The MacValley blog


Welcome to the MacValley blog, your first stop for all the latest MacValley news and views.


Tom Briant

The MacValley blog

Editor: Tom Briant


Click here to email Tom

Click here for Tom's profile



To search the blog posts please use the box below

Sunday, February 28, 2016

Senior Correspondent Arnold Woodworth's Weekly Web Wrap-up for February 28,2016

This is the exclusive Apple merchandise you can only get at its Silicon Valley campus
Special Apple mugs, T-shirts, hats, notebooks, etc., none of it available anywhere except Apple headquarters in Cupertino.
In typical Apple style, everything is pricey: The mugs are $25 for a small one, $29 for a large one, and $29 for the stylish water bottles.
As Update Looms, Apple 12-inch MacBook Gets Steep Discounts -- Typically $300 Off
Sounds like Apple is clearing out inventory before the new models are introduced.
Man killed after tracking down his stolen iPhone

A 23-year-old man in Alabama has become the latest person to follow a phone-tracking app all the way to his grave.

Read the letter Tim Cook wrote to Apple employees
As individuals and as a company, we have no tolerance or sympathy for terrorists. When they commit unspeakable acts like the tragic attacks in San Bernardino, we work to help the authorities pursue justice for the victims. And that’s exactly what we did.

This case is about much more than a single phone or a single investigation, so when we received the government’s order we knew we had to speak out. At stake is the data security of hundreds of millions of law-abiding people, and setting a dangerous precedent that threatens everyone’s civil liberties.

As you know, we use encryption to protect our customers — whose data is under siege. We work hard to improve security with every software release because the threats are becoming more frequent and more sophisticated all the time.

Some advocates of the government’s order want us to roll back data protections to iOS 7, which we released in September 2013. Starting with iOS 8, we began encrypting data in a way that not even the iPhone itself can read without the user’s passcode, so if it is lost or stolen, our personal data, conversations, financial and health information are far more secure. We all know that turning back the clock on that progress would be a terrible idea.
The FBI's iPhone Problem: Tactical vs. Strategic Thinking
If they could put cameras in every home and business on the planet, they'd find a way to do it. That would solve a lot of the tactical challenges of being able to catch people who commit crimes. What gets missed is that strategically, it also would open the door to far more crimes.
Would you agree to a process that would make it easier to catch a criminal if that same process made it far more likely you'd be a victim of a crime? What if I added the fact that the smart criminals likely would figure out how to game the new process, and the dumb criminals likely would get caught anyway (because they are dumb).
The value of information on a backdoor into all iPhones -- essentially a master key -- could be worth millions of dollars, making it nearly impossible to protect.
This is an ongoing problem -- not only with law enforcement, but with management in general. There is a tendency to create a strategic problem by thinking tactically. In this case, FBI officials need to get into one phone. It is very important to them. However, creating a backdoor would compromise some -- or possibly all iPhone users.

The investigators can't protect the iPhone users who then would be open to attack, but they don't see that as a problem, because they would not be held accountable for it, and they are missioned to gain access to one particular phone.

If we went down a list of the folks who were most likely to be compromised, it would include the First Family, many in Congress, and likely not an insignificant number of FBI families. Yet this path still appears reasonable to the FBI, because the folks who would benefit would not be held accountable for the resulting problems.

Apple is on the other side. It won't sell more phones if that one iPhone is compromised, but if all iPhones are made insecure as a result, its sales will crater.
In effect, the U.S. law enforcement effort has become a force multiplier for the terrorists, due to a persistent failure to think strategically. Investigators don't balance the cost of the collateral damage they could cause with the value of the information they are likely to get.
Apple's FBI Battle Is About the Gadgets We Haven't Even Thought of Yet
Machines are becoming far more personal. They're getting smaller and lighter; they are with us all day. In a relative blink of history, computers went from taking up entire rooms to being a thing we wrap around our wrists.

And they're taking on more tasks all the time; increasingly personal tasks at that. They are handling our financial transactions, monitoring our bodies, and even conversing with us using real language. They are taking over the ways we interact our vehicles, and soon enough will take complete control of them.

The line between software and meatware will only continue to blur. I have little reason to doubt that the scorching hot wearables space will—in the not crazy future—give way to implantables. That may seem like a sci-fi step too far for many, but mark my words, this is a thing that will happen.

The first time someone is injured when a self-driving car is commandeered by a bored hacker in Ukraine, people will stop using that brand of self-driving car. The same goes for the first time someone breaks into the fitness tracker being monitored by your doctor; the supposedly secure wireless payment platform; or yes, the implantable device you can't easily remove.

Hackers and bad players have always been with the Internet. As technology drags both our minds and bodies further into The Matrix, consumers will only want to do business with companies that take the security of our most intimate selves very seriously.
Apple Is Right: The FBI Wants to Break Into Lots of Phones
After Apple’s lawyers revealed that the agency is trying to gain access to about a dozen devices, it’s becoming increasingly clear why the government chose to take the San Bernardino case public.

The FBI may be winning the public-relations battle it’s fighting with Apple alongside the ongoing legal conflicts. According to a poll that Pew Research conducted over the weekend, most Americans think Apple should honor the FBI’s request to unlock Farook’s iPhone. But now, Apple has a new arrow in its quiver: It can show that helping the FBI in California will have far-reaching consequences.
Apple faces at least 12 other All Writs Act orders to force it to unlock more iPhones
The dozen instances of All Writs Act demands bolster Apple's contention that the government has, and will likely continue, to use the aged law to compel assistance.
"Law enforcement agents around the country have already said they have hundreds of iPhones they want Apple to unlock if the FBI wins this case," Apple said.
Apple Is Wrong About Encryption
Reasonable professionals can accommodate both sides of the (privacy) principle-versus-protection argument – without simultaneously exposing the world to nefarious hackers or allowing terrorists and other criminals’ unfettered communication among themselves. If Apple and the technology industry cling to their unwavering privacy position – and the government clings to its indiscriminate position regarding access – no compromise is possible, and without compromise there’s no guarantee that terrorists and other criminals will be prevented from wreaking havoc on innocent citizens of the United States and other countries around the world, or that individual privacy will be protected.
Apple and the technology industry – and the governments trying to protect its citizens – must compromise.
Even iPhone owners believe Apple should unlock the San Bernardino shooter's iPhone
Apple is losing public support over whether it should help the FBI unlock the San Bernardino shooter's iPhone — and it seems even many iPhone owners disagree with Apple's stance on this issue.
Ex-NSA chief backs Apple on iPhone ‘back doors’
Retired four-star general Michael Hayden, who as director of the NSA installed and still defends the controversial surveillance program to collect telephone metadata on millions of Americans, says he opposes proposals to force Apple and other tech companies to install "back doors" in digital devices to help law enforcement.
Hayden says "the burden of proof is on Apple" to show that limited cooperation with investigators would open the door to broader privacy invasions. Apple is being asked not to decrypt information on the smartphone but rather to override the operating system so investigators could try an endless series of passwords to unlock it.

"In this specific case, I'm trending toward the government, but I've got to tell you in general I oppose the government's effort, personified by FBI Director Jim Comey,” Hayden said.
"Jim would like a back door available to American law enforcement in all devices globally. And, frankly, I think on balance that actually harms American safety and security, even though it might make Jim's job a bit easier in some specific circumstances.”
"But when you step back and look at the whole question of American security and safety writ large, we are a safer, more secure nation without back doors," he says. With them, "a lot of other people would take advantage of it."
Tim Cook is probably going to fail in his fight against the FBI, says Ian Bremmer
The entire world is trending toward zero privacy for anybody.
All businesses want to make money from total surveillance.
Governments want absolute power over the people via total surveillance.
The free-speech advocate behind Telegram just weighed in on Apple's spat with the FBI
This person who used encryption to fight oppression in Russia is now taking sides with Apple.
Pavel Durov inevitably sides with Apple and its CEO, Tim Cook.

"There’s always a risk that your iPhone can be stolen, and the people who stole it can use the data, your private photos, etc to blackmail you," he said. Forcing Apple to build tools to defeat its own security methods would set a dangerous precedent, he added.
Ford CEO leans toward privacy in Apple debate
Apple CEO Tim Cook: We found out about the FBI filing from the press
EFF to Apple Shareholders: Your Company Is Fighting for All of Us

There is no reliable way to build a pathway to undermine Apple’s security that will only let in good guys. And once it has built this path, there is no way that the law will limit Apple to using it on a single phone. Neither the technology nor the law supports this. As security expert Bruce Schneier said, either we all have security or none of us does.

This is about all of our safety and resisting government overreach. These are hard battles to fight—we know.  We [the EFF] have been fighting them for many years.

While it defies U.S. government, Apple abides by China's orders — and reaps big rewards

Apple Inc. has come out swinging in its pitched battle with the government on its home turf.

But when it comes to its second-largest market, China, the Cupertino, Calif., company has been far more accommodating.

Since the iPhone was officially introduced in China seven years ago, Apple has overcome a national security backlash there and has censored apps that wouldn't pass muster with Chinese authorities. It has moved local user data onto servers operated by the state-owned China Telecom and submits to security audits by Chinese authorities.

The approach contrasts with Apple's defiant stance against the FBI, which is heaping pressure on the company to decrypt an iPhone that belonged to San Bernardino shooter Syed Rizwan Farook.

The environment will get even tougher, Apple says, if the FBI prevails in seeking a so-called backdoor to Farook's phone. That could set a precedent for China's authoritarian leaders to demand the same in a country where Apple has never publicly defied orders.

"What's driving this is Apple's desire to persuade the global market, and particularly the China market, that the FBI can't just stroll in and ask for data," said James Lewis, senior fellow at the Center for Strategic and International Studies in Washington. "I can't imagine the Chinese would tolerate end-to-end encryption or a refusal to cooperate with their police, particularly in a terrorism case.”

Apple ... all data on the servers were encrypted and inaccessible to China Telecom.

China is introducing security laws that are so vaguely worded some fear it will require technology companies to provide source codes and backdoors for market access.

The ambiguity of China's security laws are designed to promote self-censorship.

Lawyer For Apple: 'What In The Law Requires Us To Redesign The iPhone?’

"What in the law requires us to redesign the iPhone, to rewrite code, to provide an Achilles' heel in the iPhone?” Ted Olson said. "It was designed to protect the secrecy and privacy of individuals who use the iPhone."

Olson said Apple has cooperated "in every way in every federal or state criminal investigation, up to the point that the law permits it" — but that writing software for the iPhone to make it less secure crosses the line.

Here’s the text of Apple’s latest court filing

Really understanding Apple's legal brief in the FBI case
Congress should get involved

The fight between Apple and the FBI over the security protections on the San Bernadino iPhone has been fierce for the past few weeks, but it’s mostly been a PR battle thus far. From a legal and procedural standpoint, only two things had actually happened until yesterday: the FBI filed a motion to compel Apple to help it bypass security restrictions on the phone, and a magistrate judge ordered the company to comply. But yesterday Apple filed a motion to vacate judge Sherri Pym’s order, which lays bare the company’s actual legal argument against building a special one-off version of iOS that would allow the FBI to unlock the phone with a brute-force attack on its passcode.

the actual substantive issue in this case is pretty simple: Does the government have the authority to order Apple to help unlock the phone based on statute or precedent? That’s the only question anyone’s trying to answer, since almost all the other facts in the case break decisively in the government’s favor: the government owned the phone, there’s a warrant, the guy was a terrorist asshole, etc., etc., etc. Apple doesn’t even really bring any of that up. The entire brief is focused on whether the government has the power to make Apple help law enforcement.

Lots of legal analysis here that is not in any other article of this issue.

Here's what it would cost Apple to help the FBI hack an iPhone
(or so some non-Apple experts claim)

This nightmare dream team of employees working full-time to create a big back door -- something CEO Tim Cook calls a "cancer" -- would only cost the company $100,939.

Apple makes clear that creating this "cancerous" code poses a huge risk for the company.

To keep this hack from ever leaving Apple's premises, Apple would probably house its "hacking department" in a new, highly-fortified containment lab. In a court declaration, Apple lawyer Lisa Olle said the company would "likely" build "one or two secure facilities" similar to a "Sensitive Compartmented Information Facility.”

Think: top-secret CIA compound.

Apple didn't provide any cost estimates, so CNNMoney consulted with licensed experts who build SCIFs. They said it would cost $25 million to build a new one. For two? That's $50 million.

Apple's really fighting this case on civil rights grounds. It claims the government can't be "conscripted... to do the government's bidding" and make everyone's iPhone "crippled and insecure."

At first glance, the issue seems simple: Why shouldn’t law enforcement have access to information that could help us hunt down other terrorists or even to help prevent other terrorist attacks in the future?

But this simplification overlooks the reason why companies have built their systems so securely to begin with: namely, to prevent criminals, terrorists and hackers from gaining access to our private and sensitive information. It’s a huge technological breakthrough that engineers are able to build systems so secure that even their own architects cannot break into them. And it’s why major players in the tech industry—from Facebook and Twitter to Microsoft and Google—are lining up to support Apple’s stance.

As Americans are increasingly living their lives online, it’s now become just as important for people to be able to secure their phones, laptops, credit card numbers, and accounts from intruders as it is to secure their homes.

Hackers have already stolen huge amounts of personal information (credit card numbers, social security numbers, bank account numbers) from both corporations and the Government.

Forcing Apple to manufacture new security vulnerabilities into its phones’ operating system in order to give the government access paves the way for these kinds of breaches to become all the more common. But even more alarming are the implications this decision would have for the online security of Americans for generations.

No one would say that Apple should obstruct justice or intentionally impede law enforcement’s attempts to bring perpetrators of heinous acts of violence to justice. But a company also shouldn’t be forced to deliberately weaken the integrity of their own products and subject millions of customers to security vulnerabilities in order to do so.

Whether tech companies like Apple can be forced to undermine their own products and whether they will have to leave a backdoor open for government—and whoever else may find it—in their products is currently a question left to the courts. But as Congress begins contemplating revisions to the 1789 statue upon which this court order is built, lawmakers must be sure to protect citizens’ right to privacy and preserve the integrity of the online security protocols that help keep us all safe.

Apple’s battle with the FBI is being talked about as a defining moment for privacy. And it is. But the real reason why is obscured by both sides’ rhetoric.

Apple says what makes this case different—a precedent that, once set, will bend tech firms to the government’s every future whim.

Yet the government’s claim is disingenuous too. It implies that everything is a continuum and there are no matters of principle.

The reality, however, is that everything we now consider a matter of principle—from the ban on insider trading all the way back to “thou shalt not kill”—was once a line drawn in the sand, and only over time became a mighty barrier. Principles don’t get made until someone says “enough.”

Apple has now said “enough.” Other tech companies are joining in. Principles aren’t enshrined because of a legal wrangle over a technological quirk. They’re enshrined because someone chooses to stand and fight for them.

Verizon takes Apple’s side in FBI showdown

Verizon Wireless, the largest mobile carrier in the United States, has strongly — and rather unexpectedly — stood up in support of Apple in its legal showdown with the FBI. In a statement, CEO Lowell McAdam said "Verizon is committed to protecting customer privacy and one of the tools for protecting that privacy is encryption." According to the chief executive, Verizon supports "availability of strong encryption with no back doors."

And just like Apple's Tim Cook, McAdam is pushing for a resolution to be decided by Congress rather than having the outcome determined by a single judge or behind closed doors. "The case with Apple presents unique issues that should be addressed by Congress, not on an ad-hoc basis," McAdam said.

Journalist Gets Hacked While Writing Apple-FBI Story

"That’s why this story is so important to everyone," says hacker, who was a fellow passenger on his flight.

When the flight took off, Steven Petrow’s stance on the matter was "I don’t really need to worry about online privacy," he writes for USA Today. "I’ve got nothing to hide. And who would want to know what I’m up to, anyway?" But by the time Petrow landed, he found out "in a chillingly personal way" just how much the outcome of the Apple-FBI battle matters to everyone. That’s because Petrow had been hacked mid-flight.

As the plane landed in Raleigh and Petrow got up to disembark, a passenger behind him revealed that he knew Petrow was a journalist and had just been working on the Apple-FBI story. The passenger even recited an email Petrow had received from a security expert back to him almost verbatim. This passenger knew all this information, he revealed, because he had hacked Petrow’s computer in-flight, as well as the computing devices of almost every other passenger on the plane.

"That’s how I know you’re interested in the Apple story," the hacker said. "Imagine if you had been doing a financial transaction."

The fact that Petrow was hacked mid-flight isn’t so shocking. It’s easy to get hacked on a public Wi-Fi network like Gogo. What was most shocking to Petrow was how this in-flight hacking clarified his stance on the Apple-FBI battle.

"My mind raced: What about my health records? My legal documents? My Facebook messages? That’s why this story is so important to everyone. It’s about everyone’s privacy," he writes. "I may have been wearing my jacket, but I felt as exposed as if I’d been stark naked."

Now just imagine what would happen if a backdoor into an iPhone was as easy to get through as the backdoor on a public Wi-Fi network.

"I realize now it's not that I have things that I need to hide but it is things that I expect to be kept private," Petrow said in a video speaking about the experience, "and it was disturbing and I have to say I’ve learned quite a bit."

Apple hires developer behind encrypted messaging app Signal

Apple has just made a big — and timely — hire, recruiting a developer behind encrypted messaging app Signal, perhaps best known for being Edward Snowden's chat app of choice. The developer, Frederic Jacobs, confirmed the news on Twitter.

Signal has earned strong marks from privacy researchers, and the app became more widely known after some evangelizing by Snowden.

JOHN MCAFEE: The NSA's back door has given every US secret to our enemies

Last year alone, the Defense Department was hacked. Using the NSA’s back door the Chinese walked off with 5.6 million fingerprints of critical personnel. The same back door was used to hack the Treasury Department on May 27th of last year in which millions of tax returns were stolen. And again, our most devastating hack as a nation was the Office of Personnel Management hack, in which 22 million sensitive files were stolen. The Chinese gained access through the Defense Department’s Juniper Systems and then using inter-operability with the Personnel Office, took what they wanted. Again, courtesy if the NSA’s back door.

Whatever gains the NSA has made through the use of their back door, it cannot possibly counterbalance the harm done to our nation by everyone else’s use of that same back door.

A hacker shows how you can take over security cameras and bank accounts with just an email

Great video.

If you dare a hacker to break into your accounts, chances are pretty high that you won't like the results.

Nissan Leaf Vulnerable to Hackers

Prominent security researcher Troy Hunt reported this week that it's possible to hack the Nissan Leaf electric car and take control of its heating and air-conditioning system.
The findings are part of a broader concern across the car industry into just how safe vehicles truly are. As cars become more connected and Internet connectivity is possible, hackers can run amok.
unsecured APIs allow anyone who knows the VIN number of a car to access non-critical features such as climate control and battery charge management from anywhere across the Internet. Additionally, someone exploiting the unauthenticated APIs can see the car's estimated driving range.

"The other main concern here is that the telematics system in the car is leaking all of my historic driving data," one security expert said in a blog post. "That's the details of every trip I've ever made in the car, including when I made it, how far I drove and even how efficiently I drove. This could easily be used to build up a profile of my driving habits, considering it goes back almost 2 years, and predict when I will be away from home. This kind of data should be collected and secured with the utmost respect for my privacy.”
Three Tax-Season Scams to Avoid
1)  The IRS will never demand money via E-mail.  But criminals pretending to be the IRS do.
     The IRS uses a quaint idea to initiate contact with a taxpayer:  Snail-Mail.
2)  The IRS will never demand money via the telephone.  But criminals pretending to be the IRS do.
3)  Criminals pretend to be charities approved by the IRS.
     Fortunately, the IRS has a tool to check on the status of tax exempt organizations.
Open Rights Group (ORG) is the British equivalent of the Electronic Frontier Foundation — a famous American advocacy group that protects civil liberties in the digital age.

Raspberry Pi, the wildly popular — and crazily cheap — single-board computer used to promote computer science education and beloved by hobbyists.

The company launched its smallest and cheapest computer yet in November 2015:The Raspberry Pi Zero, which retails for just £3.30, or $5. Predictably, it sold out immediately.

Apple, Samsung, Patent Fight Shows What's Still Wrong With Our Patent System

It’s easy enough to forget that the smartphone patent wars are still rumbling along.

Our problem is not this specific court ruling. Nor is it even the issue that was being battled over. The problem is the length of time it all took:

A 2014 verdict? But that’s two entire generations of phones ago! And that decision stems from the various suits originally filed in 2011. That’s five generations of this technology ago: and that’s what is wrong.

Again, our point here is not who is right and who is wrong, whether Apple should have beaten Samsung or vice versa. What we are concerned about is whether the patent system itself is fit for purpose. And it’s not entirely obvious that it is.

Inventing something is expensive.  Copying an invention is generally cheap.
Why would you spend $ Billions if three weeks later anyone could copy your new drug?

Our answer is that we deliberately invent something called intellectual property. This comes in various forms, patents, copyright and trademarks.

Most patent disputes are not about firms copying each other’s inventions but about two companies discovering simultaneously the next step in an innovative process. Yet patent law can’t easily handle that type of situation.

This Apple Samsung case is showing us another fault with the system. Yes, we want to protect real innovation from copying. Simply because we think that produces more innovation over time and thus makes us all richer. And we also want to allow as much derivative innovation as doesn’t interfere with that aim. For, don’t forget, we’ve invented this intellectual property idea entirely out of thin air, in order to achieve a goal. That goal being to maximise innovation. It’s no use people shouting “Oi ! I invented that!”. We don’t care: this is not about justice and righteousness, it’s purely a utilitarian calculation about how to make the future richer.

That other fault being shown is that whatever system we use to decide upon such issues must be timely. Taking 5 years to decide (assuming that there won’t be yet more appeals) in a market with a new generation of devices at least every year simply isn’t timely.

This stunning video lets you look in all directions as a fighter jet rockets off a Navy carrier

No comments:

Post a Comment



Blog Archive