SoylentNews is people
SoylentNews
from the so-simple-that-a-gov't-employee-could-do-it dept.
Russia Today reports
The US public doesn't need a Digital Security Commission; they need the FBI to stop deceiving everyone and tell the truth that it wants to spy on Americans, John McAfee, developer of the first commercial anti-virus program told RT's Ed Schultz.
[...] "The FBI wants Apple to change their software so that it removes the check for security, so that we don't check for security anymore. Once it has that software, they can use that software on any phone. But they say they only need it for one phone."
[...] "You need a hardware engineer and a [software] engineer. The hardware engineer takes the phone apart and copies the instruction set, which are the iOS and applications, and your memory. And then you run a program called a disassembler, which takes all the ones and zeros and gives you readable instructions. Then the coder sits down and he reads through. What he is looking for is the first access to the keypad, because that is the first thing you do when you input your pad. It'll take half an hour. When you see that, then he reads the instructions for where in memory this secret code is stored. It is that trivial--a half an hour.
...The FBI knows this, Apple knows this."[...] "In either case, if they (the FBI) don't know, that is tragic; if they do know it, then they are deceiving the American public and Apple and everyone else by asking for a universal key."
Video
Do you see any flaws in McAffee's explanation?
Previous: Apple Wants Court To Rule If It Can Be Forced To Unlock iPhones
Seems Like Everyone has an Opinion About Apple vs. the FBI
Update: TPP-Exposing Journalist Ed Schultz Lands on His Feet at RT
John McAfee Announces He Will Run For President of the United States
(Score: 1) by anubi on Sunday March 06 2016, @10:58AM
That's where it starts getting snicky.... where system-on-chip comes into play. Gotta keep that golden nugget completely under wraps where no one - even armed with a logic analyzer on all circuit paths to the chip - can deduce the key.
I have come to the conclusion its impossible to really secure my stuff... so I mostly do open-source Arduino-based stuff. I can generally harden it against outside attack ( my stuff is way too dumb to execute anything coming in - if its not the right format, it just gets confused and ignores it. ). But if the attacker ever gets physical possession of my stuff... game over. Its wide open.
When I was in Aerospace, it was an interest of mine to secure stuff, but it was almost impossible to have other people take me seriously. I could rant and rave till I was blue in the face about mixing code and data - and all it would get me is a high ranking on a layoff list.
"Prove all things; hold fast that which is good." [KJV: I Thessalonians 5:21]
(Score: 1) by bitstream on Sunday March 06 2016, @11:49AM
My tip: When "idiots" wants to be just that. Let them! You job is the get the cash ;)
The downside is that one accommodate bad habits so it's a good idea to look for a new job. Being able to be proud of ones work is a life quality by itself.
And the reason is just as you pointed out. Negative feedback and nothing to compensate for it. Even if you would get a bonus for a secure product but would be sacked for trying to correct errors. The cost of being without a salary would negate the bonus very easily. The laws of perverted incentives are quite pervert.
Regarding security. One have to take a cost/benefit analysis.