From: Eric Stevens <eric.stevens@sum.co.nz>
Subject: Re: The Feds Can Now (Probably) Unlock Every iPhone Model In Existence
Full headers:
Path: news.netfront.net!goblin1!goblin2!goblin.stu.neva.ru!peer03.am4!peer.am4.highwinds-media.com!peer02.iad!feed-me.highwinds-media.com!news.highwinds-media.com!post02.iad!fx20.iad.POSTED!not-for-mail
From: Eric Stevens <eric.stevens@sum.co.nz>
Newsgroups: rec.photo.digital,comp.sys.mac.system,comp.sys.mac.apps
Subject: Re: The Feds Can Now (Probably) Unlock Every iPhone Model In Existence
Message-ID: <ahfh9d5rtgselibrhgh87qb85sutmr2lbj@4ax.com>
References: <O3ulC.173256$mJ1.28255@fx13.fr7> <ffo2veFk7uiU3@mid.individual.net> <280220181127370843%nospam@nospam.invalid> <barmar-14256C.11355828022018@reader.eternal-september.org> <wuqbb214bj13.12wc1uwm78r8x.dlg@40tude.net> <280220181333394546%nospam@nospam.invalid> <18rprvf1e3kqf.ewl8o6i04y7n$.dlg@40tude.net> <barmar-80C0B4.11295201032018@reader.eternal-september.org> <010320181409015883%star@sky.net> <lydbmkqc86f3$.1p6co9jwzyn5l$.dlg@40tude.net>
User-Agent: ForteAgent/8.00.32.1272
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Lines: 113
X-Complaints-To: abuse@easynews.com
Organization: Forte - www.forteinc.com
X-Complaints-Info: Please be sure to forward a copy of ALL headers otherwise we will be unable to process your complaint properly.
Date: Fri, 02 Mar 2018 16:52:03 +1300
X-Received-Bytes: 6351
X-Received-Body-CRC: 709304577
Print Article
Forward Article
On Thu, 1 Mar 2018 18:02:39 -0800, ultred ragnusen<ultred@ragnusen.com> wrote:

>Davoud<star@sky.net> wrote:
>
>> This conversation entirely misses the point. As I have pointed out, the
>> "threat" does not come from the US government, which is utterly
>> uninterested in what you do on-line.
>
>You bring up a valid point, which is that the US Government is probably one
>of the minor threats we US citizens face - but it's one whom we /pay/
>hard-earned dollars to /protect/ us, where they take the easy way out by
>surveiling us instead.
>
>> Amazon, Facebook, Google, and myriad other commercial enterprises, on
>> the other hand, are very much interested in what you are doing on-line
>> and they have the means of tracking you. 
>
>True that.
>
>Again, the weak link in /all/ consumer mobile devices is the same in this
>case in that Amazon isn't ever going to go frontal with a brute-force
>attack on nospam's vaunted encryption algorithm, which forms the imaginary
>basis of his entire belief system.
>
>> Got a medical condition and
>> using the Internet to learn more about it? Noted. Interested in buying
>> a car? Noted. Traveling? Location and dates noted.* In fact, anything
>> and everything that could conceivably enable a commercial enterprise
>> make a few pennies from your personal information is noted.
>
>True dat. 
>
>Everything is tied together by the commercial aggregators, such that the
>metadata /is/ the data, where, again, I simply posit that, despite the
>brand X marketing mantra that nospam loves to spew, /all/ consumer-grade
>mobile devices suffer from the same set of weak links.

You keep saying that but I'm not sure that you are entirely correct.
All of Qualcomm's more advanced processors make use of embedded
hardware to protect against side channel and other attacks. I believe
Apple may employ their own hardware for similar protection. Qualcom
are still selling their lower grade processors so it is inevitable
that there are many devices out there which are relatively
unprotected.
>
>> But it's not on a list under your name that someone prints out and has
>> fun reading; printer paper is not sold in 1000km rolls. The data is in
>> a virtually instantaneous computer-to-computer transaction in which an
>> intermediary enables targeted ads on your Internet-connected devices.
>
>True that.
>
>And, worse, the data is /stored/ somewhere, where it makes a juicy cache
>for someone /else/ to steal.
>
>As I recall, even your debug logs to Microsoft were being intercepted and
>stored, and sifted through for data such as your Ethernet MAC address (I'd
>have to look that one up).
>
>Hence, I posit, the weak link in /all/ consumer-grade computing devices is
>the same, despite brand X's admittedly obvious attempt to make it's loyal
>but extremely gullible customers believe that a frontal brute-force attack
>is the main danger.
>
>>  A few days ago I googled air fares to London. Within *seconds* web pages
>> that I visited were peppered with ads for airlines, rental cars, and
>> hotels.
>
>True that. The solution is difficult but it's like the solution to the most
>common cause of brake judder - which isn't to change the hardware or
>software, but to change your browsing habits (e.g., VPN, proxy, nyms,
>headers, etc.).
>
>> *Travel: if you have an E-ZPass or equivalent the issuer knows every
>> time you go through a toll booth. For that matter, authorities know
>> when you go through a toll booth even if you choose to use a slow lane;
>> your license plate is read by a camera.
>
>Yup. I once got a ticket for being in a lane on i580 near Livermore that I
>didn't even know was a toll lane, as the highway must be 8 lanes wide on
>each side at that point, so I was just cruising along with no traffic
>visible in the photo at a non-commute time. 
>
>The ticket was based merely off my license plate since there's no way I'd
>ever have those electronic payment systems in my vehicle. (I wonder, if you
>have one, can you easily turn it off? Or do you have to Faraday it?)
> 
>> How it is that the paranoids ignore commercial trackers and worry about
>> a disinterested government, I do not know. But then, I'm not paranoid.
>
>I'm not sure whom you're speaking about, but I agree with all your
>sentiments, where you have to remember almost all the responses from me
>were regarding nospam's marketing-inspired allegation that Brand X phones
>are safer simply because of the expense of the frontal attack, which would
>only realistically be done by a gobment organization.
>
>Outside of nospam's obvious blind allegiance to Brand X marketing mantra,
>you'll see me exhibit the same sentiment you do, which is that the threat
>is from a wealth of well-funded sources, such that no phone line is any
>safer than any other.
>
>All you can do to combat this threat is constant "privacy hygiene", such as
>changing IP addresses, changing nyms and email addresses, changing IMEI
>numbers, changing locations, providing false data, changing your
>vernacular, etc.
>
>Privacy is expensive.
-- 

Regards,

Eric Stevens