JOHN MCAFEE: I’ll decrypt the San Bernardino phone free of charge so Apple doesn’t need to place a back door on its product
Cybersecurity expert John McAfee is running for…
I fucking love this guy. In an op-ed for Business Insider titled "I'll decrypt the San Bernardino phone free of charge so Apple doesn't need to place a back door on its product."
In the first four paragraphs he invokes Hitler. Two paragraphs later—not counting blockquotes—McAfee proclaims that by pressing Apple to "back door" (his words) the iPhone and bypass or defeat the mechanisms keeping its data secure, the government is seeking to bring about the end of the world (as we know it).
But he and his team can do it in three weeks, free of charge, without the phone self destructing as it's designed to do. And to back it all up…. he declares in h@x0r mic drop style, "If you doubt my credentials,"Google 'cybersecurity legend' and see whose name is the only name that appears in the first 10 results out of more than a quarter of a million."
This is the same guy who faked a heart attack to get out of custody of some foreign country right? lol dude is a genius.
because genius doesn't come with any inherent flaws. Unless you actually know one then you know better
Another reason I don't use his products.
https://www.youtube.com/watch?v=bKgf5PaBzyg
Products with the McAfee names are no longer made by him +Jason Wiley… doesn't make them not shit… just pointing out they aren't associated with him any longer. 😉
Thanks for the heads up. 🙂
he said he'd use social engineering…. which means figuring out the access code by looking at other data. "breaking" crypto is not correct.
McAfee products turned into shit over time. They were alright when they started, today they are still one of the most useless anti-virus programs out there.
I agree they might be quite useless now. But I"m a Linux user. So honestly I haven't had to use any of them for a long time. ClamAV at worst. Even then it never found anything unless it was a file coming from a Windows system. Now days I don't even have any Windows files going through my network. All Linux now. No malware or viruses have affected me in over a decade.
+Lee Forest
Same here, except I run both windows and linux. If I'm ever skeptical of a program or files source, I run it through virus total first. I'm impervious to browser based intrusion due to the heavy amount of script altering I've done (greasemonkey). And the fact that I block all advertising (script filters for third party requests).
Haven't had a virus in over a decade myself. But I still get to play all the games that won't work with wine.
urg. Stupidity pilled on stupidity.
That said –
I dont even get any of this stuff to be honest. Apple could have opened that phone up without anyone else being remotely in danger of anything. It wouldn't have made headlines even.
This isnt NSA crap, or mass surveillance, this is a real specific suspects phone physically in their hands. Dont tell me things you do to get data of that specific phone endangers other people – it does not. In fact, if you do find a way in, that makes your phones more secure in future as it can be patched out. Things arnt more secure because you refuse to look for cracks.
Letting it go to court though ? Ensuring a legal president is set?
That could be vastly more dangerous.
+Thomas Wrobel the phone is encrypted, and can't be opened by brute force today. Apple was asked to make a special version of ios with some features turned off to allow it to be brute forced. The FBI wants that special version for its own use. Once a special version exists… it will inevitably leak to bad actors. Right now the iPhone is secure. The legal case is to resolve if it will stay secure.
+kirk sticken Yes… sort of… probably splitting hairs but most modern OS's have encryption, of some sort, enabled by default. Current iPhone's are encrypted by default and not even Apple has the unlock key. The fed can only attempt to crack this encryption X # of times and then it self-deletes. YES Apple could make a change so that those safe-guards are removed. This would essentially give the fed an unlimited number of attempts at breaking in.
Their objection is a weakening of an ecosystem because if a single fed employee/contractor were to copy this ability then the entire ecosystem of security around iOS is fucked. Sure, they could have done it under the radar and I bet prior to PRISM, etc. tech companies might have been more compliant (like +Thomas Wrobel was suggesting) but they didn't… because it really has nothing to do with this particular phone. This is a battle between tech and government being duked out in public. This is at the very essence of the government wanting the ability to view anything in the name of "security".
Given what we know the fed can do… they could clone, copy, hack, whatever iOS and get into this phone in the same way that Apple would be giving them the ability to do. That's not what they want… they want companies to happily hand over customer data w/o bitching… a la ma ball back in the day. But the landscape has changed… and force once in a VERY long time… I'm siding with Apple. Once any vulnerability (physical or otherwise) gets into the wild, or worse yet into a bad actors hands, we are ALL at risk.
Oh and there's this: https://twitter.com/Snowden/status/700823383961792512/photo/1?utm_source=fb&utm_medium=fb&utm_campaign=PlatinumBubble&utm_content=700831069780762624
+kirk sticken They could simply offer to open the phone without giving away the code. I dont see why that is not a option. They could also code the update to that specific device, making it near useless for any other model. Hell, they could rip out all the network code if they wanted. Lots of options.
And even if somehow a iOS version was leaked with a insecure lock screen….so?
Its no different to all the other insecure OS's out there already (or which they could code themselves) – including all the previous versions of iOS which have already been cracked. Security of a OS is a constant thing, not yet no – this would be no more dangerous then a old version. A casual browse of torrent sites and you will find plenty of dodgy OSs.
The security of the average phone user comes from the fact they cant remotely swap one OS for another without Apples servers.
Heres a recentish case of iOS being cracked;
http://motherboard.vice.com/read/somebody-just-won-1-million-bounty-for-hacking-the-iphone
To be clear; I am not remotely stating Apples security is bad. Just the idea of anything being totally secure is a myth.
The best a company can do is keep up to date with threats, and patch vulnerabilities quickly. (which to my knowledge Apple does)
+Thomas Wrobel
the FBI can't just give the phone to apple… the chain of custody would be compromised.
"Chain of custody (CoC), in legal contexts, refers to the chronological documentation or paper trail, showing the seizure, custody, control, transfer, analysis, and disposition of physical or electronic evidence."
They dont have to "give" give it, it could be in a officers hands at all times. I merely think its perfectly possible for Apple to make a custom OS thats useless for anything else but getting data from, then the phone could be taken into apples offices (or where-ever they normally test deployments) and the new OS loaded on there.
The point is at no point does Apple need to give the FBI the ability to install a new OS themselves (which I assume means master encryption keys).
that would be the next demand from the FBI though.
recently we learned that the FBI changed the passcode. which means they knew the passcode.
just saw this one: "If I have a safe in my home which the FBI wants to get into, it's *Stalinist* to have the company who made the safe build a tool to defeat said safe."
Well sort of… here's the thing. Apple cannot "decrypt" the phone based on the way it's encryption is implemented. They could however create a custom firmware that could be loaded that would stop the number of attempts before it auto-wipes the device, etc. However, doing so would let into the wild the firmware to do that. Apple's beef is that they don't think they should have to create anything that would side-step the in-place security measures not because of this specific device/case/etc but because of the precedent it will set (arguably one exists… wiretapping).
I also bet that had the US government not been just side-stepping the tech companies and sucking up their data without their knowledge they would be less on the defensive at this point. But ya reap what you sow.
This sounds great to me. I stand with Apple on this one. It saddens me to hear of a poll that over 50% of Americans feel that Apple should do as the FBI asks. You know, because they super promise to use it only this one time, and they would never ever abuse it.
……so, now about that bridge in the heart of Brooklyn I'd like to sell you……
Exactly. Also… doesn't the government have a a crack squad of elite h@x0rs? A la Stuxnet, Prism, and all the other digital things they do?!?!?! I'm with Apple… crack it yourself.