If you can read this, either the style sheet didn't load or you have an older browser that doesn't support style sheets. Try clearing your browser cache and refreshing the page.

(Apple Insider)   U.S. Drug Enforcement Agency openly frustrated that they cannot crack Apple's iMessage encryption to listen in on suspects   (appleinsider.com) divider line 140
    More: Spiffy, DEA, encryption, Mac computers, Internet Crime Complaint Center  
•       •       •

9628 clicks; posted to Main » on 04 Apr 2013 at 3:56 PM (1 year ago)   |  Favorite    |   share:  Share on Twitter share via Email Share on Facebook   more»



140 Comments   (+0 »)
   
View Voting Results: Smartest and Funniest

Archived thread

First | « | 1 | 2 | 3 | » | Last | Show all
 
2013-04-04 06:12:50 PM  

ringersol: Or they're about to make (yet another) play to regulate government backdoors in all encrypted communication and need to pretend like they can't do their job or stop so much as the corner dope dealer without it. Which is more likely. Because, again, criminals use burners.


That's disturbingly likely, actually, considering the anti-hacking and computer security bills they're "just now preparing" for the north korean situation..
 
2013-04-04 06:14:29 PM  
The thing about backdoors is...it's all plaintext when it hits the CPU tubes.
 
2013-04-04 06:14:30 PM  

WhoopAssWayne: dittybopper: Meh. I can do better with paper and pencil, something not even the NSA can crack. Ever.

Dilettantes have been telling themselves that for millennia.

It's long been rumored that Microsoft has placed backdoors in Windows for government surveillance. They've never denied this as far as I know. Given the kind of pressure the US government can exert, I don't think anyone would be surprised if they did the same to Apple. This could just be a clever false flag operation. Convince drug dealers and other criminals to use something they know to be cracked wide open, like say iMessage, versus using a service with strong, open source encryption.


They repeatedly deny such conspiracy theories.

http://borepatch.blogspot.com/2009/11/microsoft-no-nsa-back-door-in-w i ndows-7.html?m=1
 
2013-04-04 06:16:10 PM  
Jury nullification is all you need to know.
 
2013-04-04 06:17:49 PM  

mrmopar5287: UnspokenVoice: You don't happen to have any evidence of this, do you?

All I do is look back to when I thought "A telecom company would NEVER just hand over their internet traffic to the government.  They have respect for privacy in the responsibility they have when carrying private communications."

And we all know how that turned out.  So why would you expect Microsoft to have unimpeachable morals?


Your examples bear no similarity and this has nothing to do with morals. A telco handing data to the government is no more surprising than an ISP doing the same, and we all know they do so. Microsoft would cooperate in the same manner if they possessed user data on file that the government desired, of that I have no doubt. Intentionally building a point of entry into an operating system? Hell no. It would entirely obviate any attempts at security from that point forward. Also, do you think the US government would be using operating systems on it's own computers (some containing extremely sensitive data) that has a backdoor they know exists? Why do we have to develop malware like Flame or Gauss if we already have theoretical access to every computer running Windows worldwide? We could crack open Iran and China like a pistachio in a hardware shredder. By that same token, they could do the same to us and I promise you the US Government would be having NONE of that.

As I mentioned in an earlier post, there are a multitude of zero-day exploits out there that can be used to accomplish anything a built-in backdoor would. If you want to say that there are exploits that MS is aware of and that they have not patched at the behest of the US government, I could maybe find some credulity for you but there is just no way there is a functional backdoor in any version of Windows that was placed there specifically at the request of the government.

Sorry, ain't buying it.
 
2013-04-04 06:21:21 PM  
Is there any software that an Android user can purchase to block the DEA or anyone from listening in on your device?
 
2013-04-04 06:21:52 PM  
Hm.

Very very good to know.
 
2013-04-04 06:26:35 PM  

namatad: why wasnt DEA funding cut by 100%?
absolutely NOTHING would have changed and all that money would have been saved.

I guess that is a question for the small government people. 
WHY does the DEA exist?


To keep private prisons at capacity.
 
2013-04-04 06:26:51 PM  

A Shambling Mound: Also, do you think the US government would be using operating systems on it's own computers (some containing extremely sensitive data) that has a backdoor they know exists?
Sorry, ain't buying it.


The government has their own custom distribution of Windows for their computers.  Something about the Air Force office of information technology does their own patching of exploits and has their own distributions that are rolled out onto government computers.  The US government has access to take the exploits out of their own computers (but leave it into the retail distributions sold to everyone else).

Why do we have to develop malware like Flame or Gauss if we already have theoretical access to every computer running Windows worldwide? We could crack open Iran and China like a pistachio in a hardware shredder.

You use malware like that for the petty stuff that you know will leak into the news, or be easily discovered.  That's plausible deniability stuff that can be jettisoned overboard when you need a disposable excuse to put on the news.  You save the deep, built-in exploits for serious spying: emergencies and other stuff that is so clandestine that it will NEVER be discussed outside the high-level people at the top.
 
2013-04-04 06:29:15 PM  
IF THEY'D ONLY GO AHEAD AND LEGALIZE APPLE ONLY THE DIRTY SINNERS WOULD DO IT.
 
2013-04-04 06:31:13 PM  

dittybopper: Rare is the person you wish to communicate with that you never meet.


there is strong medicine in your wampum
 
2013-04-04 06:40:55 PM  
Meh, I just load all my messages with hot words in my signature....words like:

nuclear
jihad
9-11
assassination
happy birthday
soon
obama
iraq
drones
sharia
babylon
destroy
ashes
vengance
allah
ruby ridge
virgins
martyr
bin laden

You know, just to clog up a few cycles at the NSA

/welcome to the watchlist, everyone in this thread
 
2013-04-04 06:56:15 PM  

mrmopar5287: A Shambling Mound: Also, do you think the US government would be using operating systems on it's own computers (some containing extremely sensitive data) that has a backdoor they know exists?
Sorry, ain't buying it.

The government has their own custom distribution of Windows for their computers.  Something about the Air Force office of information technology does their own patching of exploits and has their own distributions that are rolled out onto government computers.  The US government has access to take the exploits out of their own computers (but leave it into the retail distributions sold to everyone else).

Why do we have to develop malware like Flame or Gauss if we already have theoretical access to every computer running Windows worldwide? We could crack open Iran and China like a pistachio in a hardware shredder.

You use malware like that for the petty stuff that you know will leak into the news, or be easily discovered.  That's plausible deniability stuff that can be jettisoned overboard when you need a disposable excuse to put on the news.  You save the deep, built-in exploits for serious spying: emergencies and other stuff that is so clandestine that it will NEVER be discussed outside the high-level people at the top.


Wow, okay, I give up.  I will simply re-iterate one last time because I almost feel like it's just bouncing off - there is no government sponsored backdoor built into Windows. It is simply not there. It does not exist. It is a non-thing.

Also, I do not wish to sign up for your newsletter.
 
2013-04-04 07:13:26 PM  
Straight talk phones at Walmart are like 20$, they take no information other than a zip code to start up, use them for a month or two, only turn them on when you need to use them, and sell your drugs in peace.
 
2013-04-04 07:26:01 PM  

90supraT: Straight talk phones at Walmart are like 20$, they take no information other than a zip code to start up, use them for a month or two, only turn them on when you need to use them, and sell your drugs in peace.


www.american-buddha.com
 
2013-04-04 07:27:51 PM  

JohnnyRebel88: Is there any software that an Android user can purchase to block the DEA or anyone from listening in on your device?


In what sense?

If you're calling or getting calls from the standard telephone network, they're decrypted and turned into standard, unencrypted, 8kHz telephone audio somewhere along the line.  Which is tappable.

If you had two Android devices with the same end-to-end encryption software on them (which is out there), then it's as good as that encryption is against how good the listeners are, same as any other end-to-end-encryption.
 
2013-04-04 07:30:39 PM  

drjekel_mrhyde: I thought the #2 mobile OS was better, with all the anti virus programs you can download from Google play.
/Grabs popcorn and holds tight to my lumia 920


I'm so sorry that you bought a shiat phone.

/Not that I've ever tried one, but adverts, segments of TV paid for to put your product in its best light,  make the Lumia look shiat.
//Zune 2.0?
 
2013-04-04 08:01:13 PM  

Big_Fat_Liar: Uzzah: dittybopper: DanZero:
[imgs.xkcd.com image 448x274]

Assuming this is pointed at me, you can't be expected to remember a long string of random numbers that you destroyed immediately after use.

Makes it a lot harder for you to decrypt if you neither have nor can remember the key, though.

And sure, here's a block of text from a famous historical document encrypted according to my own uncrackable cipher:

1

Just try to crack that one, guys.

Done:

 Since, moveover, for God and the amendment of our kingdom and for the better allaying of the quarrel that has arisen between us and our barons, we have granted all these concessions, desirous that they should enjoy them in complete and firm endurance forever, we give and grant to them the underwritten security, namely, that the barons choose five and twenty barons of the kingdom, whomsoever they will, who shall be bound with all their might, to observe and hold, and cause to be observed, the peace and liberties we have granted and confirmed to them by this our present Charter, so that if we, or our justiciar, or our bailiffs or any one of our officers, shall in anything be at fault towards anyone, or shall have broken any one of the articles of this peace or of this security, and the offense be notified to four barons of the foresaid five and twenty, the said four barons shall repair to us (or our justiciar, if we are out of the realm) and, laying the transgression before us, petition to have that transgression redressed without delay. And if we shall not have corrected the transgression (or, in the event of our being out of the realm, if our justiciar shall not have corrected it) within forty days, reckoning from the time it has been intimated to us (or to our justiciar, if we should be out of the realm), the four barons aforesaid shall refer that matter to the rest of the five and twenty barons, and those five and twenty barons shall, together with the community of the whole realm, distrain and distress us in al ...


What?  Goddammit, I screwed up the math, forgot to carry the one and ended up with ten pages of Lorem Ipsum.

It's always the little things that screw up my code breaking attempts.
 
2013-04-04 08:08:23 PM  

vudukungfu: dittybopper: Meh.  I can do better with paper and pencil, something not even the NSA can crack.  Ever.

Just write it in Cherokee, then translate to Sandia man hieroglyph, then back into Navaho.


Then into WingDings.
 
2013-04-04 09:19:03 PM  

dittybopper: Meh.  I can do better with paper and pencil, something not even the NSA can crack.  Ever.


Have you been watching The Americans on FX? I love the old school spycraft in the show. The showrunner is ex-CIA officer, so I would expect it to be pretty accurate in terms of the spy stuff, aside from some artistic license and stuff that is changed for the sake of not revealing "trade secrets" that are still classified.
 
2013-04-04 09:48:04 PM  
what the hell am I doing wrong?

05231 05231 90079 02269 13953 55743 44189 77571 89058 (encrypted)
      05231 88254 83402 02029 48286 92288 75235 74209 (key)
            12825 29867 11934 17567 52901 02346 15859 (diff)
             des  ureto  crin  k yo  ura  bsint  he / (lookup from checkerboard table)
             bes  ureto  drin  k yo  uro  valti  ne / (presumed known correct output)
 
2013-04-04 09:54:17 PM  
The chair is against the wall.
The brown dog is wet.
The bell rings six times at night.

Break THAT code b*tches.
 
2013-04-04 09:58:07 PM  
posted while thinking too analytically - ok, I get the absinthe part, but still not sure why I get "de" instead of "be", and "crink" instead of "drink".
 
2013-04-04 10:10:27 PM  
I'm all for encrypting the whole Internet and anything on it or stored. If should be illegal to not encrypt any form of communications.
 
2013-04-04 10:15:34 PM  

mrmopar5287: UnspokenVoice: You don't happen to have any evidence of this, do you?

All I do is look back to when I thought "A telecom company would NEVER just hand over their internet traffic to the government.  They have respect for privacy in the responsibility they have when carrying private communications."

And we all know how that turned out.  So why would you expect Microsoft to have unimpeachable morals?


There were other large Telecom companies that were approached who did not participate with the government in that effort.  They weren't forced to participate because there weren't any legitimate warrants or subpoenas for this traffic.  If there were (legitimate) warrants, then everyone that was asked, would have been forced to participate and the backlash would have been strictly on the government and not on the carriers who succumbed to the pressure to cooperate.  My personal opinion is that gobs of money paying the best lawyers is what kept Microsoft from getting terribly damaged by all of the lawsuits the government has put on them over the years and not some form of quid pro quo.  There entire business would be shot to hell if it was ever found (and it would be eventually found) that back doors for the government were installed.  I don't think Microsoft has unimpeachable morals either.  I just think even they are not that stupid such that they would willingly participate in that kind of request.
 
2013-04-04 11:28:52 PM  
I guess just going to a judge, getting warrants and asking for Apple to send them transcripts just goes against the DEA's moral code or something.
 
2013-04-05 01:36:41 AM  

dittybopper: HR MSG NR 1 GR 9 BT
05231 05231 90079 02269 13953  55743 44189 77571 89058
AR


"Don't forget to drink your Ovaltine."

-Lawrence Pritchard Waterhouse
 
2013-04-05 01:51:19 AM  
Goddammit Tax Boy! I even "Ctrl-F"ed to make sure I wasn't stepping on toes. And you go hand encrypt your message in a jpg.

/-shakes tiny fist
 
2013-04-05 04:23:35 AM  

libranoelrose: UnspokenVoice: mrmopar5287: WhoopAssWayne: It's long been rumored that Microsoft has placed backdoors in Windows for government surveillance.

Rumored?  I think that's pretty much confirmed.  And not just surveillance: you can expect that Microsoft has NSA affiliated programmers hired into staff to put backdoors and zero day exploits into the code of every version of Windows.

You remember how that huge anti-trust case just disappeared?  It probably went something like this: NSA and other government people approached Bill Gates and flat-out told him that if MS agreed to hire X number of programmers into the core Windows team, they would make the anti-trust stuff go away.  Not that the G-men were going to do anything like steal trade secrets, but just to have them there for "emergencies" or other issues of National Security.  Like, oh, I don't know, maybe the day that they need to code a worm that can destroy some Iranian uranium centrifuges.

THAT is the way that Windows now works for out government to take advantage of when they need it.  Heck, for all we know the people in the Clinton Administration saw the future of cyber warfare, tried the pretty-please approach to get their people on the inside of MS, got turned down by Bill Gates, and the anti-trust case was blackmail to hammer Bill Gates into saying YES.

You don't happen to have any evidence of this, do you?

http://en.m.wikipedia.org/wiki/Windows_Metafile_vulnerability#section _ 6


LOL! That's, umm, some strange evidence.
 
2013-04-05 04:26:16 AM  

mrmopar5287: UnspokenVoice: You don't happen to have any evidence of this, do you?

All I do is look back to when I thought "A telecom company would NEVER just hand over their internet traffic to the government.  They have respect for privacy in the responsibility they have when carrying private communications."

And we all know how that turned out.  So why would you expect Microsoft to have unimpeachable morals?


See, no. I never thought that. I expected they'd hand data and access to the government because they're a shiatty company. Maybe I'm old and jaded but I wasn't the least bit surprised.
 
2013-04-05 04:29:10 AM  

A Shambling Mound: As I mentioned in an earlier post, there are a multitude of zero-day exploits out there that can be used to accomplish anything a built-in backdoor would. If you want to say that there are exploits that MS is aware of and that they have not patched at the behest of the US government, I could maybe find some credulity for you but there is just no way there is a functional backdoor in any version of Windows that was placed there specifically at the request of the government.


I could see MS denying a 0-day and not patching it back when they were much more lax but I can't see them keeping it unpatched at the behest of a governing body nor could I imagine a government body requesting such a thing for fear that they'd be liable to the same intrusion technique.
 
2013-04-05 07:36:29 AM  

WhoopAssWayne: dittybopper: It's provably so.

Can it stand up to Rubber Hose Cryptanalysis?


Absolutely.  Because you can't remember hundreds or thousands of random numbers you only saw once or twice, then destroyed.

No amount of beating is going to make you remember something you aren't capable of remembering.  That's one of the major features of a one-time pad:  Employed correctly, it's absolutely immune to all forms of cryptanalysis, including the kinetic forms.
 
2013-04-05 07:43:31 AM  

whither_apophis: Don't forget to burn the ribbon.


For well-worn fabric ribbons, you don't have to.  The palimpsest is too deep to extract useful information.  But if you want to be ultra-paranoid, well, typewriter ribbons are cheap, so go ahead.
 
2013-04-05 07:53:34 AM  

NutWrench: WhoopAssWayne: dittybopper: It's provably so.

Can it stand up to Rubber Hose Cryptanalysis?

This, If "any code can be cracked" then governments wouldn't pass laws to force YOU to give up your passwords: they would simply crack the encryption on your device without involving you at all. If the government wants your password, the only thing that's going to get cracked is your skull.

(Distributed.net use to run cracking contests. It took 10,000 computers nearly 3 months to brute-force a 56-bit key. 128 bit keys are the current minimum standard for Internet banking and programs like truCrypt can encrypt with 4096 bit keys. )


Consider this:  One-time pads use a key the same length as the sum total of the lengths of all the messages added together, and the key is completely random so no amount of analysis can ever be used to divine a pattern because there is none.

If you try to brute-force a solution, all you will do is generate every possible solution of the same length.  Was the message "Kill Bill", "Kiss Kate", or "Flew away", or any other possible combination that length?  No way to tell.  Ever.
 
2013-04-05 08:01:02 AM  

i squared: what the hell am I doing wrong?

05231 05231 90079 02269 13953 55743 44189 77571 89058 (encrypted)
      05231 88254 83402 02029 48286 92288 75235 74209 (key)
            12825 29867 11934 17567 52901 02346 15859 (diff)
             des  ureto  crin  k yo  ura  bsint  he / (lookup from checkerboard table)
             bes  ureto  drin  k yo  uro  valti  ne / (presumed known correct output)


This is a case of your presumptions getting in the way of your solution.  Look up the part I bolded on Wikipedia.

Also, I appeared to make a couple of mistakes.  I was rushing.
 
2013-04-05 08:02:38 AM  

Mad_Radhu: dittybopper: Meh.  I can do better with paper and pencil, something not even the NSA can crack.  Ever.

Have you been watching The Americans on FX? I love the old school spycraft in the show. The showrunner is ex-CIA officer, so I would expect it to be pretty accurate in terms of the spy stuff, aside from some artistic license and stuff that is changed for the sake of not revealing "trade secrets" that are still classified.


Don't watch it.  Don't really need to, actually.  I'm an ex-SIGINT weenie (google the term "ditty bopper").

/Don't have cable, either.
 
2013-04-05 08:10:35 AM  

i squared: posted while thinking too analytically - ok, I get the absinthe part, but still not sure why I get "de" instead of "be", and "crink" instead of "drink".


Mistakes on my part.  I was doing it quickly, while working on other, less cool tasks.  I destroyed the worksheet (actually, an instance of notepad that I didn't save), so I can't say whether my mistake was in the math, or whether it was a mistake in looking up the equivalents in the straddling checkerboard, or both.

In real life, though, mistakes like that often happen in communications.  Go ahead and look at the e-mails and texts you've received lately.  I'm betting there are some typos in there.
 
2013-04-05 08:15:32 AM  

vudukungfu: dittybopper: Rare is the person you wish to communicate with that you never meet.

there is strong medicine in your wampum


That's what she said.
 
2013-04-05 02:42:16 PM  

UnspokenVoice: A Shambling Mound: As I mentioned in an earlier post, there are a multitude of zero-day exploits out there that can be used to accomplish anything a built-in backdoor would. If you want to say that there are exploits that MS is aware of and that they have not patched at the behest of the US government, I could maybe find some credulity for you but there is just no way there is a functional backdoor in any version of Windows that was placed there specifically at the request of the government.

I could see MS denying a 0-day and not patching it back when they were much more lax but I can't see them keeping it unpatched at the behest of a governing body nor could I imagine a government body requesting such a thing for fear that they'd be liable to the same intrusion technique.


The reality is that I agree with you entirely. If the Gov't came to MS and said "Hey, there's this exploit we like, can you keep it?" I would fully expect MS to say "Hey, thanks for letting us know. No."

I was just trying to give the tinfoil-hatterati a little slack.
 
2013-04-06 05:23:41 AM  

A Shambling Mound: UnspokenVoice: A Shambling Mound: As I mentioned in an earlier post, there are a multitude of zero-day exploits out there that can be used to accomplish anything a built-in backdoor would. If you want to say that there are exploits that MS is aware of and that they have not patched at the behest of the US government, I could maybe find some credulity for you but there is just no way there is a functional backdoor in any version of Windows that was placed there specifically at the request of the government.

I could see MS denying a 0-day and not patching it back when they were much more lax but I can't see them keeping it unpatched at the behest of a governing body nor could I imagine a government body requesting such a thing for fear that they'd be liable to the same intrusion technique.

The reality is that I agree with you entirely. If the Gov't came to MS and said "Hey, there's this exploit we like, can you keep it?" I would fully expect MS to say "Hey, thanks for letting us know. No."

I was just trying to give the tinfoil-hatterati a little slack.


I get it. It appeared that you were indicating that they'd leave it open for the government and that just seems way too unlikely to me.
 
Displayed 40 of 140 comments

First | « | 1 | 2 | 3 | » | Last | Show all

View Voting Results: Smartest and Funniest


This thread is archived, and closed to new comments.

Continue Farking
Submit a Link »






Report