SoylentNews is people
SoylentNews
from the so-simple-that-a-gov't-employee-could-do-it dept.
Russia Today reports
The US public doesn't need a Digital Security Commission; they need the FBI to stop deceiving everyone and tell the truth that it wants to spy on Americans, John McAfee, developer of the first commercial anti-virus program told RT's Ed Schultz.
[...] "The FBI wants Apple to change their software so that it removes the check for security, so that we don't check for security anymore. Once it has that software, they can use that software on any phone. But they say they only need it for one phone."
[...] "You need a hardware engineer and a [software] engineer. The hardware engineer takes the phone apart and copies the instruction set, which are the iOS and applications, and your memory. And then you run a program called a disassembler, which takes all the ones and zeros and gives you readable instructions. Then the coder sits down and he reads through. What he is looking for is the first access to the keypad, because that is the first thing you do when you input your pad. It'll take half an hour. When you see that, then he reads the instructions for where in memory this secret code is stored. It is that trivial--a half an hour.
...The FBI knows this, Apple knows this."[...] "In either case, if they (the FBI) don't know, that is tragic; if they do know it, then they are deceiving the American public and Apple and everyone else by asking for a universal key."
Video
Do you see any flaws in McAffee's explanation?
Previous: Apple Wants Court To Rule If It Can Be Forced To Unlock iPhones
Seems Like Everyone has an Opinion About Apple vs. the FBI
Update: TPP-Exposing Journalist Ed Schultz Lands on His Feet at RT
John McAfee Announces He Will Run For President of the United States
(Score: 4, Interesting) by jmorris on Sunday March 06 2016, @04:39AM
So that wraps it up for any remaining question of whether this guy is a fraud.
The crypto engine and the keys are in the SoC itself so reading the flash is pointless. If you are awesome and have real resources you could go for the RAM but that doesn't help since the pin isn't going to be readable from the ram. If you were awesome though you could boot the thing, inject malware directly into the ram of the running computer via ram access and have it wake up the USB port and dump the flash in decrypted form. Not sure whether that gets you the text message history and the other info they need without getting the PIN and using it to obtain the keyring. But you blow the chain of evidence right to heck doing it in that sort of brutal fashion so you could spy on the contact but good luck bringing them to a court based on it.
You might try sawing off the top of the SoC and trying to get at the info in the SoC that way but they put countermeasures in and when that sort of reverse engineering is done in industry they expect to lose a couple of test units and they have to get this one right the first try.
(Score: 2, Insightful) by itn on Sunday March 06 2016, @07:42AM
If only they had the resources to buy multiple(!) iPhones to perfect their technique first...? :-)
(Score: 2) by jmorris on Sunday March 06 2016, @05:38PM
When your plan is to saw up chips until you get lucky, just because you finally get lucky doesn't mean you can then grab the subject phone and know you will succeed with it. It will raise the odds because you have a better idea what is inside, not assure success. They have exactly one attempt to get it right is still the limitation, unlike industrial snooping where you just have to get one chip's package sawed off without destroying it.
(Score: 0) by Anonymous Coward on Sunday March 06 2016, @10:45AM
have it wake up the USB port
iPhones have a USB port? Someone should tell Apple about that.