Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
×
Encryption Government Iphone Privacy Security Software United States Hardware Technology

FBI Calls Apple 'Jerks' and 'Evil Geniuses' For Making iPhone Cracks Difficult (itwire.com) 348

troublemaker_23 shares a report from iTWire: A forensics expert from the FBI has lashed out at Apple, calling the company's security team a bunch of "jerks" and "evil geniuses" for making it more difficult to circumvent the encryption on its devices. Stephen Flatley told the International Conference on Cyber Security in New York on Wednesday that one example of the way that Apple had made it harder for him and his colleagues to break into the iPhone was by recently making the password guesses slower, with a change in hash iterations from 10,000 to 10,000,000. A report on the Motherboard website said Flatley explained that this change meant that the speed at which one could brute-force passwords went from 45 attempts a second to one every 18 seconds. "Your crack time just went from two days to two months," he was quoted as saying. "At what point is it just trying to one up things and at what point is it to thwart law enforcement? Apple is pretty good at evil genius stuff," Flatley added.
This discussion has been archived. No new comments can be posted.

FBI Calls Apple 'Jerks' and 'Evil Geniuses' For Making iPhone Cracks Difficult

Comments Filter:
  • by Duhavid ( 677874 ) on Thursday January 11, 2018 @08:04AM (#55907005)

    If it is easy to crack for the FBI, it is easy to crack for anyone.
    Any "back doors" will be converted to front doors ( or windows ) soon enough.
    And the timing of such a statement. Meltdown and Spectre still in the news, then this.

    • No, they are not (Score:5, Insightful)

      by PeeAitchPee ( 712652 ) on Thursday January 11, 2018 @08:22AM (#55907087)
      This is theater, and the FBI / NSA / sppok community at large obviously understands what you are describing. Statements like this are in part how these orgs "prove" to the gov't the need to pass laws to give them what they want.
      • by Duhavid ( 677874 )

        And if they get the laws they want, they know that cyphertext == plaintext? At least for the bad guys.

        If the encryption is breakable, the bad guys will be just as able to break it.
        If some kind of key escrow is used, the bad guys will figure out how to compromise the keys ( bribing devs to insert "bugs", bribing devs to make the keys available to the bad guys in addition to law enforcement, bribing the law enforcement key holders to deliver the keys, etc ).

        And any bad guys who want to encrypt their own stuf

        • Companies have spent hundreds of millions of dollars trying to encryption this and that, from various forms of DRM to game console and locked bootloaders. It ALWAYS gets broken, sometimes shortly *before* the product is released. No need to bribe anyone;security is just hard because breaking things is easier than making things. It's a fact that if people can make it, people can break it.

          • by c6gunner ( 950153 ) on Thursday January 11, 2018 @09:51AM (#55907573) Homepage

            You're confusing different things. DRM and copy protection are relatively easily cracked because the keys used for decryption have to be available to the software/device in order for it to function; they're just obfuscated in various ways that make them difficult to obtain. On the other hand, when you encrypt a device yourself the encryption key/password does not need to be stored anywhere other than in your head.

            Finding a key which is recorded but obfuscated is not at all similar to finding a key which only exists in the brain of an individual. Especially if you're not allowed to use torture, or if the person in question is already dead.

            • by Waffle Iron ( 339739 ) on Thursday January 11, 2018 @12:35PM (#55908767)

              Actually, for most phones the encryption keys *are* kept in the phone and obfuscated; they're kept in tamper-resistant hardware storage (which must be rather effective, otherwise the spies wouldn't be complaining).

              The info kept in the user's head is just a short PIN that could be cracked in seconds if they were actually used as the key. The security lies in the phone firmware/hardware only allowing a small number of PIN guesses before it wipes out the real keys.

        • by Anonymous Coward on Thursday January 11, 2018 @09:58AM (#55907613)

          Maybe you don't understand. The FBI ARE the bad guys. Make sense now?

      • Also probably to lull criminals into a false sense of security. With backdoors and exploits in every chip the crypto is virtually worthless, but people don't put compromising information in their phones if they think they are compromised so they have to rant about how impenetrable they are such that criminals start using them again.
    • Re: (Score:2, Insightful)

      by Anonymous Coward

      And a lot of people - including the FBI guy there - seems to think that his agency is a bunch of saints and always has been and always will.

      They should go and read some biographies not written by FBI people about J. Edgar Hoover.

      • And a lot of people - including the FBI guy there - seems to think that his agency is a bunch of saints and always has been and always will.

        They should go and read some biographies not written by FBI people about J. Edgar Hoover.

        Yeah, I've watched the X-Files. I know the FBI is full of jerks and evil dicks (I was going to say 'genuises', but let's face it, most are far from it).

      • There is a very distinct whiff of nerd resentment here. Don't you just imagine this guy as some popular "sports" kid from high school? It's the same anti-intellectual strain that goes into science denial. Whether or not this particular person feels that way, it's definitely the sentiment he is trying to tap.
        • There is a very distinct whiff of nerd resentment here.

          I disagree. The FBI and other TLAs (Three Letter Agencies) have been caught too many times with their hands in the proverbial cookie jar. And when caught doing unlawful things, their response has been to make their actions lawful, and with secret laws at that, rather than stop breaking the law. Consumers are responding by demanding their providers put a lock on the cookie jar. When it's no longer a government by the people and for the people, people tend to dismiss government concerns.

          It's not Apple

          • I am a massive Android fanboi, and can't particularly stand Apple's UI or walled garden...
            That said, if I needed a phone for questionable stuff an apple burner looks to be the ideal choice all things considered.

    • by necro81 ( 917438 ) on Thursday January 11, 2018 @08:30AM (#55907131) Journal

      If it is easy to crack for the FBI, it is easy to crack for anyone

      To quote CGPGrey [youtube.com]: "there's no way to build a digital lock that only angels can open and demons cannot. Anyone saying otherwise is either ignorant of the mathematics or less of an angel than they appear."

    • Re: (Score:2, Funny)

      by TheRaven64 ( 641858 )
      Maybe they own Apple stock. If they're clever, then they bought a load of Apple shares, announced that Apple devices were too secure for them to be able to crack but that all of their competitors' devices weren't, and then waited for the media to pick this up before selling their shares.
    • We really need to put our nationalism aside when evaluating security. The FBI willing billions of dollars behind them, may not be any more effective at breaking into a phone then some guy living in his Moms basement. Is isn't Apple being a Jerk, or evil. They are trying to protect their customer base as well as they can. Because if word leaks out that their phones are insecure, Apple can be doomed.

      • The FBI has had their head up their ass on this thing from the start. They should be championing encryption, as it alone is responsible for preventing possibly millions of cross-state-line ID theft and wire fraud cases that they would be saddled with investigating.

  • by ArtemaOne ( 1300025 ) on Thursday January 11, 2018 @08:04AM (#55907007)

    Pre-cracked encryption is worthless. Might as well force everyone in the world to use TSA locks for physical security, where there are only 5 keys in the world that open them, providing no security at all.

  • by Austerity Empowers ( 669817 ) on Thursday January 11, 2018 @08:07AM (#55907015)

    The FBI is now indicating we should buy Apple devices because the security is good.

    • by fortfive ( 1582005 ) on Thursday January 11, 2018 @08:12AM (#55907029)

      Either that, or they are lulling their targets into believing they are secure with apple products.

      â"
      Posted from my secure iPhone

      • Or maybe that is what they want you to believe...

      • by phayes ( 202222 )

        Tinfoilhat
        YEAH! Not only is the FBI trying to lull us all into thinking that iOS devices are harder to crack than the competition,
        EVERYONE ELSE is trying to convince us all of the same thing!!! That PROOVES it!!!!
        "/TinfoilHat

        From the Jailbreaking communities that are shutting down because an exploit for unlocked iOS 11 has yet to be found to bug bounties where an exploit for a locked iDevice is the highest priced mobile platform, everyone says that iOS is the hardest nut to crack.

        But the zealots and crackpo

    • Interesting point. This is quite the sales pitch for Apple's security practices.

  • it's a decision (Score:4, Insightful)

    by Anonymous Coward on Thursday January 11, 2018 @08:12AM (#55907031)

    Apple isn't any "smarter" or "evil-genuis-y" than any of the other guys out there. They just decided to take their customer's privacy seriously. Google, Facebook, etc are just as smart or evil genius-y, they just put their targets elsewhere because having their customers' information more public is their business model.

    • by ghoul ( 157158 ) on Thursday January 11, 2018 @11:22AM (#55908197)

      Google's customer are the companies who pay money to Google for ads. You do not pay any money to Google so how can you be their customer? You and your profile is Google's product which Google sells to advertizers. They take care to anonymize the data not because you will stop paying money to them (how can you ? you dont pay anything today) but because if profiles end up in their advertizers hands the advertizers can market directly and dont need to go through Google.
      Ditto Facebook.
      Apple actually gets money from you and me so it cares what we think .

  • by Gravis Zero ( 934156 ) on Thursday January 11, 2018 @08:20AM (#55907067)

    Congress Is About To Vote On Expanding the Warrantless Surveillance of Americans [slashdot.org]

    I think it's hilarious that they don't realize that it's their own insatiable desire to spy on everyone that is the primary driving force behind the spread of encrypted communications. That they don't realize this truth makes it all the more funny.

    • by pr0fessor ( 1940368 ) on Thursday January 11, 2018 @09:17AM (#55907377)

      What these people forget is that average people use these devices to do online banking/shopping/bill pay and that a lost or stolen device that doesn't have good encryption is just another way identity theft and fraud can happen. If protecting the people from fraud and identity theft that costs it's victims over $15 billion a year isn't a priority for these people then they shouldn't be in law enforcement.

      It's not law enforcement that makes me want to keep my phone encrypted and password protected it's all the thieves and fraud.

  • by Anonymous Coward on Thursday January 11, 2018 @08:20AM (#55907073)

    They don't do it to thwart law enforcement. They do it to thwart criminals, terrorists, foreign intelligence agents (aka spies), etc.
    If the law enforcement people happen to use the same techniques as those groups, well......

  • by HumanWiki ( 4493803 ) on Thursday January 11, 2018 @08:20AM (#55907075)

    You're not the first Flatley to stomp your feet about something.

  • Pointless (Score:4, Interesting)

    by nehumanuscrede ( 624750 ) on Thursday January 11, 2018 @08:26AM (#55907105)

    The only brand of criminals the FBI will catch are the stupid ones.

    The more intelligent types realize LE focuses on the phones too much and will simply ensure that they do not conduct their business via the devices in question.

    They must know this so it begs the question once again: Are they really interested in criminals phones, or the ability to look at anyones phones on demand ?

    Though the way LE treats folks these days, we're all pretty much criminals in their eyes.

    It did cross my mind that they're simply blowing smoke to cover the fact that they have methods to break into them.

    All the acting ensures folks believe they're still secure.

    Just a thought.

    • Being able to break into phones might well move the 'real' criminals onto other ways to communicate, thus keeping the FBI out of the picture. However, it does generally have the effect of putting the criminals costs up a bit - thus more of the criminal spectrum moves towards the stupid end because they don't have the funds to remain secure.

      Whilst it's of limited benefit, it's not entirely without benefit.

      As for the acting part of the show - that costs nothing, yet has huge benefits (if it's really just acti

    • The only brand of criminals the FBI will catch are the stupid ones.

      They're just trying to reduce the competition.

    • my GUESS (total non-informational guess) is that there already is an exploit (or, even apple GIVING the leos what they want) and this is all a smokescreen to keep up appearances.

      I believe (again, no actual info) that the nsa has all it needs, it has enough might and power and influence to get what it wants.

      I believe all encryption has been broken by the three letter agencies and we are all being led astray by false info. the narrative, if you will.

      why do I believe this? just being alive for over 50 years

  • by namgge ( 777284 ) on Thursday January 11, 2018 @08:26AM (#55907111)
    I goes: "Oh please Brer Fox, whatever you do, please don't throw me into the briar patch."
  • by geekmux ( 1040042 ) on Thursday January 11, 2018 @08:28AM (#55907117)

    I cannot believe we actually hire allegedly educated individuals to work in the FBI who can't fucking grasp the concept that Apple didn't make good security because of the FBI. Apple made good security because of the actual evil in the world, and to protect their customers.

    Wonder how the FBI would feel if we turned around and started asking them the same damn thing about their encryption. How dare they make it very difficult to brute-force. Of all the nerve...

    • by Jaime2 ( 824950 )
      Read his comments with a huge grain of salt. Either he is so ignorant of crypto that he thinks that raising the number of iterations is genius rather than normal practice, or he is intentionally making outlandish statements that are calculated to sway public opinion. It seems obvious that it's the latter, and it will probably work.
      • Read his comments with a huge grain of salt. Either he is so ignorant of crypto that he thinks that raising the number of iterations is genius rather than normal practice, or he is intentionally making outlandish statements that are calculated to sway public opinion. It seems obvious that it's the latter, and it will probably work.

        Speaking of public opinion, if I were in Tim Cooks position, I would hold a YouTube live stream and call this FBI agent out personally.

        Let the FBI stand up there and rant and rave about how unbreakable Apple security is. Let the FBI bitch and moan about hacking attempts on Apple hardware being very difficult.

        Then Tim will stand up and ask one simple question; "Why is it hard for hackers to break into your encryption?"

        The FBI will provide an obvious answer, to which Tim will reply in front of the world wat

    • I cannot believe we actually hire allegedly educated individuals to work in the FBI who can't fucking grasp the concept that Apple didn't make good security because of the FBI. Apple made good security because of the actual evil in the world, and to protect their customers

      Please note that those two groups are in no way mutually exclusive.

  • Come back when they're calling them "scoundrels" and "nerf herders".

  • Courts can order you to unlock your phone [wired.com], which means that the FBI is talking about investigations, not prosecutions. I suppose it depends on the investigation; if the phone contains the location someone in North America of a nuclear device set to explode in the next hour, then it might be great if the device got unlocked. Google et al. just cooperate with law enforcement; Apple has opted not to give itself a back door so it does not have to deal with the drama. Public opinion might change after the mushro

    • by hjf ( 703092 )

      "Might"? Remember 9/11?

      • by shess ( 31691 )

        "Might"? Remember 9/11?

        Yeah, public opinion will change. All of our phones will require full real-time uploads, because the government will be all like "We're sure their phone has contact information for other people, even though we didn't figure out which phone we wanted until a few weeks after the event. Unfortunately, the phone was destroyed in the event so we think in the future we should receive the information in advance."

      • We should have a 2nd Amendment for Nukes where all countries have nukes. May just make USA more polite and stop poking into others' backyards.

    • by ghoul ( 157158 )

      You know the solution to not having a nuke go off in USA?

      Stop pissing off people. There solved and did not need turning USA into East Germany.

  • The question, as always, is whether the good outweighs the bad.

    If we could somehow create magical impenetrable *physical* fortresses that cannot be opened or accessed by the duly-empowered law enforcement and judicial powers of a democratic society, would we say that's just the way it is?

    Or would we have a discussion about it on the context of public good and the rule of law?

    There is no one "right" answer to a question like this save the ones we collectively and imperfectly come to as a society. Absolutist

    • Yes, this. I hate that people like to try and make it all into sound bites, when it's much more complicated. Everyone wants (or should want) security and privacy, but we also want law enforcement to be able to protect us. When those two conflict, how do we handle it? Everyone wants the simple one sentence, headline-style answer, and there isn't one.
      • by b0s0z0ku ( 752509 ) on Thursday January 11, 2018 @08:53AM (#55907251)
        "Law enforcement" hasn't protected the average American in decades -- it's been turned into an industry with its own lobbyists, fueled by laws that allow mass long-term incarceration. Sadly, many Americans support it, but this country would be a better place if police powers were severely curtailed.
      • No, most of us want law enforcement to enforce the law if it is violated. Their job is not to protect me, their job is to arrest you after you hurt me.

    • Re: (Score:2, Informative)

      by b0s0z0ku ( 752509 )

      You have way too much belief and trust in the US as a "democracy" and "free society." This kind of society ended after 9/11, if it ever existed at all. We might as well build as many fortresses as possible (even if they contain nothing illegal), just to frustrate law enforcement which has made an industry out of eroding Americans' freedoms.

      You know what we should do to prevent terrorism? Stop pissing off the terrorists. That's right -- stop fighting wars in places where we don't belong. Stop playing fa

      • You have way too much belief and trust in the US as a "democracy" and "free society." This kind of society ended after 9/11, if it ever existed at all ... You know what we should do to prevent terrorism? Stop pissing off the terrorists. That's right -- stop fighting wars in places where we don't belong. Stop playing favorites in the Middle East and Central Asia. None of the countries there are our problem.

        This, exactly. In the aftermath of 9/11, I repeatedly said "By all means, hunt down and kill the bastards who did this to you. But then give your heads a shake, do some soul searching, and ask yourself what you did to them to make them so pissed off that they would sacrifice their own lives to fly planes into your buildings". Instead, government took advantage of the attacks, and the anger and fear they generated among Americans, to hugely expand and consolidate their own power base.

        As for the security of t

      • You know what we should do to prevent terrorism? Stop pissing off the terrorists.

        Appeasement is the best policy! This is why I always tell women that the best way to prevent rape is to stop saying "no".

        • This is more like a bunch of bullies fighting down the street, and us wanting to jump in, even if whether they get black eyes doesn't concern us. They're not family or friends, so why is this our problem?
          • They're not family or friends, so why is this our problem?

            Because they control a large portion of the world's oil.

            • We have ample non-renewable energy sources available in the US. Oil, natural gas, uranium, etc. Let the countries that actually need the oil fight the wars.
          • They're not family or friends, so why is this our problem?

            Because some of us are no longer beholden to such a tribal mentality. Concerning yourself only with family and friends might have been fine 10,000 years ago; today we tend to have a wider outlook. If you exepct us to turn back the clock, the onus is on you to explain why.

          • They might not be your family or your friends, but I can guarantee you that there are US citizens with family in any given country and I have friends from many countries. America is a melting pot, despite the desires of the nationalists out there.

            • I'm all for civilian aid. I'm all for accepting refugees. I'm just against running expensive military homicide campaigns worldwide that make our government both bankrupt and despised.

              We can't fight everyone's wars for them.

    • by ledow ( 319597 ) on Thursday January 11, 2018 @09:10AM (#55907343) Homepage

      I hate to defend Apple (literally.. I do HATE to defend Apple), but:

      "There is no one "right" answer to a question like this save the ones we collectively and imperfectly come to as a society. Absolutist assertions that it is either unbreakable, impenetrable encryption for all, or nothing, are false."
      "Apple believes it is protecting freedom. It's wrong."

      Well, that absolutist assertion seems like you have an answer in mind.

      You're trying to mask it, but a backdoor is a backdoor. If Apple are capable of creating a version of the OS that will update over an existing version on a targeted iPhone and thus render the encryption on their iPhone moot - then there is NOTHING stopping a person at Apple from, say, reading the president's private bedroom photos from his iPhone.

      You can say "it won't happen", you can say "nobody would do that", you can say "you just need to pick people carefully", etc. but the fact is that at the end of the day some small group of Apple employees have some method of access to every Apple device on the planet. To suggest that this could never be misused would be false.

      As such, to not even have THE CAPABILITY is to render the possibility moot. No, we won't push out targeted firmware to an individual iPhone identified by law enforcement - we'll design systems such that we CAN'T EVEN DO THAT (i.e. one iPhone is no different to any other and can't be identified by such a system). That's how to secure your customers and your business. A kind of legal self-denial if you like. The best way to ensure you can't get drunk is to not have the alcohol in the house at all.

      Your other arguments in that article are literal red herrings;

      "Apple is welcome to use every legal mechanism possible to fight this court order â" that is their absolute right. But to start and grow their company in the United States, to exist here because of the fundamental environment we create for freedom and innovation, and then to act as if Apple is somehow divorced from the US and owes it nothing, even when ordered by a court to do so, is a puzzling and worrisome position."

      So... because Fuck Yeah America! they are required to kowtow and not use a valid legal argument in a US court? I think that's what that article says there. If the US court wished to sanction them, they could and would. You could literally stop Apple operating overnight if the courts so determined that they were that non-compliant. But they presented an argument, which clearly won enough doubt to not push through such orders to being prosecutions for failing to comply. And the rest of the "because they're in the US, they should give us something" stuff is just a distraction based on national pride.

      This is about the only thing Apple have ever done that I approve of. It shows that they have at least some semblance of a principle, and - amazingly - it would be much cheaper and easier to comply. They are literally costing themselves money to secure a freedom. That's the one good thing I've ever been able to say about Apple, ever.

      And it is securing your freedom too. How? If a guy at Apple can do it, so can a guy at the NSA order him to do it and also to then never speak of it, and that guy at the NSA could easily be working for a foreign state, or to try to discredit the president, or be someone who wants to set you up, etc.

      Literally, a dystopian state would love this... hey, just let me tap into everyone's iPad and iPhone, and by the way you cannot ever say a thing. If you haven't seen, powers - once established - are universally misused for a long time until they're brought back under control (if at all). Some councils in the UK are still using "anti-terror" legislation to get personal details on people who put the wrong bins out on the wrong days. I kid you not.

      By not allowing the creep to start, publicly, visibly, legally, at great expense and when they could just kowtow, Apple has done more of a service in this small act than can be countered by stopping a terrorist.

      • by Calydor ( 739835 )

        You can say "it won't happen", you can say "nobody would do that", you can say "you just need to pick people carefully", etc. but the fact is that at the end of the day some small group of Apple employees have some method of access to every Apple device on the planet. To suggest that this could never be misused would be false.

        https://xkcd.com/538/ [xkcd.com]

        Just replace 'user' with 'kidnapped Apple developer'.

    • There is no one "right" answer to a question like this save the ones we collectively and imperfectly come to as a society.....Apple believes it is protecting freedom. It's wrong.

      Yes there is a right answer, you fascist shill. The answer is "Fuck off you bunch of spying police state asshats."

      There is nothing magical about technology which somehow makes criminals into super villains the likes of which it will take a batman to counter. Our law enforcement still has all the tools they used over the last 100 years to counter crime, plus a metric fuckton of additional technology. They have the ability to track ceill phones by the towers they connect to, they have facial recognition and l

    • by sjbe ( 173966 ) on Thursday January 11, 2018 @11:19AM (#55908177)

      If we could somehow create magical impenetrable *physical* fortresses that cannot be opened or accessed by the duly-empowered law enforcement and judicial powers of a democratic society, would we say that's just the way it is?

      We would have to. Total strawman you have there but I'll roll with it. To make it tangible the laws of mathematics are not bendable for the convenience of some and not others. Once encryption is broken by one party, it is a trivial exercise to break it for an arbitrary number of other parties or to simply distribute the data being protected. Once you have one key it's cheap and easy to make copies of the key and much more expensive to replace the locks. And once the data is taken there is no point since that would be like locking the door after the thief has already run off with your stuff.

      There is no one "right" answer to a question like this save the ones we collectively and imperfectly come to as a society.

      Actually there is a right answer here and air quotes are not needed. Your options are either to use encryption properly to keep data secure or to not use it at all and live with the consequences. There literally is no middle ground. Weak encryption or backdoored encryption = no encryption.

      Apple believes it is protecting freedom. It's wrong. Here's why:

      That article is a complete load of nonsense. The author is either an idiot or has an agenda. His arguments are flawed to their core. The argument is basically that bad guys are lazy and won't be bothered to take advantage of government mandated back doors. That argument is so stupid I barely know were to begin.

  • by ledow ( 319597 ) on Thursday January 11, 2018 @08:43AM (#55907199) Homepage

    Hate Apple products.
    Hate Apple business tactics.
    Hate Apple's complete lack of social responsibility.
    Hate Apple design.

    Their one redeeming feature: That they don't just make it easy for the FBI (or anyone else).

    Tell them off and call them names for anything else, I'll be right there cheering you on. But insulting them because they won't deliberately weaken security just in case their users happen to be a terrorist? Yeah, that I won't just jump on board with.

    • I can't help it, but I somehow think something's VERY wrong when siding with a corporation makes more sense than siding with the government that allegedly works for you...

      • Maybe you assume that both are corrupt and rotten, and neither works for you.
        • A corporation also isn't supposed to work for me. Unless I'm a shareholder. There is no pretending that a corporation has ANY kind of obligation to do ANYTHING for my benefit. Even the product they sell me is at best a necessary evil so they can turn a profit.

          An elected government is BY ITS VERY DEFINITION as a government elected by the people for the people supposed to work for me. If it isn't, it loses the very foundation of its claim to power.

          • by flink ( 18449 )

            An elected government is BY ITS VERY DEFINITION as a government elected by the people for the people supposed to work for me. If it isn't, it loses the very foundation of its claim to power.

            Except that government exercises its power via people in the form of elected and appointed officials. People are fallible, and for the most part those officials have ceased to work for the people who elected them and now serve the corporations who got them elected.

  • by sjbe ( 173966 ) on Thursday January 11, 2018 @08:48AM (#55907239)

    We at the FBI are a bunch of lazy twats who regard the constitution as a piece of toilet paper if it makes our job harder. We also know perfectly well that any backdoor in encrypted software makes the encryption worthless but pretend otherwise in public because we only care about ourselves.

    Basically either this guy is evil or an idiot and I'm pretty sure someone at the FBI understands how encryption works so I'm favoring evil. Either way it isn't a good situation for our civil right to have the cops demanding a master key to everyone's (figurative) house.

    • My impression is that they're arrogant enough to believe they can keep the keys secret and/or the collateral damage of a breach is less important than whatever they feel like doing.
  • It's insanely difficult to root and audit the damn things. About time the FBI is working for us and demanding that we get control over the hardware we buy.

    (Sarcasm is in the eye of the beholder...)

  • by RobinH ( 124750 ) on Thursday January 11, 2018 @08:58AM (#55907275) Homepage
    A product you can crack in two months with available technology still has essentially broken security.
  • Law enforcement (Score:5, Insightful)

    by jbmartin6 ( 1232050 ) on Thursday January 11, 2018 @08:59AM (#55907279)
    Of course it is to thwart law enforcement. The FBI likes to pretend that it is trustworthy, history says otherwise. And of course, the US government is not the only "law" enforcement involved. Meanwhile we have yet to see a case they could not prosecute because of data on the iPhone, on the contrary we've only seen them trying to crack iPhones as a side note to an already established case just in case there is something relevant on there.
  • by Hall ( 962 ) on Thursday January 11, 2018 @09:26AM (#55907421)

    Don't let the FBI know that they have a pool at their new building with "freakin' sharks with lasers" too !

  • by GameboyRMH ( 1153867 ) <<moc.liamg> <ta> <hmryobemag>> on Thursday January 11, 2018 @09:37AM (#55907501) Journal

    Mmm yes, cry more sweet tears for me, privacy invaders! Weep at the reality of encryption! Muahahaha!

  • Either I need to take my morning coffee or something doesn't add up...

    A report on the Motherboard website said Flatley explained that this change meant that the speed at which one could brute-force passwords went from 45 attempts a second to one every 18 seconds. "Your crack time just went from two days to two months".

    Okay, so from 45 attempts per second to 1 attempt per 18 seconds.
    That means that previously there was 810 attempts per 18 seconds, now there is only 1 attempt.

    If the crack time used to be 2 da

  • ... he was quoted as saying. "At what point is it just trying to one up things and at what point is it to thwart law enforcement? ...

    Why does he presume that people want security in their phones just to thwart law enforcement? I want security in my phone to keep everyone out. If law enforcement can get in, so can the bad guys.

  • Comment removed based on user account deletion

FORTUNE'S FUN FACTS TO KNOW AND TELL: A guinea pig is not from Guinea but a rodent from South America.

Working...