Skip to comments.
Internet firms to be banned from offering unbreakable encryption under new laws
The Telegraph UK ^
| 02 Nov 2015
| By Tom Whitehead, Security Editor
Posted on 11/03/2015 11:58:52 AM PST by Swordmaker
click here to read article
Navigation: use the links below to view more comments.
first previous 1-20, 21-40, 41-59 last
To: Still Thinking
Either I'm on crack, or they came up with some new permutation math, or that's supposed to be 223^144. ;) Brain Fart.
41
posted on
11/03/2015 2:14:31 PM PST
by
Swordmaker
( This tag line is a Microsoft insult free zone... but if the insults to Mac users continue...)
To: I want the USA back
The government wants to know everything about everybody.People forget that 'the Government' is nothing more than the guy down the street who works for the IRS or the post office...
'The Government' is your neighbors, people who have no business having any authority over you.
You would not let your neighbor snoop in your business, nor should you let 'The Government'.
42
posted on
11/03/2015 2:22:54 PM PST
by
IncPen
(Not one single patriot in Washington, DC.)
To: Swordmaker
The Investigatory Powers Police State Bill
43
posted on
11/03/2015 2:25:57 PM PST
by
familyop
("Dry land is not just our destination, it is our destiny!" --"Deacon," "Waterworld")
To: Still Thinking
But knowing the UUID, for a person known to have a four-character passcode, couldn't they just brute force the 223^4 possible combinations of that with the UUID, hash, and find the one that matches? 223^4 is 2.47x10^6, so that's still a lot, but not past the death of the universe or anything. Nope, the key will be 132 characters of which any of the characters can be any of 223 possible characters. . . The four digits can appear any where in the 132 characters. As I understand things, they do not know this UUID. . . or where the four passcode characters were entangled in this UUID or how. . . and the UUID and the entangled passcode are only the basis for creating the key, not the key itself.
There is an algorithm that actually creates the key. All of this occurs inside the A9 processor and is never allowed outside of the processor. HASHes of all of this are kept in the Secure Enclave portion of the Processor which is not accessible from outside the processor.
44
posted on
11/03/2015 2:26:25 PM PST
by
Swordmaker
( This tag line is a Microsoft insult free zone... but if the insults to Mac users continue...)
To: IncPen
"People forget that 'the Government' is nothing more than the guy down the street who works for the IRS or the post office...
'The Government' is your neighbors, people who have no business having any authority over you.
You would not let your neighbor snoop in your business, nor should you let 'The Government'."
That's the best description of what's going on.
45
posted on
11/03/2015 2:28:04 PM PST
by
familyop
("Dry land is not just our destination, it is our destiny!" --"Deacon," "Waterworld")
To: DesertRhino
And indulge me one more question. How does this affect or not effect data stored in the cloud? If you are backing up to the cloud, if they cannot open your phone, cant they essentially get that data from the provider?
Or does the encryption reach that deep? The same key is used to encrypt what leaves the iOS device and is sent to the iCloud. Apple gets pre-encrypted data. According to the white paper I read on the subject, Apple then takes the pre-encrypted data from the user, splits in four pieces entangles it with four other users according to an algorithm, encrypts it again with another 256 bit AES encryption to which they DO have the key, and then store it on their or leased servers. When the customer wants his data back, the process is reversed, his data is extracted and sent back. If the government requests data with an appropriate search warrant, Apple will provide them with the encrypted files, but will help no further, meeting the letter of the law. In other words, they get a pile of un-decypherable gobble-de-gook, useless without the users' key and ONLY decipherable on the user's device, where the original UUID is available. (Grin). They have to have BOTH pieces PLUS the algorithm that makes the key. Without all three, either piece and even both are useless. Essentially the white paper stated that any decryption had to be done on the device it was created on.
They also stated there's an increasing delay in each attempt at trying to do it. . . slowing down the process if they do attempt passcodes by brute force on the device. . .
46
posted on
11/03/2015 2:35:52 PM PST
by
Swordmaker
( This tag line is a Microsoft insult free zone... but if the insults to Mac users continue...)
To: Swordmaker
Oh OK, so I guess we're talking about encryption for stuff stored on the phone and stuff that can be transmitted already encrypted and not decryptable by anything other than that phone, IOW the key never needs to get transmitted anywhere and is built from a UUID no one else knows.
If that's the case, then it makes sense. If they can get the UUID, then I stand by my previous question. Obviously, having put the entanglement algorithm into the phone, they know what the rules are and can recreate the steps, given the UUID. But if they don't know and can't discover the UUID, then it should be secure.
47
posted on
11/03/2015 2:38:57 PM PST
by
Still Thinking
(Freedom is NOT a loophole!)
To: Swordmaker
Essentially the white paper stated that any decryption had to be done on the device it was created on. That's what I inferred would have to be the case but didn't realize they'd actually implement that (given that you can't decrypt on another Apple device that you own, etc.).
48
posted on
11/03/2015 2:42:15 PM PST
by
Still Thinking
(Freedom is NOT a loophole!)
To: DiogenesLamp
There’s a good selection of Android side-load apps for various types of encryption on FDroid
49
posted on
11/03/2015 2:49:25 PM PST
by
FourPeas
("Maladjusted and wigging out is no way to go through life, son." -hg)
To: Swordmaker
He said terrorists, paedophiles and criminals must not be allowed a "safe space" online. By that same logic, people should be able to be stopped and searched at any moment. Wouldn't want to give terrorists, paedophiles and criminals a "safe space" on the roads, sidewalks, their homes or anywhere else.
50
posted on
11/03/2015 2:51:27 PM PST
by
FourPeas
("Maladjusted and wigging out is no way to go through life, son." -hg)
To: FourPeas
Thereâs a good selection of Android side-load apps for various types of encryption on FDroid It has been discovered that Android keeps the keys in an unencrypted Text file in a Library outside of any locks and not even hidden. If one knows where to look, even the unlock key is there. They found even Samsung's Knox key in it. . . after they were given the US government's OK for full access secrets. OOPS.
51
posted on
11/03/2015 3:03:48 PM PST
by
Swordmaker
( This tag line is a Microsoft insult free zone... but if the insults to Mac users continue...)
To: Swordmaker; null and void
52
posted on
11/03/2015 3:10:25 PM PST
by
Tolerance Sucks Rocks
(Democrats and GOP-e: a difference of degree, not philosophy)
To: Swordmaker
53
posted on
11/03/2015 3:30:24 PM PST
by
Swordmaker
( This tag line is a Microsoft insult free zone... but if the insults to Mac users continue...)
To: Swordmaker
It is time to discuss personal issues only when sitting next to a nice waterfall.
54
posted on
11/03/2015 4:18:00 PM PST
by
GingisK
To: Swordmaker
David Cameron has declared himself a fascist NWO pig and sealed his fate. He can either stay in Britain and be hanged as a traitor or try to flee the country and end up brutalized and shot dead on the hood of an SUV like Qaddhafi. The NWO is going down, and it will be very bloody for them and their families.
To: 109ACS; aimhigh; bajabaja; Bikkuri; Bobalu; Bookwoman; Bullish; Carpe Cerevisi; DarthDilbert; ...
This is an Apple suit, but I'm sure the results will apply to all smart devices. - ANDROID PING!
Android Ping!
If you want on or off the Android Ping List, Freepmail me.
56
posted on
11/03/2015 8:05:14 PM PST
by
ThunderSleeps
(Stop obarma now! Stop the hussein - insane agenda!)
To: dfwgator
Carrier pigeons?
That’s why wind farms have been erected.
57
posted on
11/03/2015 9:57:58 PM PST
by
Scrambler Bob
(Using 4th keyboard due to wearing out the "/" and "s" on the previous 3)
To: vette6387
To: Swordmaker
59
posted on
11/13/2015 12:23:33 PM PST
by
Southack
(The one thing preppers need from the 1st World? http://tinyurl.com/ktfwljc .)
Navigation: use the links below to view more comments.
first previous 1-20, 21-40, 41-59 last
Disclaimer:
Opinions posted on Free Republic are those of the individual
posters and do not necessarily represent the opinion of Free Republic or its
management. All materials posted herein are protected by copyright law and the
exemption for fair use of copyrighted works.
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson