If you can read this, either the style sheet didn't load or you have an older browser that doesn't support style sheets. Try clearing your browser cache and refreshing the page.

(Apple Insider)   U.S. Drug Enforcement Agency openly frustrated that they cannot crack Apple's iMessage encryption to listen in on suspects   (appleinsider.com) divider line 140
    More: Spiffy, DEA, encryption, Mac computers, Internet Crime Complaint Center  
•       •       •

9615 clicks; posted to Main » on 04 Apr 2013 at 3:56 PM (1 year ago)   |  Favorite    |   share:  Share on Twitter share via Email Share on Facebook   more»



140 Comments   (+0 »)
   
View Voting Results: Smartest and Funniest

Archived thread

First | « | 1 | 2 | 3 | » | Last | Show all
 
2013-04-04 01:55:21 PM
I thought the #2 mobile OS was better, with all the anti virus programs you can download from Google play.
/Grabs popcorn and holds tight to my lumia 920
 
2013-04-04 02:02:46 PM
It's Drug Enforcement Administration, Not Drug Enforcement Agency.
In any case, those assholes are the problem, not the solution.
 
2013-04-04 02:05:55 PM
Meh.  I can do better with paper and pencil, something not even the NSA can crack.  Ever.
 
2013-04-04 02:18:50 PM
imgs.xkcd.com
 
2013-04-04 02:20:31 PM
DanZero:
imgs.xkcd.com

Assuming this is pointed at me, you can't be expected to remember a long string of random numbers that you destroyed immediately after use.
 
2013-04-04 02:26:25 PM

TommyymmoT: It's Drug Enforcement Administration, Not Drug Enforcement Agency.
In any case, those assholes are the problem, not the solution.


i.imgur.com
 
2013-04-04 03:01:46 PM
why wasnt DEA funding cut by 100%?
absolutely NOTHING would have changed and all that money would have been saved.

I guess that is a question for the small government people. 
WHY does the DEA exist?
 
2013-04-04 03:03:20 PM

dittybopper: DanZero:
[imgs.xkcd.com image 448x274]

Assuming this is pointed at me, you can't be expected to remember a long string of random numbers that you destroyed immediately after use.


Makes it a lot harder for you to decrypt if you neither have nor can remember the key, though.

And sure, here's a block of text from a famous historical document encrypted according to my own uncrackable cipher:

1

Just try to crack that one, guys.
 
2013-04-04 03:12:02 PM
Well bless their hearts.
 
2013-04-04 03:13:43 PM
HR MSG NR 1 GR 9 BT
05231 05231 90079 02269 13953  55743 44189 77571 89058
AR
 
2013-04-04 03:15:09 PM

Krymson Tyde: Well bless their

little pea-picking hearts.

FTFordY.
 
2013-04-04 03:42:36 PM
I'm ok with that
 
2013-04-04 03:43:53 PM
How about just assuming anything you send wirelessly is not going to be secure in any way.
 
2013-04-04 03:47:33 PM
This is terrifying!

If the DEA can't read everybody's texts then the bad guys will win the drug war, causing black men to smoke pot and have sex with white women!


The 4th Amendment is NOT a suicide pact.
 
2013-04-04 03:48:10 PM
What if the DEA cracked the encryption and want all drug dealers to use iMessage now thinking it's safe?

i.imgur.com
 
2013-04-04 04:03:06 PM

WalkingCarpet: What if the DEA cracked the encryption and want all drug dealers to use iMessage now thinking it's safe?

[i.imgur.com image 246x245]


Inception!
 
2013-04-04 04:03:22 PM
Time to switch to iMessage!
 
2013-04-04 04:04:35 PM
There has to be a similar market for ... never mind... off to the patent office.
 
2013-04-04 04:05:11 PM

WalkingCarpet: What if the DEA cracked the encryption and want all drug dealers to use iMessage now thinking it's safe?

[i.imgur.com image 246x245]


Sounds like another issue is that iMessage doesn't use the SMS system.  KiK, Gtalk, etc. may also be safe to use.
 
2013-04-04 04:05:56 PM

Strategeryz0r: WalkingCarpet: What if the DEA cracked the encryption and want all drug dealers to use iMessage now thinking it's safe?

[i.imgur.com image 246x245]

Inception!


That's what I'm thinking.
 
2013-04-04 04:06:45 PM
WalkingCarpet: "What if the DEA cracked the encryption and want all drug dealers to use iMessage now thinking it's safe?"

Drug Dealers use burners.
It's cute to have encryption, but if you're carrying the same tracking beacon 24/7 they'll get plenty of evidence the old fashioned way.
 
2013-04-04 04:09:16 PM

dittybopper: Meh.  I can do better with paper and pencil, something not even the NSA can crack.  Ever.


Just write it in Cherokee, then translate to Sandia man hieroglyph, then back into Navaho.
 
2013-04-04 04:11:30 PM
I didn't submit this link with a funnier headline...but I'm confident someone did.
 
2013-04-04 04:11:37 PM
I have 5000 sheets of random numbers generated from a cosmic ray detector hooked up to a typewriter.

Bring it.

/carrying them around is a biatch tho'
 
2013-04-04 04:11:53 PM

dittybopper: DanZero:
[imgs.xkcd.com image 448x274]

Assuming this is pointed at me, you can't be expected to remember a long string of random numbers that you destroyed immediately after use.


Actually not only is it directed at you, Randall Munro originally created the comic with you in mind.  You're that big a deal.
 
2013-04-04 04:12:04 PM

dittybopper: HR MSG NR 1 GR 9 BT
05231 05231 90079 02269 13953  55743 44189 77571 89058
AR


Okay, I'll ask. I know the layout- that's likely Enigma code. How does one set the machine to decode it, if you know the reel settings?
 
2013-04-04 04:12:32 PM
Encryption, folks.  It's not too hard to set up.
 
2013-04-04 04:12:54 PM
So, what this means is that iMessage is actually the easiest thing for them to spy on and they want everyone who's doing illicit business to use it, right?
 
2013-04-04 04:14:35 PM
You mean they totally have the encryption keys to iMessage and just want you to think that they can't crack it.  Matter of fact if you are to something nefarious they would kindly ask you to use iMessage since this will streamline their wiretaps a good bit.
 
2013-04-04 04:15:37 PM

dittybopper: Meh. I can do better with paper and pencil, something not even the NSA can crack. Ever.


Dilettantes have been telling themselves that for millennia.

It's long been rumored that Microsoft has placed backdoors in Windows for government surveillance. They've never denied this as far as I know. Given the kind of pressure the US government can exert, I don't think anyone would be surprised if they did the same to Apple. This could just be a clever false flag operation. Convince drug dealers and other criminals to use something they know to be cracked wide open, like say iMessage, versus using a service with strong, open source encryption.
 
2013-04-04 04:15:43 PM

Riche: This is terrifying!

If the DEA can't read everybody's texts then the bad guys will win the drug war, causing black men to smoke pot and have sex with white women!


The 4th Amendment is NOT a suicide pact.


Plus, it leads to bestiality, don't ya know.
 
2013-04-04 04:17:08 PM

dittybopper: Meh.  I can do better with paper and pencil, something not even the NSA can crack.  Ever.


If you are referring to using a one-time pad, don't ignore the inconvenience of those pads: they must be shared first.  Why even bother?  Choose a strong enough key, and AES will stand up to the NSA.  (Not forever, but long enough).

 
2013-04-04 04:17:23 PM

dittybopper: HR MSG NR 1 GR 9 BT
05231 05231 90079 02269 13953  55743 44189 77571 89058
AR


You're the reason I enjoy crypto threads, FYI.
 
2013-04-04 04:17:45 PM

Sword and Shield: dittybopper: HR MSG NR 1 GR 9 BT
05231 05231 90079 02269 13953  55743 44189 77571 89058
AR

Okay, I'll ask. I know the layout- that's likely Enigma code. How does one set the machine to decode it, if you know the reel settings?


No it isn't:  Enigma doesn't encrypt numbers.  An Enigma message will consist entirely of letters.

Everything you need to decrypt that is in my profile.

I suggest you also read the Wikipedia articles about straddling checkerboards and  one time pads.
 
2013-04-04 04:18:59 PM

ceebeecates4: dittybopper: Meh.  I can do better with paper and pencil, something not even the NSA can crack.  Ever.

If you are referring to using a one-time pad, don't ignore the inconvenience of those pads: they must be shared first.  Why even bother?  Choose a strong enough key, and AES will stand up to the NSA.  (Not forever, but long enough).


Pads can be transferred face-to-face.  Rare is the person you wish to communicate with that you never meet.
 
2013-04-04 04:19:25 PM
BBM was meant to be "untraceable" during the london riots. IIRC they tried to shut it down at one point
http://m.guardian.co.uk/media/2011/aug/08/london-riots-facebook-twitt e r-blackberry
 
2013-04-04 04:21:18 PM
I'm an android guy, but score one for the fruits.
 
2013-04-04 04:22:11 PM
Nowadays the laptop has only one function for Randy: he uses it to communicate with other people, through e-mail. When he communicates with Avi, he has to use Ordo, which is a tool for taking his ideas and converting them into streams of bits that are almost indistinguishable from white noise, so that they can be sent to Avi in privacy. In exchange, it receives noise from Avi and converts it into Avi's thoughts.

At the moment, Epiphyte has no assets other than information--it is an idea, with some facts and data to back it up. This makes it eminently stealable. So encryption is definitely a good idea. The question is: how much paranoia is really appropriate?
Avi sent him encrypted e-mail:

When you get to Manila I would like you to generate a 4096 bit key pair and keep it on a floppy disk that you carry on your person at all times. Do not keep it on your hard disk. Anyone could break into your hotel room while you're out and steal that key.

Now, Randy pulls down a menu and picks an item labeled: "New key. . ." A box pops up giving him several KEY LENGTH options: 768 bits, 1024, 1536, 2048, 3072, or Custom.

Randy picks the latter option and then, wearily, types in 4096.

Even a 768-bit key requires vast resources to break. Add one bit, to make it 769 bits long, and the number of possible keys doubles, the problem becomes much more difficult. A 770-bit key is that much more difficult yet, and so on. By using 768-bit keys, Randy and Avi could keep their communications secret from nearly every entity in the world for at least the next several years. A 1024-bit key would be vastly, astronomically more difficult to break.

Some people go so far as to use keys 2048 or even 3072 bits in length. These will stop the very best codebreakers on the face of the earth for astronomical periods of time, barring the invention of otherworldly technologies such as quantum computers. Most encryption software--even stuff written by extremely security-conscious cryptography experts--can't even handle keys larger than that. But Avi insists on using Ordo, generally considered the best encryption software in the world, because it can handle keys of unlimited length--as long as you don't mind waiting for it to crunch all the numbers.

Randy begins typing. He is not bothering to look at the screen; he is staring out the window at the lights on the trucks and the jeepneys. He is only using one hand, just flailing away loosely at the keyboard.

Inside Randy's computer is a precise clock. Whenever he strikes a key, Ordo uses that clock to record the current time, down to microseconds. He hits a key at 03:03:56.935788 and he hits another one at 03:05:57.290664, or about .354876 seconds later. Another .372307 seconds later, he hits another one.
Ordo keeps track of all of these intervals and discards the more significant digits (in this example the .35 and the .37) because these parts will tend to be similar from one event to the next.

Ordo wants randomness. It only wants the least significant digits--say, the 76 and the 07 at the very ends of these numbers. It wants a whole lot of random numbers, and it wants them to be very, very random. It is taking somewhat random numbers and feeding them through hash functions that make them even more random. It is running statistical routines on the results to make sure that they contain no hidden patterns. It has breathtakingly high standards for randomness, and it will not stop asking Randy to whack on the keyboard until those standards are met.

The longer the key you are trying to generate, the longer this takes. Randy is trying to generate one that is ridiculously long. He has pointed out to Avi, in an encrypted e-mail message, that if every particle of matter in the universe could be used to construct one single cosmic supercomputer, and this computer was put to work trying to break a 4096-bit encryption key, it would take longer than the lifespan of the universe.

"Using today's technology," Avi shot back. "that is true. But what about quantum computers? And what if new mathematical techniques are developed that can simplify the factoring of large numbers?"

"How long do you want these messages to remain secret?" Randy asked, in his last message before leaving San Francisco. "Five years? Ten years? Twenty-five years?"

After he got to the hotel this afternoon, Randy decrypted and read Avi's answer. It is still hanging in front of his eyes, like the afterimage of a strobe:

I want them to remain secret for as long as men are capable of evil.
 
2013-04-04 04:22:28 PM

barnacleboy: BBM was meant to be "untraceable" during the london riots. IIRC they tried to shut it down at one point
http://m.guardian.co.uk/media/2011/aug/08/london-riots-facebook-twitt e r-blackberry


And I know quoting myself is kinda lame but
"Technology adviser to Boris Johnson likens BBM service to 'text-messaging with steroids'."

http://www.dailymail.co.uk/news/article-2023924/London-riots-2011-Bla c kBerry-Messenger-shut-unbelievable.html
 
2013-04-04 04:23:11 PM

WhoopAssWayne: dittybopper: Meh. I can do better with paper and pencil, something not even the NSA can crack. Ever.

Dilettantes have been telling themselves that for millennia.


It's provably so.  

Better yet, it can be implemented without any resort to electronics.  This is a set of pads I generated with 10-sided dice and a manual typewriter:

i55.tinypic.com

Completely random.
 
2013-04-04 04:24:00 PM

lewismarktwo: Strategeryz0r: WalkingCarpet: What if the DEA cracked the encryption and want all drug dealers to use iMessage now thinking it's safe?

[i.imgur.com image 246x245]

Inception!

That's what I'm thinking.


You'll notice how little time the security agencies spend spreading warnings about how they can't read, say, PGP/GPG-coded messages.  Not sure if that's just a case of 'really, nobody uses it except extreme geeks', or a case of 'let's not entice criminals to use those tools'.
 
2013-04-04 04:25:32 PM

WhoopAssWayne: dittybopper: Meh. I can do better with paper and pencil, something not even the NSA can crack. Ever.

Dilettantes have been telling themselves that for millennia.

It's long been rumored that Microsoft has placed backdoors in Windows for government surveillance. They've never denied this as far as I know. Given the kind of pressure the US government can exert, I don't think anyone would be surprised if they did the same to Apple. This could just be a clever false flag operation. Convince drug dealers and other criminals to use something they know to be cracked wide open, like say iMessage, versus using a service with strong, open source encryption.


What encryption method does iMessage use?  Is it a stream or block cipher?  What is the key strength?  While encryption is mathematically complicated, the concepts of use are not.

Additionally, while I don't expect you to name the "backdoors" you allege Microsoft products contain, (so Windows, Active Directory etc), can you explain how it would communicate benefit the government?  Even if Windows was written by the government, how do you expect to snoop on protected communications?  Other than kernel-based key-logging (which is both unlikely and uni-directional), how exactly would Microsoft relay your traffic to the government?

You mentioned dilettantism.
 
2013-04-04 04:25:44 PM
Lev_Astov: "So, what this means is that iMessage is actually the easiest thing for them to spy on and they want everyone who's doing illicit business to use it, right?"

Or they're about to make (yet another) play to regulate government backdoors in all encrypted communication and need to pretend like they can't do their job or stop so much as the corner dope dealer without it.  Which is more likely.  Because, again, criminals use burners.
 
2013-04-04 04:25:48 PM

THX 1138: Nowadays the laptop has only one function for Randy:


Not sure if you know this, but Stephenson published a collection of short works last year. I'm reading it now and it's worth picking up if you're a fan.
 
2013-04-04 04:27:42 PM
Um... messages are usually sent to be easily read so I really don't want all kinds of custom encryption on my messages so nothing else but an Apple machine can read it. My messages are not very interesting or incriminating anyway.

Encryption is not hard. Use a globally unique identifier as a key and no one will ever, ever decrypt your message without some kind of 'back door'... just don't lose that key.
 
2013-04-04 04:28:14 PM

dittybopper: It's provably so.


Can it stand up to Rubber Hose Cryptanalysis?
 
2013-04-04 04:29:33 PM

mrlewish: You mean they totally have the encryption keys to iMessage and just want you to think that they can't crack it.  Matter of fact if you are to something nefarious they would kindly ask you to use iMessage since this will streamline their wiretaps a good bit.


it isnt that they cant crack it. They need physical access to the device. They are biatching that they can't just demand the info from the provider. They will actually have to get a warrant to search the device.
 
2013-04-04 04:30:16 PM

WhoopAssWayne: THX 1138: Nowadays the laptop has only one function for Randy:

Not sure if you know this, but Stephenson published a collection of short works last year. I'm reading it now and it's worth picking up if you're a fan.


Are you referring to  Some Remarks?  I was curious about it, but held off on buying it because I wasn't sure if it'd be as good as his full-length fiction.  Might have to pick it up on the way home from farking all day er, I mean work.
 
2013-04-04 04:31:24 PM

Sword and Shield: dittybopper: HR MSG NR 1 GR 9 BT
05231 05231 90079 02269 13953  55743 44189 77571 89058
AR

Okay, I'll ask. I know the layout- that's likely Enigma code. How does one set the machine to decode it, if you know the reel settings?


Google *one time pad*

Then look at DITTY's profile to decypher.
 
2013-04-04 04:33:28 PM
Heh, yeah. That's what they want you to think.
 
Displayed 50 of 140 comments

First | « | 1 | 2 | 3 | » | Last | Show all

View Voting Results: Smartest and Funniest


This thread is closed to new comments.

Continue Farking
Submit a Link »






Report