Fines should be used to implement mandatory training and software
Fines should be used to implement mandatory training and software solution to prevent this happening again.
439 publicly visible posts • joined 1 Nov 2010
luckily he has a backup, but who would he have moaned at if the live HDD / SSD failed.
Yes i know iTunes sync sucks and i've barely listened to music since it mangled my library 7 or so years ago. The thing i hate the most right now is its stupidness for rearranging apps on an idevice, but thats only because i don't bother to use it for music anymore.
Anyone recommend a good music sync app for macos?
The law makers don't face any sanctions or retribution if the laws they pass have dreadful repercussions. Maybe if they where made liable, backed with jail time (in nasty jails not state hotels) they would think harder before proposing such slippy rules.
"The pointing tables and science targets – instructions that tell the spacecraft where to look and at what – were reloaded and confirmed, onboard logs and counters were reset, and a new command sequence was created, tested and uploaded to account for the late start of the campaign."
That is not a power cycle it's more like pushing policy in checkpoint to unstuck things.
@ TimeMaster T
"If a good cop knows that another officer is bad and doesn't do anything, doesn't that make the "good" cop worse than the bad cop since they are not only NOT doing anything to stop the bad cop (so an accessory after the fact) but are also protecting the bad cop (obstruction) by not reporting them."
The problem is its institutional. Its the culture of policing that prevents good cops from being good cops as its stops the bad cops from controlling the bad villains who keep the rest of the villains at bay. Some crime happens so that other worse crime do not. You'd get nowhere in policing if you did everything by the book & not because the book is so contradictory.
the fix is just to permit DNS to known external DNS servers (Google, BT etc)
the better fix is to just permit specific internal hosts (like the internal DNS system) access to external DNS, blocking all and sundry access.
if your processing PCI/DSS no internal host should be allowed to connect to an external host without first passing through a proxy (no not just a web proxy), the initial connection must be to a trusted internal and that then must spawn a new connection to the external third party.
@Alan Brown,
not sure how you got that conclusion, The reason Kelly cowboys and others are bodging BT's physical network is because OFCOM insisted OpenReach do things cheaper, instead of paying career engineers their wages and pensions they pay contractors instead. An independent OpenReach would be under even more pressure to cut costs with no one with any clout fighting its corner. In short an independent OpenReach would be eaten alive by its ISP customers wanting to shave a penny off here or there.
OpenReach already have a nat grid like product, their wholesale connect, where they do the grunt work for the ISP and the ISP pay for the privilege. ISP's know they can make more money cutting OpenReach out and do so only in the most profitable areas. The leccy billers would do the same if they had the chance.
its the continual race to the bottom that is stifling investment in the UK network. If all BB was £40 for fast and £39 for less fast both inc line rental with more regulated profit on fast BB OpenReach would be incentivised to rollout fast BB by the ISP's. Offcom won't do something like that though.
So all the other ISP's will hire the cheapest guys they can to take as many shortcuts as they can to stick cables in BT's ducts and along their poles. It'll end in a huge mess with unlabelled cables strewn about saturating available duct and pole space with cables belonging to companies that have gone bust or to operators who have no record their cables are there. Even worse, there is more chance "Bodge it & Cheaply" installers will just cut your connection in favour of their own instead of running new duct as they know their customer (some ISP) won't pay them for a new duct and they will likely get paid again by your ISP to fix your fault that they caused on your connection.
This is one of the reasons why there is only one transco or one national grid, they don't & can't trust all and sundry to start plugging into their national network (yes gas or electric cables are a bit more cumbersome than phone cables).
It'll all end in tears once OFCOM/EUOFCOM relax the rules of PIA.
Just who are the fbi trying to protect?
They wanted to force apple to produce an exploit they claimed would only be valid on 1 iPhone 5c, but now they have an exploit that can affect all iPhone 5c and prior phones they don't want to share with Apple so they rectify the bug enabling the exploit. They are intentionally endangering the American publics right to privacy by not releasing details to the manufacturer that is willing to produce software to fix this exploit. They are not protecting or serving in this case.
utter Tosh,
they both have a place in the modern world, especially as a backup when the primary and secondary wan links get stuffed by the ISP.
1) no one sits there and hammers their port at 1Gb/s all day long
2) the switch uplinks are the contention point for sites with local servers. who has more than a pair of 1 Gb uplinks from their access switches?
3) if your core servers are plumbed in at 10Gb/s and you have 100 users at 1Gb/s where is the contention now?
4) your 1Gb/s wired connection is pointless if you've got less than (total users x 1Gb/s) WAN link if all your servers are off site.
5) the bottle neck is either the switch uplink, server uplink or WAN link, fast wifi with lots of users on does not change this
@DougS
This whole case centered on the fact that the 5c was vulnerable to a change in the behavior of the failed attempts and wipe feature, making brute force of the pin a valid option. The later versions of iPhone are not susceptible to the same vulnerability making brute time consuming and worthless after 10 unsuccessful attempts regardless of what version of IOS the device is running. In summary 5c and below are vulnerable to brute force, all later models are already protected by 10 fails and wipe unless explicitly disabled by someone with the pin.
How annoying would it be if, as stupid as it sounds, it turned out they did actually just copy all the data and crack the pin code in a VM?
What a howler that would be!!
However they do it, I hope there is no meaning full data on that phone as that would just put fuel in FBI's stance to compel tech companies to incorporate government access to locked devices.
@ AC
1) the fbi/local cops reset the iCloud password to something they knew. So they could gain access.
2) the phone is owned by the government as is the iCloud account, the government consented to apple retrieving the iCloud data.
3) as the iCloud password was easily resettable by the authorities, it was trivial to get in for everyone, no need for special compromised IOS.
I'd say it's dragged on long enough and the Apple iPhone product is now fu@'d in marketing terms and brand loyalty.
Any one want an anti democratic phone?
A phone or tablet produced by a terrorist supporting company?
Any product produced by a business that actively defies the law of the land?
Do you really want to be associated with a law breaking company that assists terrorists, perverts and paedophiles in hiding their dirty secrets from the US Government?
Thought not.
This has already done long term harm to the Apple brand, all because the FBI want to pull the wool over people's eyes and set a precedent.
Luckily when the Supreme Court rules in the FBI's favour, it'll just be iPhone models 5c and below that'll be susceptible to the FBIos. Apples forsight has seen to it that 5s and above are invulnerable to the method the FBI plan to use against the 5c and other manufacturers now know it's possible to build secure from government devices.
@AC
by your reckoning, the NSA is the problem by conducting secretive operations without proper judicial oversight. That is what this whole issue is about, proper judicial oversight of requests made by the government and her enforcement agencies.
@ Morzel
almost right,
the issue is that the 5c records attempts in software which can be tampered with by doing as the FBI propose without first authenticating to the device, the 5s and above record attempts in the hardware chip which are immune to this attack as changes to what happens after x attempts can only be made once the user has authenticated.
@dougs
You need to reread the facts on this
https://www.apple.com/business/docs/iOS_Security_Guide.pdf
The later iPhones are not susceptible to the same type of request as the counter of pin code tries is in hardware not software. Even if the 10 tries and key destruction limit us removed, it'll still take over a year to brute force a later gen iPhone with 4 digit pin.
page 4 of the doc you mention clearly shows only the user data is encrypted!!
@bazza
How do you remove the knowledge learnt from engineers heads?
The ability to do as the Fbi ask does not exist, apples engineers have to effectively work out how to subvert their security and then build this. Even if they then destroy everything used to create the decrypt tool, there is nothing to stop individual engineers popping up in China or Russia or North Korea to recreate the decryption tool. It'll be like those espionage stories of the Cold War where nuclear scientists sell their secrets to the highest bidders.
@dougs
1) I don't think China would give a flying .... If apple upped and moved in response to demands to provide iPhone decryption tech.
2) Apple and other tech giants share holders would miss the profits earned on the back of good quality low wage earners and also the significant loss of sales.
3) western nations have more to loose from China than China has from them, global recession looms from upsetting that Apple cart.
If Apple are compelled to do this for the FBI, what protection considerations would be provided to those tasked with investigating and coding this?
I imagine:
Tim Cook would be the only overseeing manager,
at least 2 bods researching the mechanisms to make such a process viable,
the same 2 bods to build and test the code & finally apply to the phone?
So that's at least 2 people that would have the knowledge of creating an iOS that can defeat an iPhone 5c.
Its not to hard to imagine that If a foreign power knew there was sensitive data on an iPhone5c or above that had fallen into the hands of another foreign power that they didn't want them to have, they may go to extraordinary lengths to ensure that data remained secure. The flip side of the story is as equally compelling. Suddenly there is a massive money can't buy premium on those individuals with intimate knowledge of undermining iOS security, from all sides criminal and government.
For the sake of my family I'd not want to be the guy that investigates and codes that custom FBI iOS.
@tom dial
Where have you been this last week?
iPhones newer than the one in question are not susceptible to this kind of brute force as the pin entry and rate counter is in hardware not software. Even if the 10 wrong pins and wipe feature is disabled on new phones, the rate limit slows so it will take over a year to try all combinations of a 4 digit pin.
To do what the fbi want involves Apple creating a new os for that iPhone that removes the max pin tries and rate limit permitting the fbi to rapidly try all pin combinations
If they succeed in this case and delete the os, how long before other TLA's and governments ask for the same, especially since they know it's possible.
Oi Trev, ave a read of this
https://www.apple.com/business/docs/iOS_Security_Guide.pdf
then re write the article including what you've learnt about the lengths apple has gone to prevent this kind of state bullying to access users data
TLDR: the only possible way would be for apple to somehow replace the IOS on that device with a compromised version that permitted brute force of the passcode. In other words that would mean developing a copy of the OS with a backdoor to achieve the brute force. The current version of IOS on that phone is not susceptible to such an attack in a timely manor, would take at least 1 year if the default option to erase all data after 10 attempts has been deliberately disabled by the phones owner before locking, else the phone data would be unrecoverable after 10 attempts.
I wonder what those advocating greater retention and monitoring of our data would feel if a paper had access to that data & was asked to sift through the data, find information that could be taken to incriminate someone and then publish accounts and stories using that data to rubbish them in public.
I bet it wouldn't be hard to construct something to make any one look really bad in the eyes of the public.
@Bumpy Cat
Mistakes are possible and will happen especially when the cost is far less than the perceived benefit, leading to temptation to bend the rules or find ways to wriggle out of possible infringement by claiming ambiguity.
Instead of relying on companies and institutions, with a vested interest in exploiting the data, to play by the rules it's safer to not let them have the data and know they then can't misbehave.
You can't get shot if there are no guns or ammo. There can't be any privacy problems if they don't have your data.
" If any company anywhere was allowed to offer free-internet then the results would be the same. The competition is killed off, effectively priced out the market, and the company behind the deal is left in a monopoly position. This is as true for rich westerners as it is for poor Indians."
Then the government should provide the same kind of service, gratis to their people. Once people gain access to these types of service, they will naturally demand more and hopefully the price will go down as they become more wealthy as a result of the extra services they are able to access.
This has to start somewhere, and they can't afford or currently probably even don't want access to the full internet.
France had Minitel, UK had Prestel & then Teletext, US had bulletin boards, all very primitive by today's standards but satisfied a need for citizens to communicate & disseminate information electronically
If I put petrol in my diesel car it'll screw the engine. If I had some kind of electronic sensor preventing the engine from running if it detected petrol it would save me loads in the long run. Same with the fuse in my plug preventing my gear from getting fried. When my credit card breaks I get the issuer to send a new one, there is no way I'd trust some talented Indy to fix it.
This is a safeguard on my precious digital data.
You guys would be frothing at the mouth if iOS security especially fingerprint security could be compremised by just changing the screen. Stolen iPhone with Apple Pay and 5 cards registered, hacked by changing screen or sensor, that'll close apple pay in a heartbeat and sink all mobile pay solutions.
@Jonathanb
define internet connection and define reasonable price.
i think dial up is still available and is relatively cheap.
dual diverse leased lines with separate ISP's will give you great reliability but the cost would be prohibitive for a normal household but would be reasonable for a business that needed it like a bank.