[Update 3/3/16]John McAfee Reveals To FBI, On National TV, How To Crack The iPhone (RT Interview)

[No Nrg]

2 hours ago, dalekphalm said:

Steve Rogers? He squared off against Cap'n 'Murica himself

 

EDIT: Just watched the video - While John McAfee might be completely fucking insane, he makes some good points in the debate against the FBI agent. The FBI's reasoning is basically "Welp, foreign agents and hackers will break into it sooner or later... Fuck it, might as well get it first!"

Ha, didn't catch that he had that same name.

Yeah I do have to agree with McAfee in his reasoning that if black hats or others knew something like a backdoor existed, you better believe they would attempt to gain access to it. 

[SpaceNugget]

2 hours ago, LAwLz said:

I still don't think there are any inaccurate statements in their post. The only thing you can argue is whether or not assembly is "human readable" or "barely human readable", which is a subjective statement. You're arguing semantics in order to discredit the article.

I don't know how you can take yourself seriously when you are just arguing for the sake of arguing. I know you are because you clearly haven't read my posts and yet are responding to them.

 

put on your reading comprehension hat for a few seconds and pay very close attention:

 

The only input I have and am trying to get across, is that assembly is human readable, and anyone who says otherwise clearly doesn't know assembly and therefor should not be spreading the misinformation that assembly is not human readable.

 

Things I do not think:

1. That the article is garbage because there is an inaccuracy and should be removed from the internet at large.

2. That Ars is an evil monster who eats children.

3. That everyone on the planet knows assembly language.

4. That anyone can read through the entire iOS assembly in half an hour.

5. Most of the other strawman bullshit you are arguing against that I never said.

 

Now relax and go back to not paying attention.

[LAwLz]

35 minutes ago, WaxyMaxy said:

The only input I have and am trying to get across, is that assembly is human readable, and anyone who says otherwise clearly doesn't know assembly and therefor should not be spreading the misinformation that assembly is not human readable.

Ars did not say it wasn't human readable. They said it was "barely human readable". The "barely" means that something is difficult, but still possible. You can't call it an "inaccuracy" either because it is a subjective statement. There is no way to measure how "humanly readable" something is.

 

In case you forgot how the conversation went, here is your post:

1) Kloaked posts the Ars Technica article

2) dimitriianghelov questions the validity of the article, asking if the Ars writer is an expert regarding this.

3) You respond: "They most definitely are not, They clearly have no idea that many people have full time jobs consisting mostly of reading and writing assembly. Calling it "barely human readable" just highlights how little they know."'

 

You said Ars wasn't qualified to write about encryption, and your only argument for why they aren't is that nitpick about semantics. That's why I am arguing with you. Because you tried to discredit a very legitimate article over a bullshit thing like that. You might mislead people into ignoring actual information regarding this. You also make a strawman where you say "It just seemed like ars was suggesting that going through the disassembled code wasn't an option because people can't read asm" which is not at all what Ars said. What ars said was that it would take more than half an hour. I am not the one making strawman arguments. You are.

 

You might not care, but I care a lot about this whole iPhone situation, and I want people to actually learn about encryption so they don't just repeat what they have heard some clueless guy say on TV. So having people discredit genuine information really grinds my gears.

[SpaceNugget]

7 minutes ago, LAwLz said:

"You said Ars wasn't qualified to write about encryption"

No I didn't. Liar. quote exactly where I said that.

 

You are king of the strawmen.

 

Good job actually going back to read my posts though. I am surprised you actually did that much.

[LAwLz]

Just now, WaxyMaxy said:

No I didn't. Liar. quote exactly where I said that.

 

You are king of the strawmen.

 

Good job actually going back to read my posts though. I am surprised you actually did that much.

I did quote exactly what you said. Someone asked if Ars were experts on "this" (this being breaking the iPhones encryption because you know, the entire thread is about that) and you said no. Again, the only strawman here is you saying that Ars said people can't read assembly, when what they actually said was that it is very difficult to do (hence the "barely").

[SpaceNugget]

8 minutes ago, LAwLz said:

I did quote exactly what you said. Someone asked if Ars were experts on "this" (this being breaking the iPhones encryption because you know, the entire thread is about that) and you said no. Again, the only strawman here is you saying that Ars said people can't read assembly, when what they actually said was that it is very difficult to do (hence the "barely").

You wont quote where I said that they aren't qualified to write about encryption because you can't. Because I didn't.

 

You assume to much.

 

You don't need to be an expert in the field (which by the way is security, not specifically encryption Edit: really there are lots of interwoven topics in this issue, morals, privacy, encryption, security, government policy, etc.) to write an article, My next post clearly implies that the article has some merit because they are correct about it taking longer than 30 minutes. so unless you are willing to pretend that doesn't exist, you are being intellectually dishonest about my position.

Edited March 4, 2016 by WaxyMaxy

[LAwLz]

Just now, WaxyMaxy said:

You wont quote where I said that they aren't qualified to write about encryption because you can't. Because I didn't.

There is a thing called "context". You did not specifically say "encryption" but that was what the person you responded to was talking about (because the entire thread is about that).

 

1) McAfee says he can crack the iPhone using this technique.

2) Ars says it wouldn't work.

3) Are Ars qualified to say that?

4) No

 

Do you see how despite not mentioning encryption, the "no" is still applies to it? That's what happened here.

 

 

5 minutes ago, WaxyMaxy said:

the field (which by the way is security, not specifically encryption)

We are talking about encryption here. I guess you could say the field is security since encryption is part of that, but why use the more general term when the entire debate is specifically about encryption? How to break the encryption used on the iPhone. And you say I argue just for the sake of it...

 

8 minutes ago, WaxyMaxy said:

My next post clearly implies that the article has some merit because they are correct about it taking longer than 30 minutes. so unless you are willing to pretend that doesn't exist, you are being intellectually dishonest about my position.

and yet you kept going on and on with your strawman about how the article states that assembly isn't human readable.

Do you see where your reading comprehension failed now? You interpreted "barely human readable" as "not human readable".

The article has more than just "some merit" as well. The entire thing is spot on with every single point being made.

[SpaceNugget]

55 minutes ago, LAwLz said:

There is a thing called "context". You did not specifically say "encryption" but that was what the person you responded to was talking about (because the entire thread is about that).

 

1) McAfee says he can crack the iPhone using this technique.

2) Ars says it wouldn't work.

3) Are Ars qualified to say that?

4) No

 

Do you see how despite not mentioning encryption, the "no" is still applies to it? That's what happened here.

 

 

We are talking about encryption here. I guess you could say the field is security since encryption is part of that, but why use the more general term when the entire debate is specifically about encryption? How to break the encryption used on the iPhone. And you say I argue just for the sake of it...

 

and yet you kept going on and on with your strawman about how the article states that assembly isn't human readable.

Do you see where your reading comprehension failed now? You interpreted "barely human readable" as "not human readable".

The article has more than just "some merit" as well. The entire thing is spot on with every single point being made.

The entire thread is not about encryption. Its about John McAfee, and his dealings with the FBI. You can say that encryption is what you think is the most important part of the thread but thats just your take, its not a fact, and its not what I was responding to. I get the final say on what which context I was interpreting the words "the field" in, not you. And encryption isn't the only step in getting the data from the phone anyway, so you are doubly misinformed.

 

I said that they were implying that it wasnt a valid option due to the difficulty of reading asm, which they clearly are.

 

But by all means keep misrepresenting me, Im sure it will make you magically right one of these days. /s

[steini1904]

5 hours ago, LAwLz said:

What you are talking about is called asymmetric encryption

Not really. The idea is having no key for decrypting the encrypted data at all, but rather even further encrypting it to a chiphertext that the client can generate a key for. The ultimate goal is having data on one computer, that cannot be decrypted with a unique, existing key. I remember it being extremely complicated and I have to admit that I'm lacking the motivation to read it up. Tomorrow.

 

But yes, it's far off-topic.

 

5 hours ago, LAwLz said:

This:

[snip]

Is not easier to understand than this:

[snip]

Since I haven't written any assembler for at least two years, for me indeed. But that's also not quite what I meant. I like how extremely easy and well assembler can be structured. It is really easy to read such code. On the other hand, my very first programming language was HLA, so I might be a tiny bit biased.

 

The beauty of assembly language is, that it tells you exactly what it does. You would have a hard time telling me what exactly printf() does without looking it up. With assembler you can clearly see every single step.

5 hours ago, LAwLz said:

Define "debugging interface".

I.e. JTAG is widely known and used.

 

5 hours ago, LAwLz said:

You are really grasping at straws if you try to argue that it wasn't a statement that he made.

Yes. ^ ^

 

5 hours ago, LAwLz said:

The software Apple could potentially write would not extract the GUI. It would not use any method even remotely similar to what McAfee described.

Well, you can't use something that's not working, can you?

 

5 hours ago, LAwLz said:

That's what someone did. There is a video of it earlier in the thread. It is really slow though and the FBI would rather just have an easy way to break into whichever iPhone they want in the future.

Mh... I'm not really talking about restarting the phone but only exposing the most minimal possible set of instructions to the module (btw.: Is it even an external module on the PCB?)

[Delicieuxz]

7 hours ago, LAwLz said:

Ars did not say it wasn't human readable. They said it was "barely human readable". The "barely" means that something is difficult, but still possible. You can't call it an "inaccuracy" either because it is a subjective statement. There is no way to measure how "humanly readable" something is.

This is a part of the Ars article that I read as hyperbole, and biased for the sake of artificially placing weight behind the article's argument through sentiment. There is no such thing as a "barely readable" language. To a person who fully knows how to read it, it is simply readable, as readable as any. To a person who is still learning, or hasn't fully learned, then it is difficult. To a person who fully knows the language, reading

Quote

section     .text
global      _start

_start:

    mov     edx,len
    mov     ecx,msg
    mov     ebx,1
    mov     eax,4
    int     0x80

    mov     eax,1
    int     0x80

section     .data

msg     db  'Hello, world!',0xa
len     equ $ - msg

... is just as easy as reading

Quote

#include<stdio.h>

int main(void)	{
	printf("Hello, World!");
}

 

It may take longer to cover the same material, as it is expressed in a lengthier form, but it is not more difficult. If a person has difficulty with a language, then there is still something about it which they have not completed learning. If their learning is complete, then there should be no resistance in their reading of it, and it should be straight-forward, however long it may take them.

[Albatross]

To me it sounded like he was talking out of his butt but then again I have no solid knowledge in this so whatever...

[QueenDemetria]

1 hour ago, Albatross said:

To me it sounded like he was talking out of his butt but then again I have no solid knowledge in this so whatever...

Him saying "it can be done in 30 min" seems a bit too optimistic to me.

[Albatross]

5 hours ago, QueenDemetria said:

Him saying "it can be done in 30 min" seems a bit too optimistic to me.

Yea, that's what made it really seem like BS.

[LAwLz]

9 hours ago, WaxyMaxy said:

I said that they were implying that it wasnt a valid option due to the difficulty of reading asm, which they clearly are.

That's your (wrong) interpretation of it. They clearly said in the article that it was possible to read assembly, but that it would take more than 30 minutes. Here is the quote from the article:

Quote

the notion that a "software engineer" could just figure out where that location was with nothing more than a disassembler and half an hour of spare time is fanciful nonsense.  Even with access to all of iOS' source code, an uninitiated developer would be doing well to find all the pieces of code responsible for handling the PIN and validating it. With nothing more than dissasembled code—the (barely) human-readable counterpart to the machine code—it's going to take substantially longer.

How anyone can interpret that as "they said it wasn't human readable" is beyond me.

All the article said was that it would take more than 30 minutes (if it was even possible, which it probably isn't for a lot of other reasons not related to assembly).

By the way, code generated from a disassembler will not be the same as just reading a program written in assembly. It is a lot more difficult to read (not just because the lack of comments but also because of imperfections and assumptions that has to be made by the disassembler).

 

 

 

8 hours ago, steini1904 said:

Not really. The idea is having no key for decrypting the encrypted data at all, but rather even further encrypting it to a chiphertext that the client can generate a key for. The ultimate goal is having data on one computer, that cannot be decrypted with a unique, existing key. I remember it being extremely complicated and I have to admit that I'm lacking the motivation to read it up. Tomorrow.

That sounds interesting but very impractical. I'm gonna have to look it up. Do you have any idea what it was called? Makes searching for it a bit easier.

 

8 hours ago, steini1904 said:

Since I haven't written any assembler for at least two years, for me indeed. But that's also not quite what I meant. I like how extremely easy and well assembler can be structured. It is really easy to read such code. On the other hand, my very first programming language was HLA, so I might be a tiny bit biased.

 

The beauty of assembly language is, that it tells you exactly what it does. You would have a hard time telling me what exactly printf() does without looking it up. With assembler you can clearly see every single step.

Fair point. I would still argue that it is easier to read for example C code. The entire point of making higher level languages was to make it easier for humans to read and write code. If it was just as easy to there would be no reason to use anything other than assembly.

 

8 hours ago, steini1904 said:

I.e. JTAG is widely known and used.

From what I know, it is not available for iPhones. Some older modems had pinouts for it, but only for the baseband.

 

8 hours ago, steini1904 said:

Mh... I'm not really talking about restarting the phone but only exposing the most minimal possible set of instructions to the module (btw.: Is it even an external module on the PCB?)

The SoC itself has a crypto engine inside it, so that is not an external module. However, some phones has a secure enclave which might be a separate chip but I am not entirely sure (although that does not apply to the iPhone 5C so it doesn't matter).

[Snickerzz]

On March 1, 2016 at 11:44 AM, No Nrg said:

I agree, FBI already probably has the crack in the works without Apple. They are just riding the pony with this case to see if they can gain the ability to crack any phone with no work needed.

Not the ponies D:::

[SpaceNugget]

7 hours ago, LAwLz said:

That's your (wrong) interpretation of it. They clearly said in the article that it was possible to read assembly, but that it would take more than 30 minutes. Here is the quote from the article:

How anyone can interpret that as "they said it wasn't human readable" is beyond me.

You have no idea how anyone could interpret the article as suggesting that the difficulty of reading asm made that an unreasonable option?

 

You can clearly read, so the only option left is that you are just going to lie and say anything because you refuse to back up and apologize for misinterpreting my post.

 

You think the entire articles accuracy revolves around whether it would take 30 minutes to hack an iphone, so forgive me for not caring if you think my interpretation is wrong.

[steini1904]

On 3/3/2016 at 0:32 PM, LAwLz said:

That sounds interesting but very impractical. I'm gonna have to look it up. Do you have any idea what it was called? Makes searching for it a bit easier.

Damnit. Sorry, I forgot to reply on here -.-

 

Sadly, the paper I were thinking of wasn't what I though it was and the guy who's getting them for me says never having heard of something like that and also couldn't find any clues in the library system.

 

Now since I remembered replying, I'm curious again: Have you found anything?

[LAwLz]

28 minutes ago, steini1904 said:

Damnit. Sorry, I forgot to reply on here -.-

 

Sadly, the paper I were thinking of wasn't what I though it was and the guy who's getting them for me says never having heard of something like that and also couldn't find any clues in the library system.

 

Now since I remembered replying, I'm curious again: Have you found anything?

Nope, didn't find anything either.

[Fetzie]

On 03/03/2016 at 8:18 AM, Delicieuxz said:

It may take longer to cover the same material, as it is expressed in a lengthier form, but it is not more difficult. If a person has difficulty with a language, then there is still something about it which they have not completed learning. If their learning is complete, then there should be no resistance in their reading of it, and it should be straight-forward, however long it may take them.

Although if you were to not include stdio and write that yourself, it would be rather longer than the first code snippet

[AMICLG]

I'd take this with a grain of salt. Russia Today (RT) is government owned/controlled and known to put out propaganda directly from the Kremlin. 

 

And then there's McAfee. Arrested for manufacturing drugs, possibly murdered his neighbor, and burned down his house intentionally.

 

 

[Delicieuxz]

1 hour ago, AdamIsaacLang said:

I'd take this with a grain of salt. Russia Today (RT) is government owned/controlled and known to put out propaganda directly from the Kremlin. 

I think no more than mainstream news in the USA and Canada are owned by corporations or the government (such as CBC in Canada), and put out driven narratives that their respective owners want to influence their viewers with. Particularly Fox News in the USA, and PostMedia chain in Canada. Both of those are far more biased that RT. And CBC in Canada has been losing its impartiality since its board has been equipped with 9 Harper appointees, and its CEO is a Harper partisan for the next several years. MSNBC and CNN are heavily-biased news sources as well, and Reuters is a worse than those two. Of them all, I think RT is among the most objective, and references details to substantiate its positions, rather than simply writing determinations of what situations are, and what they mean, like so much of North American news.

 

The idea that RT is somehow non-reputable is part of the North American bias that presumes whatever isn't its own domain is of the opponent, and non-trustworthy by default. One nation's news will present things from its nation's viewpoint, but the North American viewpoint is no less skewed, and not more truthful than the viewpoints of many other nations. I personally think Russia's style of presenting news, which is along with the considerations that substantiate their point and position, makes for a more impartial news presentation. North American news has an awful habit of just dropping presumption, hearsay, and sentiment-based determinations in a sensationalistic manner, as if there isn't anything else to be said or considered about a matter.