Discovering the “Oh, shit! The [Other] Party gets to use those powers now” argument

At least she recognized some degree of importance even during the Barrycade administration.

Protecting the Republic: Securing Communications is More Important than Ever
Protecting the privacy of speech is crucial for preserving our democracy. We live at a time when tracking an individual—a journalist, a member of the political opposition, a citizen engaged in peaceful protest—or listening to their communications is far easier than at any time in human history. Political leaders on both sides now have a responsibility to work for securing communications and devices. This means supporting not only the laws protecting free speech and the accompanying communications, but also the technologies to do so: end-to-end encryption and secured devices; it also means soundly rejecting all proposals for front-door exceptional access. Prior to the election there were strong, sound security arguments for rejecting such proposals. The privacy arguments have now, suddenly, become critically important as well. Threatened authoritarianism means that we need technological protections for our private communications every bit as much as we need the legal ones we presently have. (emphasis added- cb)

Let me give you a few brief reminders. Some of us warned about this with CALEA, PATRIOT, Patriot II, NDAA, CISPA, SOPA, HIPAA…

And pretty much every other extra-constitutional power that control freaks have handed the government over the last few decades. Oh, hell; centuries. And you never learn, except very temporarily when the opposition takes possession of the ball.

Glad I’m not that guy

So how did the FBI/Apple kerfluffle really start?

San Bernardino Shooter’s iCloud Password Changed While iPhone was in Government Possession
The filing states, “the owner [San Bernardino County Department of Public Health], in an attempt to gain access to some information in the hours after the attack, was able to reset the password remotely, but that had the effect of eliminating the possibility of an auto-backup.”
[…]
The auto reset was executed by a county information technology employee, according to a federal official. Federal investigators only found out about the reset after it had occurred and that the county employee acted on his own, not on the orders of federal authorities, the source said.

 

Questions, questions.

  • If he changed the password to access information, why isn’t the FBI rubber-hosing the password out of him?
  • What information did this guy suddenly need when the Feds took the phone?
    • Was he merely curious?
    • Did he not realize the Feds would notice?
    • Was he looking for incriminating information?
    • If so, why not leave it to LE?
  • If there was incriminating data he knew about, what kind? Was he an accomplice in the attacks, or merely lower level county corruption?

Seriously. At the very least, he had to realize resetting the password on evidence in a federal investigation would be felony “impeding an investigation.” At a minimum, he had to know he’d be suspected as an accomplice in a terrorist attack. What did he need to see so badly to make it worth the obviously inevitable consequences?

If he was deliberately hiding something, what could be worse than a definite felony, and being a terrorist suspect for the rest of his life? At best.

Maybe he really is just a curious dumbass with an IQ lower than whale shit. He is (was?) a government employee, after all.

Look, either the guy knew the new password, or he deliberately randomized it to keep investigators out. If the first, the Feds shouldn’t be making demands of Apple.

In related news:

DOJ would allow Apple to keep or destroy software to help FBI hack iPhone
The Obama administration told a magistrate judge Friday it would be willing to allow Apple to retain possession of and later destroy specialized software it was ordered to create to help federal authorities hack into the encrypted iPhone belong to Syed Rizwan Farook.

 

Looks like someone finally took cognizance of the point I’ve been making: Letting the Feds get that FBiOS is dangerous. I’ve said all along that the correct way to do this would have been to turn the phone over to Apple for forensic extraction. They unlock it, then return the unlocked phone without the security breaking code installed to the Feds.

The FBI absolutely should never get their dirty paws on the countdown bypassing and remote access code. They can’t be trusted.

The wrong question

Update: My first analysis was based on excerpts from the judges order published in the media. I’ve now read the whole order. And it’s worse than I thought. See edits below.


In response to the federal judge’s order that Apple create code to disable the countdown timer on iPhone’s password input routine (thus, allowing the FBI to mount a brute force attack without fear of the security routine wiping everything), people have asked — in a properly sarcastic manner — “What could possibly go wrong?”

They should be asking, “What could possibly go right?”

In case you have kept up, if one enters the wrong password into an iPhone too many times, it assumes the phone is in the wrong hands and self-wipes. The FBI has a phone that belong to one of the shall-not-be-named San Bernardino terrorists, but the password is set.

Enter an idiot judge. The Honorable Dumber N. Boxofrox ordered Apple to develop new code to disable the countdown feature, and to tailor it to work only on the single terrorist’s phone by hard coding it to only work with a couple of identification strings associated with that phone, and install it there. Sounds nice, right? Limited scope.

Correction: The ordered change to disable countdown (and eliminate delays in entering password attempts) is not limited to the terrorist’s iPhone. In addition to the new “FBiOS,” Apple is required to provide a separate data recovery/backup/”Software Image File” application to copy everything in flash memory. That application is the only thing required to work only on the single instrument.

Now let me explain what would really happen. Apple would basically be writing a new variant of the operating system. They would install it (as an update) to the phone in the FBI’s custody. FBI eventually unlocks phone, images everything on the phone.

Everything.

That is inevitably going to include the operating system, which means the FBI would now be in possession of the security-bypassing OS. They could turn it over to hackers to decompile the code, then scan for the two hard-coded ID strings. At this point, they could either type in two new strings for whatever other iPhone they might have laying around in an unrelated case, or change the code to not require the IDs at all. A brand new electronic forensic tool, provided free of charge by Apple.

Correction: No need to reverse engineer anything. Plus, the FBiOS must allow the Feds to enter passwords via WiFi or Bluetooth; i.e.- remotely, just as the FBiOS would be uploaded remotely. Once they have the OS in hand, the FBI can do it to anyone without even the need to reverse engineer the FBiOS. They’re demanding a turnkey mass covert surveillance tool from Apple.

But the Feds would never steal some company’s code, would they? Or go sneaking around spying without a warrant. And it would never occur to them to use a variant of a Stingray to generally access other phones and surreptitiously upload their little bit of malware.

Hell, you know they would. Personally, I suspect that’s exactly what they want. Since the terrorists were savvy enough to kill their data trail by disappearing their computer hard drive, I doubt they left anything useful on the iPhone. At most contacts, which the FBI can already get by subpoenaing their billing records from the phone company.

So let’s assume for the sake of discussion that they do this. We’ll even give the Feebs enough credit to say they don’t get hacked by another 16yo kid who steals data from them… you know, like new OS code.

But in this hypothetical scenario, they’ve released the code into the wild. Into iPhones whose security has been crippled by definition. Don’t lose your phone or get it stolen Correction: With remote acccess, no one has to physically steal your iPhone; whoever ends up with it can get any data…just as easily as the Feds. Or install malware (keystroke loggers, audiovisual bugs, GPS tracking, etc.) on it and return the iPhone they “found.”

I suspect jealous spouses and significant others would be a ready market, as well.

And recall that Apple programmers say that what the Feds are demanding would work on newer iPhones, too; not just the older generation terrorist’s smartphone, of which there are probably millions in use anyway.

What with people jailbreaking phones anyway, it would only be a matter of time before some hacker generated his own malOS. For that matter, maybe the FBI should hire that 16yo to hack that phone for them.

Oh. Wait. Then they’d have to pay him. When they can force Apple to do it free.

And if you believe that

I’ve got a slightly used bridge for sale on eBay.

Recently Bought a Windows Computer? Microsoft Probably Has Your Encryption Key
ONE OF THE EXCELLENT FEATURES of new Windows devices is that disk encryption is built-in and turned on by default, protecting your data in case your device is lost or stolen. But what is less well-known is that, if you are like most users and login to Windows 10 using your Microsoft account, your computer automatically uploaded a copy of your recovery key — which can be used to unlock your encrypted disk — to Microsoft’s servers, probably without your knowledge and without an option to opt out.
[…]
Users can choose to delete recovery keys from their Microsoft accounts…

Everyone who believes that will completely delete the key from MacroSnoop’s servers, raise your hand.

Seriously, folks. I’ve heard of some alleged freedom lovers who claim to love Win10. Why?

PSA: A Holiday Privacy Reminder

smash-computer

If you happened to receive a new computer, and are tossing out an old machine, please remember to permanently erase any personal data. Otherwise, someone like me* just might find your discrete photos, bank account numbers, SSAN, and so forth.

In Windows, merely “deleting” the files doesn’t do it; deleted files sit in your recycle bin until you actively empty it…

Which also doesn’t do it. A deleted file isn’t truly deleted until the portions of the hard drive on which it sat is overwritten. “Deleting” just changes the file header to “this space available”. Until it’s overwritten, someone like me — or worse, someone not as honest as me — can recover the data.

So delete all your data using a file shredder like this one before that computer goes out to the curb.


* The last three computers I acquired by scrounging — including one last night — all had extensive files left completely undeleted: pictures of kids, vacation shots, financial data, personal letters, and more. I’m nice; I just wiped it all.