"Instead, Cook said in an email to employees Monday, he wants Congress to form a commission to "discuss the implications for law enforcement, national security, privacy and personal freedoms."
Apparently Cook doesn't understand how govt works. Congress discussing doesn't solve this issue. There is law already on the books, precedent, and from what I've seen so far, it sure isn't in Apple's favor. We could have terrorists plotting their next attack on America, leads to which are in that one phone and Cook wants Congress to start "discussing". Once Congress gets involved, it's more likely they will pass new laws that Apple doesn't want, like requiring a backdoor actually be built into all phones, which is the bogus spin Cook is putting on what the govt has actually asked for.
Hypothetically speaking, were I designing a password validation algorithm, I might include a little pause between iterations, say a second. That wouldn't even be noticeable to the legitimate user. Your brute force algorithm would get through the first billion in about 31 years, give or take.
When it says "communications and data", what is it referring to?
Doesn't the cell phone company have any texts sent or received? And doesn't the email provider have any email sent or received? And aren't oral phone calls lost forever, unless someone recorded them and no one records phone calls on a cellphone?
So what does communicatons mean?
Does data refer to the phone directory? Mine has no names because they are too long. I just use 2 or 3 letters, and a h,w, or c suffix for home, work, or cell. But the phone numbers are all valid. Of course my closest co-conspirators, I've actually talked to on the phone so the cell phone company has those numbers already, but maybe they want the ones he's never called.
If not, what else does data refer to? I have my niece's bachelor's thesis, but only so I could read it on the plane. I don't see people putting much terrorist data on their cell phones, in place of paper, unless they were email attachments, and doesn't the cell phone company have copies of all the attachments? or not?
I think it implies that, but what difference does it make? If that's what they meant and they were wrong, or if that's not what they meant, or if they weren't wrong, so what?
News shows have been wrong before and they'll be wrong again. Who cares.
It doesn't take an hour to enter a 10-digit code, and know if the phone becomes unlocked or not.
Irrelevant. The phone owner doesn't enter 256 bits or 32 bytes or 32 characters to unlock it. He enters however many characters the unlock key is and come to think about it, I'm sure it's not alpha, only numerica because that what shows on his keypad. I don't have an ipad but I bet it's no more than 6 numbers.
I believe the algorithm was chosen so that ADDING a delay is not necessary -- the algorithm's complexity ENSURES that the computations can't be performed "too fast".
"If you use the simple 4-digit numeric password, there are only 10,000 poss ible combinations. That may seem high, but a determined hacker or thief wil l probably guess it in a few hours. Turning on the iOS complex passcode opt ion increases the possible combinations enormously. iOS allows for up to 37 characters (instead of the 4 character limit in simple passcode option) wi th 77 possible alphanumeric/symbol characters (versus 10 for simple passcod e).
The total number of possible combos for the complex passcode option is mind bogglingly huge (77 to the 37th power) and could take a hacker several lif etimes to figure out (if you used all 37 digits). Even adding a few more ch aracters (6-8) is a huge roadblock to overcome for a hacker trying to guess all the possible combinations."
Now what specifically is on that one actual phone, IDK and as far as I know, the FBI has not said. If you have a reference that shows otherwise, I'm sure we'd all be happy to see it.
Because as I explained to you previously whether you have a
4 *digit* passcode or a 6 place *alphanumeric* passcode makes a huge difference in the number of possible combinations. Per the above, they say that it can actually be even far worse than that. But then you say there is no difference between using a 4 digit one and a six digit alphanumeric one. Maybe the FBI should send the phone to you.
WTF? The issue and what the FBI is trying to do isn't to enter
*one* ten digit code. If they enter one code and it doesnt' unlock, then they enter the next, and the next.... They aren't asking for Apple to give them electronic means to hit it with passcodes because they only want to try one code. Sure, they likely have a list of some codes they want to try *first*, that they gleamed from other PWDs the terrorists used. But they could do that by hand. Clearly what they want electronic means for is to be able to do is hit the phone with *every* possible passcode, if the likely ones don't work and to keep going until the find the one right one.
Of course it matters. As I and others have explained to you whether you have to go through 10,000 possible tries or trillions of tries is the essence of what it's all about.
"Turning on the iOS complex passcode option increases the possible combinat ions enormously. iOS allows for up to 37 characters (instead of the 4 chara cter limit in simple passcode option) with 77 possible alphanumeric/symbol characters (versus 10 for simple passcode).
The total number of possible combos for the complex passcode option is mind bogglingly huge (77 to the 37th power) and could take a hacker several lif etimes to figure out (if you used all 37 digits). "
Maybe you want to rethink that bet? What good would this world class encryption that Apple is so proud of, that even NSA would take decades to crack, be if it's all undone with a trivial 4 digit passcode?
I haven't done it to reverse engineer the code, but I've had logic analyzers connected to microprocessors to see what's happening, what code it's executing at the moment, etc. It's very routine. Logic analyzers when told the target CPU can even turn the code into assembly language, so you see the native instructions instead of hex numbers.
Retired now. I'm an electrical engineer, most of my career was with a semiconductor manufacturer that changed the world.
THe world class encryption protects the data in the phone and while it is being transmitted over the air where it can be easily intercepted.
If you HAVE the phone, yes all you need is the passcode to get the phone to decrypt the data and that is what the govt is pretending to need help with, getting the passcode.
No one is trying to decrypt the data directly.
That's why I think this is a sham on the part of the govt to use public opinion to pressure the high tech community.
Then what good is the world class encryption that is, as you say, protecting the data on the phone? If all you need is a simple pwd and all the data on the phone is then open, the data on the phone really isn't protected anymore than that provided by the simple pwd.
It obviously isn't that simple. A link I provided talks about the variety of password options available on iphones, up to 37 characters. What exactly is set on the actual phone in question, IDK and as I said in another post, AFAIK the govt has not said. My guess would be that it's probably at least 6 digits, but IDK. I say that because the govt has asked for a way to electronically enter tries. If it's just 4 digits, you could crack that by hand in a day, once the
10 strikes thing is bypassed.
Agree. But there would be no point in super encrypting it, which all agree can be done, if it's all undone by a 4 digit passcode.
Yes, I think the federal govt could do it, but it would be orders of magnitude harder for them to do it, take a lot longer, than if Apple does it. Apple has the code and knows 100% how it works.
I did previously raise the idea of the govt offering $100K to anyone that can show them how to do it and asked how would Apple like that?
I don't see it as "sticking it to Apple" any more than it's sticking it to the phone company with a court order for them to provide assistance to tap a phone, trace calls, determine where a murderer's cell phone is right now, etc.
Tax issue is bogus. Hard to believe there is a vast conspiracy against Apple. But Apple not cooperating on other encryption issues is probably legitimate, to some extent. But, bizarrely, Tim Cook is asking for Congress to get involved, hold a discussion, etc. Congress would have to do a lot more than hold discussions. And there is a good probability that any laws that they do pass, would be far less to Apples liking than the request to do a couple of specific things to this one phone.
Basically, Tim Cook is a big liar. He's making accusations that are totally not in evidence. For example, the govt has even said that Apple can have this one phone, keep it, just do what the govt wants and give the FBI remote access to it to pound away with their passcode attempts. How does that translates into the govt is asking us to build a backdoor into our products?
No. First off, they say alpha but don't explain how to enter alpha with a numerica keypad.
Second, , no one, no one in the whole darn world, especially a self-starting terrorist is going to use 37 numbers. He used 4, maybe
6 numbers. The FBI can start with 1 digit codes and work their way up. They'll find it before they get to 10 billion.
It's up to the user to decide how long the code should be. I don't lock my phone at all, or my computers. Even when I spent 2 months in a dormitory with my computer on a shelf in the closet but still available to 20 other guys, I didn't lock it. Check the average length of the lock codes users use. I suspect it's less than 4, but I'll bet that it's between 4 and 5 characters.
Someone posted:
It says the object of the search is "communications and data". When it says that, what is it referring to?
Doesn't the cell phone company have any texts sent or received? And doesn't the email provider have any email sent or received? And aren't oral phone calls lost forever, unless someone recorded them and no one records phone calls on a cellphone?
So what does communicatons mean?
Does data refer to the phone directory? Mine has no names because they are too long. I just use 2 or 3 letters, and a h,w, or c suffix for home, work, or cell. Someone who knows me or who went through my home computer could probably figure out who the abbreviated names refer to (though it would be easier to just see who owns the phone numbers that went with them, unless they are disposeable phones, but then I would encode my home computer names too**.
And the phone numbers are all valid. Of course ,my closest co-conspirators I've actually talked to on the cell phone, so the cell phone company has those numbers already, but maybe they want the ones he's never called.
If not, what else does data refer to? I have my niece's bachelor's thesis, but only so I could read it on the plane. I don't see people putting much terrorist data on their cell phones, in place of paper, unless they were email attachments, and doesn't the cell phone company have copies of all the attachments? or not?
What communications and data are they hoping to find?
**(By encode, I don't mean encrypt. I just mean whatever operational name my group of conspirators was using for each other. Or I'd make them up, like newbie, foodgirl, connecticut, which are the code names I use when discussing people with my friend, so as to keep them anonymous. (Connecticut doesn't live in Connecticut. That would be too obvious. But my friend probably thinks she does.)
It doesn't matter what is actually the case. We were talking about what the news story said. At least I thought we were. I certainly never offered the news story as proof of what the number was.
Here they are talking about a hacker entering the code by hand. The FBI plans to use a computer to enter the codes. That's why it will only take a couple days longer for 10 digits than for 4.
It says it all right, but it doesn't explain it. How do they enter alpha if the keypad has only 10 buttons?
I said there was *little* difference, not "no" difference. How could you not notice that?
And I've never accepted that there could be alpha characters entered. You're confusing what you have been saying with what I have.
Then your math is wrong. You have one day or one hour times 6.8 million. It's you, 6 lines up, who start with one code.
I'm sure they have their own electronic means to open locked phones, that they were using before the "ten-times and you're stuck" feature was added.
Now you're bring up trilliions. Before the claim was only billiions, and my statement about time is based on that But "none of this matters", because in the 4 lines above that answer, you're talking about encryption, prime numbers, algorithms, mathemeticians. None of that matters, only the number of codes that need to be entered, and you don't need encryption, prime numbers, algorithms or mathemeticians to increase the length of the code from 4 numbers to 10 numbers.
I was really only thinking of my half of the equation. When I ask how do you enter alpha to unlock the phone, well you don't. Alpha characters can be part of the key, which the user creates, but the key is already in the phone, or every time the user wanted to use the phone, he'd have to reenter the key. When they unlock the phone, the key will be there and like you say, the phone itself will decrypt the data.
But isn't it just as much of a sham for Apple to make the public think the FBI is trying to get it to crack encryption?
ossible combinations. That may seem high, but a determined hacker or thief will probably guess it in a few hours.
Do the math and then get back to us on that. Note that it's 10 digits to begin with, because anyone that wants to go to 10 digits is going to go to 10 alphanumeric characters. Good grief. But even 10 digits versus 4, you have a million time more codes.
ations enormously. iOS allows for up to 37 characters (instead of the 4 cha racter limit in simple passcode option) with 77 possible alphanumeric/symbo l characters (versus 10 for simple passcode).
Are you daft? Never seen a cellphone screen where you can enter all the characters of the alphabet? WTF good is Apple's world class security if you have such limited choices? And 10 buttons? The iphone doesn't use buttons to enter the code.
I gave you the freaking link that goes through all the security options.
ind bogglingly huge (77 to the 37th power) and could take a hacker several lifetimes to figure out (if you used all 37 digits). Even adding a few more characters (6-8) is a huge roadblock to overcome for a hacker trying to gu ess all the possible combinations."
Because it's not a "little difference". I've politely explained to you many times now, how modern encryption is in the public domain and it depends entirely on that "difference". That's because it's not a little, difference, it's a HUGE difference. It's a difference between seconds and decades or more. Another poster here further tried to explain that to you, citing the sun going out, or similar time frame.
I see, because you won't accept that alphanumeric are possible it just can't be. Village idiot.
Village idiot, again. Where is your math?
No shit Sherlock. What does that have to do with this?
Again back to the just 4 numbers. Even a village idiot by now should realize that Apple's world class encryption, can't depend on just
4 digits. And whether it's billions or trillions depends on what the perp actually chose on that particular phone.
HomeOwnersHub website is not affiliated with any of the manufacturers or service providers discussed here.
All logos and trade names are the property of their respective owners.