Kahr Handgun Forum banner
1 - 19 of 19 Posts

·
Super Moderator
Joined
·
23,513 Posts
Discussion Starter · #1 ·
Apple has been ordered to hack the security of an iPhone the FBI has in its possession from the terrorists attack in California. Apple is refusing to give them a "master key", because they are concerned that once the govt has the ability to do this......they can use it on any iphone they want.........putting everyone who has an iPhones personal security at risk...........not only will it create a precident for future, opening the door to more intrusion into our lives by big brother.......the article is a good read .........
http://finance.yahoo.com/news/judge-apple-must-help-us-005604451.html
 
  • Like
Reactions: lefty60

·
Registered
Joined
·
9,376 Posts
Money and power! The never ending evil of the world requires money and power. Ain't it fun? And there is little that us mere mortals can do about it.

How's that for college level BS? Am I good or what? :lolu::lolu::lolu:

"Life is Good"
 

·
Super Moderator
Joined
·
23,513 Posts
Discussion Starter · #5 ·
I'm glad Apple is taking a stand and refusing to comply in this instance...........yes it was a very tragic event.......and it "could be" an issue of national security. ..........so say the feds, but as we here all know they have lied to us in the past and they lie to us now.....so they tell us it is a one time thing for this one phone........who can trust them and think that once they have the ability to access that phone it stops there............no way........it opens a can of worms, because once that is acceptable .........we all know where it goes from there....... one more freedom is gone on the path to many more,,,,,,,,at least that's how I see it.......rant over !!
 

·
Registered
Joined
·
9,376 Posts
I'm glad Apple is taking a stand and refusing to comply in this instance...........yes it was a very tragic event.......and it "could be" an issue of national security. ..........so say the feds, but as we here all know they have lied to us in the past and they lie to us now.....so they tell us it is a one time thing for this one phone........who can trust them and think that once they have the ability to access that phone it stops there............no way........it opens a can of worms, because once that is acceptable .........we all know where it goes from there....... one more freedom is gone on the path to many more,,,,,,,,at least that's how I see it.......rant over !!
Amen! You took the words right out of my mouth!!
 
  • Like
Reactions: ron54

·
Registered
Joined
·
341 Posts
I'm glad Apple is taking a stand and refusing to comply in this instance...........yes it was a very tragic event.......and it "could be" an issue of national security. ..........so say the feds, but as we here all know they have lied to us in the past and they lie to us now.....so they tell us it is a one time thing for this one phone........who can trust them and think that once they have the ability to access that phone it stops there............no way........it opens a can of worms, because once that is acceptable .........we all know where it goes from there....... one more freedom is gone on the path to many more,,,,,,,,at least that's how I see it.......rant over !!
But, but, but. Aren't you afraid of Uncle Sam's imported terrrrroooooorrrrists under the bed? So what if your first & fourth amendment privilege needs to be trashed in perpetuity. Now that the FBI has made a grandstand big deal public press release telling every bad guy that they can't unlock a password............lets blame it on Apple.
 

·
Super Moderator
Joined
·
23,513 Posts
Discussion Starter · #8 ·
But, but, but. Aren't you afraid of Uncle Sam's imported terrrrroooooorrrrists under the bed? So what if your first & fourth amendment privilege needs to be trashed in perpetuity.
I always thought the boogie man was under the bed (we had an understanding you know)...........crap.......now I'm dazed & confused....!!
 

·
Super Moderator
Joined
·
23,513 Posts
Discussion Starter · #9 ·
I could trust the boogie man..........but uncle sams guys.......no way !!
 

·
Registered
Joined
·
5,842 Posts
Well.....this has been a major "screw-up" from day one.
I believe both the FBI and Apple fumbled the ball on this one. They SHOULD have been able to solve this (if there were anything to solve) without endangering anyone's rights or national security. Its become a "soap opera" world we live in. Now its all on the news, and....EVERYBODY is watching to see what happens.
Either way- one side of this will lose, if not ALL of us. What a "stupid" shame.
 

·
Super Moderator
Joined
·
23,513 Posts
Discussion Starter · #13 · (Edited)
So here's another part of the story ..............
BackYahooTECHShare
Apple: San Bernardino County screwed up the iPhone the FBI wants us to fix
From; Mashable
Christina Warren
February 19, 2016
Tim-cook-apple

Apple's big fight with the Federal Bureau of Investigation could have been avoided if one government employee had kept his hands off the phone.
According to a senior Apple executive, the company has been working with the federal government since early January to try to provide a way to access the San Bernardino county-issued iPhone connected with Syed Farook, the gunman in the massacre.
The problem, according to Apple, is that the company was called too late.
That's because the phone was apparently erased of any chance to access its data only an hour after the device came into government custody. An unnamed person in the San Bernardino County government — likely an information technology employee — reset the Apple ID associated with the iPhone 5C in an attempt to access the data.
The FBI called Apple several weeks later, and Apple proposed four potential ways to get into the phone to the FBI — but the reset thwarted all of them. The reset erased any chance that authorities had of pulling the iCloud information that could have hinted at Farook's plans just before the attack.
In its filings, the Department of Justice suggested that Farook turned off iCloud backups on his phone purposefully roughly six weeks before the attacks. The senior Apple executive said that this information was impossible to determine, since no one can get into the phone.
 
  • Like
Reactions: lefty60

·
Super Moderator
Joined
·
23,513 Posts
Discussion Starter · #15 ·
Figures...
Yep...........they screwed the pooch.........and now want someone else (apple) to save their a$$ ...............typical govt bullshizz...........we all know that will never cease...!!
 

·
Registered
Joined
·
9,376 Posts
Yep...........they screwed the pooch.........and now want someone else (apple) to save their a$$ ...............typical govt bullshizz...........we all know that will never cease...!!
Too many cooks in the kitchen, 1/2 of 'em dumb as a rock, and pretty soon even the junk yard dog won't eat it!!

AND, they can't even sell the pups :banghead:
 

·
Super Moderator
Joined
·
23,513 Posts
Discussion Starter · #17 ·
Too many cooks in the kitchen, 1/2 of 'em dumb as a rock, and pretty soon even the junk yard dog won't eat it!!

AND, they can't even sell the pups :banghead:
I like that lefty..............as you put it so eloquently. ........and it's so shamefully true....
 
  • Like
Reactions: lefty60

·
Registered
Joined
·
341 Posts
So here's another part of the story ..............
BackYahooTECHShare
Apple: San Bernardino County screwed up the iPhone the FBI wants us to fix
Yup. Here it is in a more complete (albeit complicated) explanation:

So it appears the FBI attempted to lie, and got caught -- and this may have animated Apple's reaction to their "request." You see, (at least) the (iCloud) password on the iPhone from the California shooters was reset after the shooters died.

There has been a bit of digital ink spilled on the fact that the iPhone the shooters in California had was a "corporate" phone, owned by the county government -- and a claim was made that the device wasn't under remote management (which is common for employer-issued devices.) This was good for a chuckle on my part; who in this day and age issues employees a phone but doesn't put it under remote management?

It turns out that claim may have been false; it looks like the device may have in fact been under said management.

Apparently when the FBI went to Apple they claimed they were not in possession of the device when the reset occurred -- and a reset had occurred. Apple, however, was able to determine from location data that this was a lie and the phone was in the physical possession of the FBI at the time.

Now the FBI is claiming that the San Bernardino county employee "reset the password on his own."

But if they were in possession of the device and knew it was a government-issued phone would not the first thing you do is hit the agency involved with a demand that they not touch anything related to it?

There are three other aspects to this that make no sense.

First, if the county employee reset the password he knows what he reset it to! Why does the FBI need anyone to help them in this instance? They do not; quite-obviously the person who reset the password can simply tell them the password.

Second, it was that reset that voided the auto-backup feature to iCloud that would have otherwise permitted the FBI to get a dump of the phone remotely, which can be decrypted. In other words but for a deliberate act all the FBI had to do was bring the device within range of any of its "remembered" WiFi networks.

Third if the device was not under management then how did the county reset the iCloud password? The only reasonable (e.g. not with Apple's intervention) means would be via the password recovery function using the linked email account, but given that the shooters were known to the county and all of their materials at that point were federal evidence any act of tampering -- even by the county -- would be a crime. However, Apple could have changed the password under FBI direction without breaking said law on evidence tampering and has in the past (dozens of times) to gain access to backups, and further, it is alleged that Apple caught the FBI in a lie claiming the backup password was not reset with the phone in their possession.

I'm aware of most of these management systems and I know of none that will permanently lock (without any ability to recover) but not erase a device. That function is senseless if you think about it; a permanent lock (change of a password to an unknown new value) is exactly identical to an erase command.

If, on the other hand, the FBI went to Apple after recovering the device because it wasn't under management and had Apple reset the iCloud backup password then they voided their own access by their own ham-handed incompetence and lied about how that occurred.

In other words in that case the FBI destroyed their own chain of evidence.

An attempt to claim that someone at the county did this "unprompted" lacks both credibility and reasonableness. The reason to change such a password via interception of the validation email would be to gain access to the backups; the county health department has no reason to do that "immediately" but the FBI sure did, and when a guy with a badge shows up and says "do this" guess what most people do?

As I have noted more than once when I ran MCSNet we used to get subpoenas on a pretty-regular basis. The first time it happened after I had a "nice-sized" staff the employee who happened to be on the business end (at the front desk) when the nice badge-waving guy showed up freaked out. After a few repeats it was "oh yeah, you guys again."

Never in my years running MCSNet was I served with a subpoena or other order that had any sort of odor of false pretense associated with it. They were complied with routinely because they had facially-apparent legitimacy.

If the device in question here was under active remote management it changes the narrative entirely and voids all argument that the FBI is legitimately seeking necessary assistance in a terrorism investigation.

What the FBI in that case is seeking is the ability on a forward basis to pull encrypted data from any device, ever, now or in the future. Their "request" has exactly nothing to do with the instant case because if the unit is under remote management and the password was changed once it can be changed again and in any event the person who changed it the first time knows what it is.

If the device was not under active management and they had either Apple or the county change the iCloud password either directly or by intercepting the validation email then they are falsely representing that an unprompted and innocent third-party act was involved in the inability of them to recover data -- an intentionally false statement. In that case the government destroyed their own chain of evidence and is lying about how it happened before the court.

In short the entire chain of acts here by the FBI appears to be an intentional, from-the-outset web of lies -- a web of lies which Apple and Tim Cook were immediately able to detect.

A knowingly false statement before a court is a criminal act and so is evidence tampering.

Finally, there is another lie-by-omission here. Apple has, I'm certain of it, the old password hash for that iCloud account on their backups. Modern systems do not store the actual password; they store a one-way cryptographic hash. For example, my home controller's password for my account is:

$6$z9GCsZD75Fzxqax$sMf96PMQSHmxUCBl3TdAyyahg
QmB6h3qDFq6e8YBDMT2aRaAjD664mmf0gbklGMSh
W6qzEdVc4C2BXARIVicA0

That's a SHA-256 cryptographic hash and is of exactly zero value in determining the actual password but if you put the hash back the original password will again work. So Apple could, very easily, restore the old pre-changed password to the subject's iCloud account -- they most-certainly do have dozens of copies of that hash on their routine backups. The FBI's statement that there is "no way" to re-enable iCloud backups in light of the "changed password" is a lie; restoring the hash will put the iCloud password back "as it was."

When I ran my ISP, and in fact today, I kept then and keep now a series of backups, many off-site. The reason is obvious; your building might burn down, etc. It is trivial to restore a user's password to what it was at the time of any of those backups. You can't determine what the password was or is, but you can easily put it back to what it was as of the time of any system backup you have and as such the FBI's claim to the court that there is no way to restore iCloud backup access is also a lie.

It is not Apple who needs to face criminal sanction and those politicians who are calling for same, or economic action against them, are exactly backward.

If there's an "innocent" explanation I'd love to hear it..... as someone who has done forensic examination of events in the past I certainly can't get there from here.
More On Apple .vs. The FBI in [Market-Ticker]
 

·
Super Moderator
Joined
·
23,513 Posts
Discussion Starter · #19 ·
Yup. Here it is in a more complete (albeit complicated) explanation:

So it appears the FBI attempted to lie, and got caught -- and this may have animated Apple's reaction to their "request." You see, (at least) the (iCloud) password on the iPhone from the California shooters was reset after the shooters died.

There has been a bit of digital ink spilled on the fact that the iPhone the shooters in California had was a "corporate" phone, owned by the county government -- and a claim was made that the device wasn't under remote management (which is common for employer-issued devices.) This was good for a chuckle on my part; who in this day and age issues employees a phone but doesn't put it under remote management?

It turns out that claim may have been false; it looks like the device may have in fact been under said management.

Apparently when the FBI went to Apple they claimed they were not in possession of the device when the reset occurred -- and a reset had occurred. Apple, however, was able to determine from location data that this was a lie and the phone was in the physical possession of the FBI at the time.

Now the FBI is claiming that the San Bernardino county employee "reset the password on his own."

But if they were in possession of the device and knew it was a government-issued phone would not the first thing you do is hit the agency involved with a demand that they not touch anything related to it?

There are three other aspects to this that make no sense.

First, if the county employee reset the password he knows what he reset it to! Why does the FBI need anyone to help them in this instance? They do not; quite-obviously the person who reset the password can simply tell them the password.

Second, it was that reset that voided the auto-backup feature to iCloud that would have otherwise permitted the FBI to get a dump of the phone remotely, which can be decrypted. In other words but for a deliberate act all the FBI had to do was bring the device within range of any of its "remembered" WiFi networks.

Third if the device was not under management then how did the county reset the iCloud password? The only reasonable (e.g. not with Apple's intervention) means would be via the password recovery function using the linked email account, but given that the shooters were known to the county and all of their materials at that point were federal evidence any act of tampering -- even by the county -- would be a crime. However, Apple could have changed the password under FBI direction without breaking said law on evidence tampering and has in the past (dozens of times) to gain access to backups, and further, it is alleged that Apple caught the FBI in a lie claiming the backup password was not reset with the phone in their possession.

I'm aware of most of these management systems and I know of none that will permanently lock (without any ability to recover) but not erase a device. That function is senseless if you think about it; a permanent lock (change of a password to an unknown new value) is exactly identical to an erase command.

If, on the other hand, the FBI went to Apple after recovering the device because it wasn't under management and had Apple reset the iCloud backup password then they voided their own access by their own ham-handed incompetence and lied about how that occurred.

In other words in that case the FBI destroyed their own chain of evidence.

An attempt to claim that someone at the county did this "unprompted" lacks both credibility and reasonableness. The reason to change such a password via interception of the validation email would be to gain access to the backups; the county health department has no reason to do that "immediately" but the FBI sure did, and when a guy with a badge shows up and says "do this" guess what most people do?

As I have noted more than once when I ran MCSNet we used to get subpoenas on a pretty-regular basis. The first time it happened after I had a "nice-sized" staff the employee who happened to be on the business end (at the front desk) when the nice badge-waving guy showed up freaked out. After a few repeats it was "oh yeah, you guys again."

Never in my years running MCSNet was I served with a subpoena or other order that had any sort of odor of false pretense associated with it. They were complied with routinely because they had facially-apparent legitimacy.

If the device in question here was under active remote management it changes the narrative entirely and voids all argument that the FBI is legitimately seeking necessary assistance in a terrorism investigation.

What the FBI in that case is seeking is the ability on a forward basis to pull encrypted data from any device, ever, now or in the future. Their "request" has exactly nothing to do with the instant case because if the unit is under remote management and the password was changed once it can be changed again and in any event the person who changed it the first time knows what it is.

If the device was not under active management and they had either Apple or the county change the iCloud password either directly or by intercepting the validation email then they are falsely representing that an unprompted and innocent third-party act was involved in the inability of them to recover data -- an intentionally false statement. In that case the government destroyed their own chain of evidence and is lying about how it happened before the court.

In short the entire chain of acts here by the FBI appears to be an intentional, from-the-outset web of lies -- a web of lies which Apple and Tim Cook were immediately able to detect.

A knowingly false statement before a court is a criminal act and so is evidence tampering.

Finally, there is another lie-by-omission here. Apple has, I'm certain of it, the old password hash for that iCloud account on their backups. Modern systems do not store the actual password; they store a one-way cryptographic hash. For example, my home controller's password for my account is:

$6$z9GCsZD75Fzxqax$sMf96PMQSHmxUCBl3TdAyyahg
QmB6h3qDFq6e8YBDMT2aRaAjD664mmf0gbklGMSh
W6qzEdVc4C2BXARIVicA0

That's a SHA-256 cryptographic hash and is of exactly zero value in determining the actual password but if you put the hash back the original password will again work. So Apple could, very easily, restore the old pre-changed password to the subject's iCloud account -- they most-certainly do have dozens of copies of that hash on their routine backups. The FBI's statement that there is "no way" to re-enable iCloud backups in light of the "changed password" is a lie; restoring the hash will put the iCloud password back "as it was."

When I ran my ISP, and in fact today, I kept then and keep now a series of backups, many off-site. The reason is obvious; your building might burn down, etc. It is trivial to restore a user's password to what it was at the time of any of those backups. You can't determine what the password was or is, but you can easily put it back to what it was as of the time of any system backup you have and as such the FBI's claim to the court that there is no way to restore iCloud backup access is also a lie.

It is not Apple who needs to face criminal sanction and those politicians who are calling for same, or economic action against them, are exactly backward.

If there's an "innocent" explanation I'd love to hear it..... as someone who has done forensic examination of events in the past I certainly can't get there from here.
More On Apple .vs. The FBI in [Market-Ticker]
Yep....again.........long detailed explanation. .......and a good one I might add......so the fine folks at the FBI did in fact screw the pooch and lied about it........anyone who doesnt believe that.........lives in a bubble.......it harkens back to lefty's post about them being dumb as rocks.........Apple caught them trying to run their shite-y little game on em and pushed back.......
 
  • Like
Reactions: lefty60
1 - 19 of 19 Posts
Top