Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
×
Encryption IOS Iphone Security News Technology Your Rights Online

John McAfee Offers To Decrypt San Bernardino iPhone For the FBI and Save America (hothardware.com) 364

MojoKid writes: Wondering what John McAfee is up to these days? It's not sniffing bath salts nor is he fleeing foreign countries as a person of interest in a murder investigation and faking heart attacks (been there, done all that) ; instead, he's on a mission to save America. How so? By cracking the code on the San Bernardino iPhone that's causing such a ruckus. McAfee didn't just criticize the FBI; instead he offered a potential solution. Let him and his team of hackers break into the iPhone without any help from Apple. "With all due respect to Tim Cook and Apple, I work with a team of the best hackers on the planet. These hackers attend Defcon in Las Vegas, and they are legends in their local hacking groups, such as HackMiami. They are all prodigies, with talents that defy normal human comprehension," McAfee said. Eccentric rant aside, McAfee's offer is simple - give him three weeks and he will, "free of charge, decrypt the information on the San Bernardino phone" with his team of hackers. He'll do it using mostly social engineering.
This discussion has been archived. No new comments can be posted.

John McAfee Offers To Decrypt San Bernardino iPhone For the FBI and Save America

Comments Filter:
  • What's he on, today? (Score:5, Informative)

    by MSG ( 12810 ) on Thursday February 18, 2016 @04:15PM (#51537269)

    McAfee is clearly off his rocker. The only person or persons who he could expect to socially engineer his way through are dead.

    • by Talderas ( 1212466 ) on Thursday February 18, 2016 @04:19PM (#51537295)

      Unless he believes Apple has the ability to decrypt the device and plans on socially engineering them.

      • by Anonymous Coward on Thursday February 18, 2016 @04:26PM (#51537371)

        The FBI is not asking Apple to decrypt it. They're asking Apple to load a new firmware on it that removes the limit and delay on the number of tries before the device wipes itself so they can brute-force it. They've even told Apple that they can do it in-house so there's no chance the method will be used on anyone else's phone.

        Apple doesn't want to admit that they can flash new firmware to the locked device even though everyone knows they can.

        • by __aaclcg7560 ( 824291 ) on Thursday February 18, 2016 @04:33PM (#51537451)

          Apple doesn't want to admit that they can flash new firmware to the locked device even though everyone knows they can.

          According to one legal analyst, the FBI and NSA already have this capability. What the government is looking for in this court case is a legal precedent to force companies to do this for them and make the data recovery admissible in court.

          • by PopeRatzo ( 965947 ) on Thursday February 18, 2016 @04:38PM (#51537507) Journal

            What the government is looking for in this court case is a legal precedent to force companies to do this for them and make the data recovery admissible in court.

            That's it in a nutshell.

            • by AdamThor ( 995520 ) on Thursday February 18, 2016 @04:48PM (#51537625)

              So John McAfee can make a boast that won't get tested. He gets to proclaim himself supreme ninja badass knowing nobody will call his bluff, AND illustrate that when the government doesn't take him up on his offer it is because they are after something other than what they claim.

              *golf clap*

              Well played, Mr. McAfee.

            • by taustin ( 171655 ) on Thursday February 18, 2016 @05:01PM (#51537755) Homepage Journal

              I think they're also aiming to (eventually) use OS updates - which can be done remotely - to hack phones without having to have physical possession. Because seizing the phone can't be done without the owner knowing it, and getting warrants means dealing with judges. If they can do it remotely, they can ignore due process.

              • Re: (Score:3, Informative)

                by macs4all ( 973270 )

                I think they're also aiming to (eventually) use OS updates - which can be done remotely - to hack phones without having to have physical possession. Because seizing the phone can't be done without the owner knowing it, and getting warrants means dealing with judges. If they can do it remotely, they can ignore due process.

                Apple CANNOT Force an OS Update onto an iPhone remotely. I requires the User to either bring up the Update function or at the very least, Confirm a Dialog prompt.

                And I would doubt Apple can do so even with physical access, without taking the phone apart to expose JTAG (or similar) pins.

          • by Anonymous Coward on Thursday February 18, 2016 @05:02PM (#51537777)

            Only Apple has the key to sign their firmware image. OK, maybe the NSA but they'd never share that capability with the FBI.

          • by Trailer Trash ( 60756 ) on Thursday February 18, 2016 @05:19PM (#51537907) Homepage

            Apple doesn't want to admit that they can flash new firmware to the locked device even though everyone knows they can.

            According to one legal analyst, the FBI and NSA already have this capability. What the government is looking for in this court case is a legal precedent to force companies to do this for them and make the data recovery admissible in court.

            I came to this conclusion yesterday. Some clueless folks elsewhere were arguing that there might be a zero day exploit that Apple could use (um, paradox, anyone?) that would get the trick done. My point was that if such were available chances are the FBI, NSA, whomever would already know about it or be in a position to find out about it, and that would be an easier and cheaper route to take.

            It's obvious that they want to force Apple to do this as a precedent, particularly now that iPhone 6 + cannot be "hacked" in this manner.

      • by sycodon ( 149926 )

        Apple clearly can take that phone, throw it on the bench and have their way with it.

    • by aaron4801 ( 3007881 ) on Thursday February 18, 2016 @04:23PM (#51537339)
      He's socially engineering the FBI. He'll just waste the 10 attempts, and get the phone wiped. Debate over.
      • Is there some reason they can't clone the device? That would buy them unlimited attempts.

        • by sims 2 ( 994794 )

          Hardware based encryption. No way to extract the key.

          • The fact of the matter is that the FBI could probably get the NSA to expose the hardware encryption, although there's a chance of failure, and having done so clone the damn thing as much as they wanted. It would just take a year or so and cost a shitload of money. Much easier to try and bully Apple into doing their bidding

            • by Anonymous Coward

              The fact of the matter is that

              I don;t think that means what you think it means.

              Your wild-ass and misguided assumptions are not facts.

            • by taustin ( 171655 )

              That also only cracks this phone. If they can get Apple to cough up the right info, they can use OS update features to crack all iPhones, everywhere, remotely.

        • by gweihir ( 88907 )

          They cannot clone that encryption key.

        • by Andy Dodd ( 701 ) <atd7@c[ ]ell.edu ['orn' in gap]> on Thursday February 18, 2016 @04:49PM (#51537635) Homepage

          Apple devices have an additional "trick" beyond just PBKDF2 - There's a random AES key burned into the CPU, and it's wired such that it can be set/erased, but not directly read - it can only be fed as the key into an AES engine.

          I am not sure if Apple's PBKDF2 has this AES engine as part of the loop, or if it just feeds the key that comes out of PBKDF2 through the AES engine, but the end result is, on any given device, the AES key that results from a given passphrase is unique to that device and cannot be reproduced off-device.

          So if someone just clones the device's flash contents, they have to resort to brute-forcing AES directly, as opposed to trying to brute-force passcodes.

          So you can only brute-force passcodes on-device (something like 80ms per try on this model, newer models have a 5 seconds per try limitation), and Apple's software doesn't even allow you to do that. The FBI wants to at LEAST get on-device brute-force capability.

          Which might still take years if the user had a reasonably strong passphrase.

      • This would be the best outcome.

      • by Anonymous Coward on Thursday February 18, 2016 @04:58PM (#51537725)

        Close. I don't think he would wipe the phone, that would make too much trouble even for a man with MacAfee's history.

        No, he's shedding a light on how absurd the FBI's story on this item is. "Oh my goodness, there's a phone connected to this tragedy and we don't know what the 109 messages say! Even though we know who did it, we know that the messages went to Africa, we know the times and the recipient(s), we have all the meta-data. Oh, and we have the full resources of the FBI, CIA, NSA, DOD, the Five Eyes, and we've data-mined the entire planet. Yet John MacAfee can break into this phone with a tiny group of volunteer hackers and we just can't figure that out at all."

        The only thing the FBI is trying to do here is to cynically use a tragedy to set official, legal precedent. They are attempting to bully the phone makers to give them anything they want, any time they want it. This has nothing to do with the San Bernardino shooting beyond winning sympathy and support for the spying goals of the FBI.

        J. Edgar Hoover would be proud. Also Niccolo Machiavelli. We've been giving the Three Letter Agencies anything they want since 9/11 and they've grown fat and entitled on the spoils.

    • by Krishnoid ( 984597 ) on Thursday February 18, 2016 @04:23PM (#51537345) Journal

      McAfee is clearly off his rocker.

      ...

      I work with a team of the best hackers on the planet. These hackers attend Defcon in Las Vegas, and they are legends in their local hacking groups, such as HackMiami. They are all prodigies, with talents that defy normal human comprehension,

      Hey, if these hackers are the ones that starred in his last video [youtube.com], and he's going to make another one describing how he plans/executed this hack, I'm all for it.

    • If he works with "a team of the best hackers on the planet," surely the Long Island Medium must be among them...

      (BTW, I bet even the nerds on the team make fun of her hair.)

    • I really want some of what John McAfee is smoking.

    • Social engineering doesn't require they be alive or that you communicate with them.

      If he finds out the password is the year they were born in, that's still social engineering. If he teases information out of the neighbors that leads him to guessing the right password, that's still social engineer.

      You'll rarely succeed in a direct social engineering attack, people start to detect it when you ask too many questions of them directly. It works great when you target mom and dad, a sibling, a secretary or boss

    • You're a bit dull to be name-calling based on your presumed intellectual superiority.

      It took about half a second for me to notice that an attack vector would be Apple, because they're the ones with the private keys needed to install modified firmware. And, presumably there are live humans at Apple that are potentially susceptible to social engineering attacks.

      Unlikely his people are that good, but there is an available (very difficult) solution that matches his claim.

      Your inability to think even all the way

  • Impressive! (Score:5, Funny)

    by 110010001000 ( 697113 ) on Thursday February 18, 2016 @04:17PM (#51537281) Homepage Journal
    They must be pretty good if they attend Defcon in Las Vegas!
  • by Anonymous Coward

    The suspects are dead. Are they going to attempt a seance?

  • by scunc ( 4201789 ) on Thursday February 18, 2016 @04:20PM (#51537315)
    Who better to break into a system that's nearly impossible to get into than the man responsible for software that's nearly impossible to get rid of?
    --
    What happens when an unstoppable force meets an irremovable object?
    • by sims 2 ( 994794 )

      Last week I had to disconnect a system from the internet because It wouldn't allow me to get to the next step of the uninstall because the upsell page wouldn't load.

  • How hard is it to image the entire storage area on iPhone? Like, a bit for bit copy of everything on it? And then.. just load the image into a vm and brute force the PIN, while leaving the original device intact?

    • by agm ( 467017 ) on Thursday February 18, 2016 @04:26PM (#51537375)

      The encryption keys and protection mechanism are hardware based, not software based. The bytes in storage are useless without the phone's exact hardware. Unless they try and brute force the encryption. How many millions of years would that take?

      • by gweihir ( 88907 )

        Would take longer that the remaining lifetime of the universe or alternately more energy and matter than is available if the universe goes for heat-death.

    • by spire3661 ( 1038968 ) on Thursday February 18, 2016 @04:29PM (#51537395) Journal
      You dont get it. This is the FBI's 'Rosa Parks' moment. They are using an incendiary case to force the issue that unbreakable encryption should not be allowed in casual use. They are trying to force the idea that it should be illegal to make an unbreakable lock and they are using this case to ram it home. They dont really give a shit about the data in this case, they want to cow the tech sector into not making their jobs harder.
      • by gweihir ( 88907 )

        And anybody that knows their stuff just uses a secure passphrase with > 100 bits of entropy and Argon2 and nobody besides them will ever be able to unlock that. Apple only needs the hardware to make it very convenient to get secure crypto. It is entirely possible to do this securely in software only, just requires a user that is willing to remember more than 6 characters and letters.

      • by j-turkey ( 187775 ) on Thursday February 18, 2016 @05:37PM (#51538041) Homepage

        You dont get it. This is the FBI's 'Rosa Parks' moment. They are using an incendiary case to force the issue that unbreakable encryption should not be allowed in casual use. They are trying to force the idea that it should be illegal to make an unbreakable lock and they are using this case to ram it home. They dont really give a shit about the data in this case, they want to cow the tech sector into not making their jobs harder.

        THIS! I wish that I had mod points. You are correct, the case is entirely political. The Guardian has an article that explains in depth [theguardian.com] what you very succinctly stated. The big takeaway is that the actual data in this case doesn't really matter. However, the feds were fishing for the perfect inflammatory case to establish legal precedent (NPR had a great story on it earlier this week with a legal analyst who said that the Justice Department knew exactly what they were doing when they chose this case). Tim Cook is spot on in fighting this as a precedent matter more than anything else.

    • Its so much simpler than all this.

      Prevent the device from being able to write the invalid attempts count to wherever it writes it. Now try all 10,000 combinations, power cycling as needed. Thats the way hardware guys are thinking about it.
    • There's only one problem with that. Cracking up to 37 characters of unicode characters (even if you don't use the entire 200K+ set of printable characters) is slightly more difficult to brute force than the 256 bit AES key...

      By my math, with 37 characters, you only need 121 unicode characters (not 121K. Just 121) to make roughly as many permutations as a 256 bit AES key.

    • by gweihir ( 88907 )

      That is not the problem. The problem is getting the encryption key out of the secure microcontroller storing it. Seriously, your amateur-level approach is among the very first things the experts will check for feasibility... and will find that it does not work here as.

  • by Thud457 ( 234763 ) on Thursday February 18, 2016 @04:21PM (#51537329) Homepage Journal
    You're supposed to be running for president!

    A Trump / McAfee ticket is the closest thing we can get to having President Dwayne Elizondo Mountain Dew Herbert Camacho in real life.
  • by twotacocombo ( 1529393 ) on Thursday February 18, 2016 @04:22PM (#51537335)

    If only they would take him up on his offer. The first thing that came to mind was Kip driving over the plastic bowl with the camper van.

    Dang it!

  • Can't they just open the device, dump the data & OS and try to bruteforce that without using the iphone passcode system ?
    • If you manage to dump the memory contents without tripping any protections that cause shit to be wiped you'll need to brute force a random 256-bit key.
      Otherwise, you'd need to clone the whole fucking phone, including the hardened security chip, because it nukes the key after 10 failed attempts by default.

      • If you manage to dump the memory contents without tripping any protections that cause shit to be wiped you'll need to brute force a random 256-bit key.

        Well I didn't say it would be easy :D.

        Otherwise, you'd need to clone the whole fucking phone, including the hardened security chip, because it nukes the key after 10 failed attempts by default.

        And Apple can't bypass their security chip, make the dump and hand it out to the FBI ?

        • by Andy Dodd ( 701 )

          They intentionally wired it so the key memory output only goes into the key input of a crypto engine - it can't be read back without decapping the CPU and microprobing it, and they may have put in countermeasures against that.

    • Well, as I understand it, the encryption is AES-256. So, in theory, it would take about 33,100,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000 years [eetimes.com], assuming you used the fastest supercomputer.

      • Yeah but couldn't we try a dictionary first, plus I don't think people like inputting long passcodes on a selfphone.
        I should really read up on this stuff but it's hard.
    • by gweihir ( 88907 )

      No. There is a crypto key stored in a secure microcontroller. Unless they get the key out of that chip, they have nothing. At this time, it depends very much on implementation details whether Apple can even write that mystical software to allow unlimited tries.

  • >He'll do it using mostly social engineering.

    It seems like we (or the source) got this stuff a little hot, maybe from a handmade audio transcript. Over at Ars their take was

    > About 75% [of the associates] are social engineers. The remainder are hardcore coders.

    Plus the eating his shoe thing. Sensationalism or not I'm surprised that's not mentioned in TFA.

  • by NetNed ( 955141 ) on Thursday February 18, 2016 @04:30PM (#51537413)
    I am pretty certain Mcafee is working some amnesty angle here.
  • This is pretty much completely the opposite of the sort of thing he usually claims to be in favor of. I was thinking about probably not registering to vote so I could vote for him. What the shit?
    • by gweihir ( 88907 )

      Oh, simple: He cannot do it. He will not get a chance to try either and he does know that as well.

  • The shooters are dead. How exactly is social engineering going to work against them?
  • >> He'll do it using mostly social engineering

    "No problem. Just gimme the phone number, the address and the bank of the guy who owns the phone. I'll have him giving up the code by Sunday."

    >> He's dead.

    "F***!"

  • by Pete (big-pete) ( 253496 ) * <peter_endean@hotmail.com> on Thursday February 18, 2016 @04:37PM (#51537485)

    By "social engineering", I take it he's not planning to directly attack the hardware of the phone, which means he's planning to use the only other logical approach to breaking into this phone (and to me the only obvious attack vector open to him or anyone else as long as Apple stand their ground [correctly]).

    Because this phone has a four digit passphrase, this means that the owner of the phone has hit the same four sections of screen at least hundreds, and more likely thousands of times. Maybe it is possible using very delicate and incredibly accurate equipment to detect some sort of impact print on the screen where it has been used in those four spots repeatedly. If it is possible to do this, then you have cut down the number of password from 10,000 to 24 different possibilities. From here you need to check everything you know about the phone owner to see if any of those combinations are personally significant in any way - even if the combination is entirely random, you'll still have a 41.5% to break the password with 10 attempts...

    Meh - then again I'm not a half-million dollar a year hacker, so what do I know?

    -- Pete.

    • Wow - it's amazing the FBI didn't think of that.

    • Have him demonstrate his skills on another iPhone first.
      • My thought too. Nothing stopping him from taking any other iPhone 5c, setting Auto-Erase to on, and proving his hacking team's prowess on YouTube for the world to see.
        (The exception is that the court order doesn't actually reveal what specific iOS version the iPhone is running. The FBI alludes, a lot, that it is running iOS 9.something, but doesn't otherwise clearly say. Which I find a bit suspicious; they spewed out a lot of other info about the device.)

  • Yo Timmy, can you have them write me some firmware? I forgot my password.
  • by slashkitty ( 21637 ) on Thursday February 18, 2016 @04:45PM (#51537595) Homepage
    I highly recommend some of you read this paper: http://www.apple.com/business/... [apple.com]
  • A big one too! But first I'm going to tell the whole fucking internet!
  • Maybe McAfee is trolling. Maybe he's hoping someone will be dumb enough to go by pure name recognition, and let him at the phone. At which point, he will type in 10 wrong passwords and return the phone to starting state, ending this whole mess. I mean, think about it, does he have anything to lose at this point? "Oops. Sorry Feds. I thought we had it for a second there. Live and learn, right? *wanders off whistling to himself*"
  • by Applehu Akbar ( 2968043 ) on Thursday February 18, 2016 @04:54PM (#51537689)

    McAfee's software, which comes loaded by default on millions of PCs, has been instrumental in making OS X more popular.

  • by citylivin ( 1250770 ) on Thursday February 18, 2016 @05:03PM (#51537789)

    If your like me and had no idea wtf this article is talking about, apparently it was used in an american mass shooting:

    https://en.wikipedia.org/wiki/... [wikipedia.org]

    Funny they are so concerned with gaining access to this stupid phone when the real weapons used to commit the crime are sold almost everywhere in america.

  • I see that Tashfeen used Facebook on her cell phone. Anyone who has read the things that the Facebook app has access to... would seem you could power it up, and have the facebook app probe the phone for useful information. Contact, messages, pictures, phone numbers etc. Who needs apple?
  • by superwiz ( 655733 ) on Thursday February 18, 2016 @05:15PM (#51537871) Journal
    BS. If they were so confident they could do it, they wouldn't have to do it with THAT phone. They could decrypt the phone of some independent 3rd party willing to arbiter the contest. The judge didn't order decryption of THAT phone. It ordered Apple to surrender information sufficient to give FBI ability to decrypt ANY phone. And I believe (could be wrong on that) Apple's position is that it's not able to do it under the current encryption scheme (even if did it in the past, it may not be able to do it now). Here's http://crypto.stackexchange.co... [stackexchange.com] a discussion of someone trying to understand why brute force isn't possible even if they take apart the phone.

Top Ten Things Overheard At The ANSI C Draft Committee Meetings: (1) Gee, I wish we hadn't backed down on 'noalias'.

Working...