[Update 3/3/16]John McAfee Reveals To FBI, On National TV, How To Crack The iPhone (RT Interview)

[dalekphalm]

1 minute ago, NLR said:

I'm not sure if you're reading what I'm typing, but allow me to make this simple for you.

"How would you enforce a law like that?" - It wouldn't be an enforceable law, it would be a law that only comes into effect when a person is convicted of a certain crime(Like terrorism).

"If you give law enforcement all of the master keys to all of the various encryption software around the world, then you're basically making encryption meaningless." - Are you even reading what I've typed? Only high level crime like terrorism would result in the encryption being broken, for the sole purpose of getting information to stop further attacks. There WOULDN'T BE a list of master keys. If a convict has data that's encrypted, the government in question would either crack it themselves, or they'd request a key from the provider of the encryption. No banks of keys, no way to abuse it.

"Not to mention, the government at various levels HAVE been hacked before." - Obviously they have, but I doubt a hacker would try to hack a government PC  just to crack someones encryption. It just would be worth it. That, and they'd have to find where the small bit of code is even stored before they could try to get it.

"If the government has a list of master encryption keys, that list can be stolen. If that list was stolen, then that would be the biggest disaster in cybersecurity of all time." - Again, there is no list in the first place, so this is a moot point.

The fact that there is no list to begin with is kind of my point.

 

Making a law like that, that was even remotely practical or enforceable, would mean that such a list would, by definition, need to be created.

Take Apple, for example. There is no master key. If Such a law was created, Apple STILL wouldn't be able to magically unlock the iPhone. They've specifically stated multiple times that iOS 8+ has no master key. The only key is the public signed key, and the hardware specific key created when you create your passcode. Both keys are needed. Apple doesn't have a key that can bypass that.

They would have to specifically and intentionally write a brand new version of IOS that removes existing security features.

 

Some companies do keep master keys.

 

But what about all the Open Source encryption software out there? No master keys for that either. Take TrueCrypt (If you believe that the NSA hasn't cracked it - which, code auditing by independent industry experts seems to confirm), if they encrypt their volume via TrueCrypt, then there is no master key. The government can only try and brute force crack it (Which they already do anyway).

 

The government already has laws that give them access to data via court warrants. Giving them a law to suspend "encryption entitlement" is an incredibly large slippery slope, because it might incentivize the government to try and force encryption providers to actually weaken their security for the governments benefit.

[StareX]

Yeah.... the FBI just wants to access our privacy.. not gonna happen :))

[dalekphalm]

13 minutes ago, wcreek said:

Eh 

I'm just pointing out that your post made literally no sense. How would he "seem to be an advocate for intrusiveness" because a company he left 22 years ago makes an overzealous AV scanner?

[SpaceNugget]

19 minutes ago, NLR said:

I'm not sure if you're reading what I'm typing, but allow me to make this simple for you.

"How would you enforce a law like that?" - It wouldn't be an enforceable law, it would be a law that only comes into effect when a person is convicted of a certain crime(Like terrorism).

"If you give law enforcement all of the master keys to all of the various encryption software around the world, then you're basically making encryption meaningless." - Are you even reading what I've typed? Only high level crime like terrorism would result in the encryption being broken, for the sole purpose of getting information to stop further attacks. There WOULDN'T BE a list of master keys. If a convict has data that's encrypted, the government in question would either crack it themselves, or they'd request a key from the provider of the encryption. No banks of keys, no way to abuse it.

"Not to mention, the government at various levels HAVE been hacked before." - Obviously they have, but I doubt a hacker would try to hack a government PC  just to crack someones encryption. It just wouldn't be worth it. That, and they'd have to find where the small bit of code is even stored before they could try to get it.

"If the government has a list of master encryption keys, that list can be stolen. If that list was stolen, then that would be the biggest disaster in cybersecurity of all time." - Again, there is no list in the first place, so this is a moot point.

I don't think you have spent more than a couple seconds thinking about this. ALL laws "come into effect only when someone breaks them."

 

What you don't seem to get is that software isn't something they can really give back. After they get permission to have it developed for one phone, they have it to use illegally forever after (you can't un-break encryption when you are done).

 

We already have things like the warrant system in effect and still the police regularly conduct illegal searches, what makes you think that they wont use a tool like that once they have it.

 

And yes, every other government in the world (and many non government people) would be chomping at the bit to hack the FBI if they had a magical encryption breaker. Do you think hackers have the morals to not look at online banking traffic?

[handymanshandle]

9 minutes ago, dalekphalm said:

I'm just pointing out that your post made literally no sense. How would he "seem to be an advocate for intrusiveness" because a company he left 22 years ago makes an overzealous AV scanner?

I know.

[ChineseChef]

15 minutes ago, dalekphalm said:

I'm just pointing out that your post made literally no sense. How would he "seem to be an advocate for intrusiveness" because a company he left 22 years ago makes an overzealous AV scanner?

1994, 22 years ago, WTF??  How old am I?  I feel like my parents, "where has the time gone".

[dalekphalm]

1 minute ago, ChineseChef said:

1994, 22 years ago, WTF??  How old am I?  I feel like my parents, "where has the time gone".

Don't talk to me about old until you can remember 1994

[Silverfields]

1 minute ago, dalekphalm said:

The fact that there is no list to begin with is kind of my point.

 

Making a law like that, that was even remotely practical or enforceable, would mean that such a list would, by definition, need to be created.

Take Apple, for example. There is no master key. If Such a law was created, Apple STILL wouldn't be able to magically unlock the iPhone. They've specifically stated multiple times that iOS 8+ has no master key. The only key is the public signed key, and the hardware specific key created when you create your passcode. Both keys are needed. Apple doesn't have a key that can bypass that.

They would have to specifically and intentionally write a brand new version of IOS that removes existing security features.

 

Some companies do keep master keys.

 

But what about all the Open Source encryption software out there? No master keys for that either. Take TrueCrypt (If you believe that the NSA hasn't cracked it - which, code auditing by independent industry experts seems to confirm), if they encrypt their volume via TrueCrypt, then there is no master key. The government can only try and brute force crack it (Which they already do anyway).

 

The government already has laws that give them access to data via court warrants. Giving them a law to suspend "encryption entitlement" is an incredibly large slippery slope, because it might incentivize the government to try and force encryption providers to actually weaken their security for the governments benefit.

 

1 minute ago, WaxyMaxy said:

I don't think you have spent more than a couple seconds thinking about this. ALL laws "come into effect only when someone breaks them."

 

What you don't seem to get is that software isn't something they can really give back. After they get permission to have it developed for one phone, they have it to use illegally forever after (you can't un-break encryption when you are done).

 

We already have things like the warrant system in effect and still the police regularly conduct illegal searches, what makes you think that they wont use a tool like that once they have it.

 

And yes, every other government in the world (and many non government people) would be chomping at the bit to hack the FBI if they had a magical encryption breaker. Do you think hackers have the morals to not look at online banking traffic?

All that I see is a bunch of people that seem to fear the government. I don't deny that the US government does things that they shouldn't. But if you remind yourself of the context here, is it really so wrong? A terrorist has a device with data on it that could potentially lead to lives being saved, and you people seem to think that the world will end if they gain access to it. Do you really value your privacy over people's lives? A law abiding citizen has no need to fear their data being looked at by the government

You guys are taking this WAY out of proportion. This isn't about hackers, and this isn't about people stealing bank credentials. This is about the FBI getting access to a phone that belonged to a terrorist, and could potentially save lives with the information it provides. If you're so scared about the government getting access to your files, then YOU'RE obviously doing something that you shouldn't be.

Yes, a backdoor/law like this might lead to horrid events. However, what you need to realize, is that they're trying to unlock this phone so they can potentially learn how they operated, and prevent more horrid acts like this one.

This has devolved into an argument of rights and morals, and y'all seem to think that your privacy is more important than people's lives. I understand(somewhat) what you fear, but I think you've been watching to many Top10Conspiricy videos on Youtube. Your fears, while they have basis, seem irrational to me. I guess in the end, we think in different ways.

 

[dalekphalm]

Just now, NLR said:

 

All that I see is a bunch of people that seem to fear the government. I don't deny that the US government does things that they shouldn't. But if you remind yourself of the context here, is it really so wrong? A terrorist has a device with data on it that could potentially lead to lives being saved, and you people seem to think that the world will end if they gain access to it. Do you really value your privacy over people's lives? A law abiding citizen has no need to fear their data being looked at by the government

You guys are taking this WAY out of proportion. This isn't about hackers, and this isn't about people stealing bank credentials. This is about the FBI getting access to a phone that belonged to a terrorist, and could potentially save lives with the information it provides. If you're so scared about the government getting access to your files, then YOU'RE obviously doing something that you shouldn't be.

Yes, a backdoor/law like this might lead to horrid events. However, what you need to realize, is that they're trying to unlock this phone so they can potentially learn how they operated, and prevent more horrid acts like this one.

This has devolved into an argument of rights and morals, and y'all seem to think that your privacy is more important than people's lives. I understand(somewhat) what you fear, but I think you've been watching to many Top10Conspiricy videos on Youtube. Your fears, while they have basis, seem irrational to me. I guess in the end, we think in different ways.

 

As a law abiding CANADIAN Citizen, the US getting access to my data scares the shit out of me, as it should for every single non-american on this forum. These backdoors and laws will affect the entire world, not just the US.

 

And yes, I value my inalienable rights more than temporary security that will neither protect nor secure me. I do not trust a foreign government (The United States of America) with my data. I do not trust them to put my best interests at heart, because let's be honest - I'm not an American Citizen - they don't really give a shit about me at all. The US Government actively and intentionally spied on the Leader of an Allied Nation (Angela Merkel, Chancellor of Germany). They obviously put themselves and their own interests above the interests of another.

 

The problem here is that you see "Terrorist" and it's blinding you to reason. You're not looking at the big picture at all. And despite how many times you say "This isn't about hackers", yes it is. This is about the pandora's box that cannot be closed once the FBI gets it's way.

 

I'll put it this way, would you be happy if China or Russia had that same capability? Would you trust them to abide by some law that the US created, and only use it with convicted terrorists? I sure as hell don't. And neither should you. But if the FBI gets their way, and Apple is forced to write an unsecure version of iOS, sooner or later, they'll get a hold of it. And once they do, they'll be able to flash it onto any iPhone in their possession.

 

This isn't some conspiracy, this is based on actual historical precedence, and actions the US government (and others) have already performed.

[Master Disaster]

1 hour ago, dalekphalm said:

You're missing the bigger picture.

 

The fact that they can simply patch any backdoor that they create after the fact is not the point. The point is that the Government would have set a precedence, that even if Apple created a backdoor and then patched it, the Government could simply request a new backdoor any time they wanted.

 

Also, with the type of backdoor that the FBI has requested, it would literally work on any iPhone capable of running iOS8/9, so pretty much, any iPhone 5 or higher (Possibly the 4 series as well). If they gained physical access to the device, they could - in theory - flash the iPhone with the hacked/backdoor iOS version.

 

Apple is saying that this cracked version should not ever be created in the first place.

Any Apple device running IOS actually, so thats Phones, Tablets & Apple TV boxes.

[SpaceNugget]

15 minutes ago, NLR said:

A law abiding citizen has no need to fear their data being looked at by the government

Yes, Yes they most definitely do.

 

"Arguing that you don't care about the right to privacy because you have nothing to hide is no different than saying you don't care about free speech because you have nothing to say" - Edward Snowden

[Silverfields]

1 minute ago, dalekphalm said:

As a law abiding CANADIAN Citizen, the US getting access to my data scares the shit out of me, as it should for every single non-american on this forum. These backdoors and laws will affect the entire world, not just the US.

 

And yes, I value my inalienable rights more than temporary security that will neither protect nor secure me. I do not trust a foreign government (The United States of America) with my data. I do not trust them to put my best interests at heart, because let's be honest - I'm not an American Citizen - they don't really give a shit about me at all. The US Government actively and intentionally spied on the Leader of an Allied Nation (Angela Merkel, Chancellor of Germany). They obviously put themselves and their own interests above the interests of another.

 

The problem here is that you see "Terrorist" and it's blinding you to reason. You're not looking at the big picture at all. And despite how many times you say "This isn't about hackers", yes it is. This is about the pandora's box that cannot be closed once the FBI gets it's way.

 

I'll put it this way, would you be happy if China or Russia had that same capability? Would you trust them to abide by some law that the US created, and only use it with convicted terrorists? I sure as hell don't. And neither should you. But if the FBI gets their way, and Apple is forced to write an unsecure version of iOS, sooner or later, they'll get a hold of it. And once they do, they'll be able to flash it onto any iPhone in their possession.

 

This isn't some conspiracy, this is based on actual historical precedence, and actions the US government (and others) have already performed.

I'll freely admit that the US government has done some rather questionable and in many cases, downright illegal things.

What I don't understand if why you fear the US government so much. In THIS case, they're trying to secure data to prevent terrorist attacks. Yes, a backdoor would not be something I'd want to give them. Hell, I completely agree in regards to this whole thing. Apple should NOT give them a backdoor. What I was trying to say in previous posts, is that something needs to change. We need to be able to gain access to these terrorists phones/devices, otherwise, it'll be quite hard to get intel on how they operate. I

The FBI will end up cracking the OS at some point, and once they do, Apple won't be able to do anything about it. THAT is why I think laws need to be put in place, otherwise, the FBI will have free reign to do what they want to get the data they seek. If guidelines aren't set, the FBI will do whatever they want to get what they want.

I don't, as an American citizen, approve of some of the illegal acts they've done, but if it were YOUR government doing these acts, you certainly wouldn't be complaining as much as you are now.

To recap, I argue that if apple denies the FBI, they'll do what they always do, and likely break some laws for the good of America. the majority of the spying the FBI/CIA does is to keep America safe. If your government did similar things to America, I doubt you would be complaining.

[SpaceNugget]

5 minutes ago, NLR said:

I'll freely admit that the US government has done some rather questionable and in many cases, downright illegal things.

What I don't understand if why you fear the US government so much. In THIS case, they're trying to secure data to prevent terrorist attacks. Yes, a backdoor would not be something I'd want to give them. Hell, I completely agree in regards to this whole thing. Apple should NOT give them a backdoor. What I was trying to say in previous posts, is that something needs to change. We need to be able to gain access to these terrorists phones/devices, otherwise, it'll be quite hard to get intel on how they operate. I

The FBI will end up cracking the OS at some point, and once they do, Apple won't be able to do anything about it. THAT is why I think laws need to be put in place, otherwise, the FBI will have free reign to do what they want to get the data they seek. If guidelines aren't set, the FBI will do whatever they want to get what they want.

I don't, as an American citizen, approve of some of the illegal acts they've done, but if it were YOUR government doing these acts, you certainly wouldn't be complaining as much as you are now.

To recap, I argue that if apple denies the FBI, they'll do what they always do, and likely break some laws for the good of America. the majority of the spying the FBI/CIA does is to keep America safe. If your government did similar things to America, I doubt you would be complaining.

Your short sighted view prevents you from seeing that this would clearly be a detriment to the citizens of America, let alone the citizens of the rest of the world. I would definitely be complaining if Canada was doing this. Canada is just as guilty of many other privacy infringements (on us Canadians and abroad), But this particular topic is about what the American government is doing wrong.

[Nowak]

1 hour ago, LAwLz said:

Ohh McAfee you're such a troll. That's not how encryption works, and you know it.

The outcome of this might be good (people realizing that the FBI are full of shit) but I don't think misinformation is the right way to do it. The password is not stored like that, and even if it was it would certainly not be in plain text.

Pretty much. No operating system would store passwords in plaintext. Unless the developer is that stupid, but if they're not, passwords will be hashed and salted.

[Neroglance]

I think another problem with the FBI doing this is besides the bad PR it sets for Apple and what it could cause in the future if they were to do it with them wanting it done more often.  Which Apple has helped the FBI I think 72 times no access locked phones but because of all the PR on this time they are refusing.   Anyways this cost Apple money everytime they do it as it cost them engineers time and Apple has to fund those engineers etc.  So not only does Apple lose money by doing these things but if you consider Apple has loads of money what if it was a small mom and pop company who didn't have those kind of funds and the FBI was trying to force them into doing something like this on something they created that could ruin there company and there lives.   This is things why the government should interfere with the free market because it can have devastating effects.   I am not a Apple fan but if they did give FBI backdoors the other 72 times like its been said or some number around there they were kind of asking for this when something bigger came along they should have known they would have come knocking again for help and rightfully if they helped before the FBI probably didn't hesitate to ask them because they have been so helpful before.

[Misanthrope]

2 hours ago, NLR said:

While I understand your point, why doesn't the government make a law/regulation stating that if you're convicted of breaking certain laws, you lose the right to encryption or something? That way, the FBI cannot legally ask for a backdoor unless its under strict regulation, and we don't have stupid drama like this.

EDIT: By certain laws, I mean really horrible things that result in a threat to the security/lives of the country.
 

You cannot unring a bell: once it exists it can be abused by the government AND it can potentially be exploited.

 

Having no backdoor it's just more secure than even the most safeguarded backdoor.

[Silverfields]

I'm done arguing my point. The FBI will gain access to the phone, whether Apple helps or not. All of this is an attempt to make encryption look bad to everyone who isn't informed about its value. And most likely, some stupid law will be passed that will be even worse than mine apparently is. Its only a matter of time now.



 

[dacheezypuffs]

I'm a software developer...I can assure you it's not a half hour job and he is going to soon eat his shoe if he keeps this up.

[dalekphalm]

26 minutes ago, TitanModz said:

I think another problem with the FBI doing this is besides the bad PR it sets for Apple and what it could cause in the future if they were to do it with them wanting it done more often.  Which Apple has helped the FBI I think 72 times no access locked phones but because of all the PR on this time they are refusing.   Anyways this cost Apple money everytime they do it as it cost them engineers time and Apple has to fund those engineers etc.  So not only does Apple lose money by doing these things but if you consider Apple has loads of money what if it was a small mom and pop company who didn't have those kind of funds and the FBI was trying to force them into doing something like this on something they created that could ruin there company and there lives.   This is things why the government should interfere with the free market because it can have devastating effects.   I am not a Apple fan but if they did give FBI backdoors the other 72 times like its been said or some number around there they were kind of asking for this when something bigger came along they should have known they would have come knocking again for help and rightfully if they helped before the FBI probably didn't hesitate to ask them because they have been so helpful before.

The difference between the previous "72" times (source?) is that in the past, it was done using iOS ver. 7 or earlier. On those older versions of iOS, Apple did in fact have a master key. It was relatively trivial for them to unlock an encrypted device.

 

In iOS 8+, however, such a master key no longer exists. Apple has removed the key, because they felt that it was an unjustifiable potential security hole that could be exploited. Whether that is the only reason or not? Apple only knows.

 

But the fact remains the same. It's NOT the same as last time. Apple is being asked to create, from scratch, a piece of software that does not currently exist.

[Neroglance]

3 minutes ago, dalekphalm said:

The difference between the previous "72" times (source?) is that in the past, it was done using iOS ver. 7 or earlier. On those older versions of iOS, Apple did in fact have a master key. It was relatively trivial for them to unlock an encrypted device.

 

In iOS 8+, however, such a master key no longer exists. Apple has removed the key, because they felt that it was an unjustifiable potential security hole that could be exploited. Whether that is the only reason or not? Apple only knows.

 

But the fact remains the same. It's NOT the same as last time. Apple is being asked to create, from scratch, a piece of software that does not currently exist.

Which if you read my whole comment still stands the point rather you have a multi billion dollar company or not, it cost that company money and resources to develop and it may not hurt a large company like apple financially but what if it wasn't a big company and a small mom and pop company. 

 

Apple did choose to help them the 72 or whatever times before and rather they had a key or not for the IOS ver. 7 or earlier they still choose to decide to help the government and rather they have to do extra work to get the key for the new IOS they still helped them before so the of course the FBI is going to come and say help us.  If they would have said no rather or not they could the first few times they may not be in this dilemma. 

 

Still stand by my point the federal government needs to stay out of trying to force private companys to do there bidding if they want it unlocked they need to put the time and effort into having people do it and not force a private company to do the bidding.

[ChineseChef]

2 hours ago, dalekphalm said:

Don't talk to me about old until you can remember 1994

I was 11, so can't say I remember anything of real significance.  But I do remember stuff.

[givingtnt]

lol

[Arty]

2 hours ago, NLR said:

I'll freely admit that the US government has done some rather questionable and in many cases, downright illegal things.
 

That's such an understatement

 

The Government has tons of Cover Ups, and secrets, so much bull shit thier hiding, that america blindly follows. 

[Silverfields]

1 minute ago, Arty said:

That's such an understatement

 

The Government has tons of Cover Ups, and secrets, so much bull shit thier hiding, that america blindly follows. 

Not that we have much of a choice. I doubt a second revolutionary war would go well for us at this stage.

[Arty]

Just now, NLR said:

Not that we have much of a choice. I doubt a second revolutionary war would go well for us at this stage.

That is very true. 

But we need more Snowdens, to expose the government. 

I really wanna know how much of 9/11 was forged.