Thread: The Feds Can Now (Probably) Unlock Every iPhone Model In Existence
View Single Post
  #55  
Old March 2nd 18, 03:52 AM posted to rec.photo.digital,comp.sys.mac.system,comp.sys.mac.apps
Eric Stevens
external usenet poster
  
Posts: 13,611
Default The Feds Can Now (Probably) Unlock Every iPhone Model In Existence
On Thu, 1 Mar 2018 18:02:39 -0800, ultred ragnusen
wrote:

Davoud wrote:

This conversation entirely misses the point. As I have pointed out, the
"threat" does not come from the US government, which is utterly
uninterested in what you do on-line.

You bring up a valid point, which is that the US Government is probably one
of the minor threats we US citizens face - but it's one whom we /pay/
hard-earned dollars to /protect/ us, where they take the easy way out by
surveiling us instead.

Amazon, Facebook, Google, and myriad other commercial enterprises, on
the other hand, are very much interested in what you are doing on-line
and they have the means of tracking you.

True that.

Again, the weak link in /all/ consumer mobile devices is the same in this
case in that Amazon isn't ever going to go frontal with a brute-force
attack on nospam's vaunted encryption algorithm, which forms the imaginary
basis of his entire belief system.

Got a medical condition and
using the Internet to learn more about it? Noted. Interested in buying
a car? Noted. Traveling? Location and dates noted.* In fact, anything
and everything that could conceivably enable a commercial enterprise
make a few pennies from your personal information is noted.

True dat.

Everything is tied together by the commercial aggregators, such that the
metadata /is/ the data, where, again, I simply posit that, despite the
brand X marketing mantra that nospam loves to spew, /all/ consumer-grade
mobile devices suffer from the same set of weak links.

You keep saying that but I'm not sure that you are entirely correct.
All of Qualcomm's more advanced processors make use of embedded
hardware to protect against side channel and other attacks. I believe
Apple may employ their own hardware for similar protection. Qualcom
are still selling their lower grade processors so it is inevitable
that there are many devices out there which are relatively
unprotected.

But it's not on a list under your name that someone prints out and has
fun reading; printer paper is not sold in 1000km rolls. The data is in
a virtually instantaneous computer-to-computer transaction in which an
intermediary enables targeted ads on your Internet-connected devices.

True that.

And, worse, the data is /stored/ somewhere, where it makes a juicy cache
for someone /else/ to steal.

As I recall, even your debug logs to Microsoft were being intercepted and
stored, and sifted through for data such as your Ethernet MAC address (I'd
have to look that one up).

Hence, I posit, the weak link in /all/ consumer-grade computing devices is
the same, despite brand X's admittedly obvious attempt to make it's loyal
but extremely gullible customers believe that a frontal brute-force attack
is the main danger.

A few days ago I googled air fares to London. Within *seconds* web pages
that I visited were peppered with ads for airlines, rental cars, and
hotels.

True that. The solution is difficult but it's like the solution to the most
common cause of brake judder - which isn't to change the hardware or
software, but to change your browsing habits (e.g., VPN, proxy, nyms,
headers, etc.).

*Travel: if you have an E-ZPass or equivalent the issuer knows every
time you go through a toll booth. For that matter, authorities know
when you go through a toll booth even if you choose to use a slow lane;
your license plate is read by a camera.

Yup. I once got a ticket for being in a lane on i580 near Livermore that I
didn't even know was a toll lane, as the highway must be 8 lanes wide on
each side at that point, so I was just cruising along with no traffic
visible in the photo at a non-commute time.

The ticket was based merely off my license plate since there's no way I'd
ever have those electronic payment systems in my vehicle. (I wonder, if you
have one, can you easily turn it off? Or do you have to Faraday it?)

How it is that the paranoids ignore commercial trackers and worry about
a disinterested government, I do not know. But then, I'm not paranoid.

I'm not sure whom you're speaking about, but I agree with all your
sentiments, where you have to remember almost all the responses from me
were regarding nospam's marketing-inspired allegation that Brand X phones
are safer simply because of the expense of the frontal attack, which would
only realistically be done by a gobment organization.

Outside of nospam's obvious blind allegiance to Brand X marketing mantra,
you'll see me exhibit the same sentiment you do, which is that the threat
is from a wealth of well-funded sources, such that no phone line is any
safer than any other.

All you can do to combat this threat is constant "privacy hygiene", such as
changing IP addresses, changing nyms and email addresses, changing IMEI
numbers, changing locations, providing false data, changing your
vernacular, etc.

Privacy is expensive.
--

Regards,

Eric Stevens