsufRaudAoQ56hJ0+Z3dNMMWZ6YuP
zWNNL2tvpdo3Nvd8bqiADWSffFdIPv5Yj/mZsXmaDN+7iWYlAdCrubGyGzFHlCh26Ghu6SS0
/u8x1/Oi7ma7fUMFnEsFiYjwBkD3pQKK1dm7j2f1OMxi8uky8vgBgx40aeJkoUgEvIHWsCIi
CWVTyfiGeWIcKbK7tYP5jsjV5fUv+TaQ1pApt++Pyop1aogfQ8icNBQQkdX6E4gNhnPOPTM8
FTl69Tq5Ori5+TM8VM0iPGiydlcAXIAD3OyR4tZM12Ga1AtppKjx31EyDB4SPzUmDWRy5WgG
NRH3+RgiK/iXVcvLdFIKj3/AvctSLdbayyaFD8zrE/wcMzLfie+iE231+rG/7gmcR3H1rcYE
vxvmWAPikLQKiMUpPBNSvfLPUTrwNSGiZ5ieAAPgOooc3u5nohwZmEW1pg6HirZgIAgAYuyL
aLgnikwH70guiQ4Ufsih3gy0ddsUwliUTtbYQyX0OBQoTUyaiXPy0Wu2FJfsxiW8X9Lu9pIH
KOwU9K76VKot+UikGqeFQsS/Ig==
=M+du
-----END PGP PUBLIC KEY BLOCK-----
Other related posts:
