Archive for FBI

Newer Entries »

Cost To Unlock An iPhone If You’re The FBI: $900K USD

Posted in Commentary with tags , on May 8, 2017 by itnerd

It’s now come to light that the FBI paid $900K USD to a group of iPhone hackers (likely Cellebrite) to unlock the iPhone that belonged to the San Bernardino shooter according to Senator Diane Feinstein had inadvertently given out the number during the Senate Judiciary Committee hearing with FBI Director James Comey. Let me supply you with the visual evidence below. Feinstein’s oops moment comes at the 2 hour and 55 minute mark:

//www.c-span.org/video/standalone/?427708-1

What’s interesting about this is that they paid $900K to get absolutely nothing as nothing of value was found on the phone. And started a legal war with Apple in the process because Apple refused to unlock the phone. Not to mention that The Associated Press, Vice Media, and USA Today have taken the FBI to court over the the fact that the law enforcement agency isn’t serving up details on this topic. Thus I have to wonder if this was all worth it in the end.

Leave a comment »

FBI Says That Method Used To Access iPhone Only Works On A Few Models

Posted in Commentary with tags , on April 7, 2016 by itnerd

Here’s a couple of interesting pieces of info that FBI director James Comey dropped in a speech at the Biennial Conference at Kenyon University that CNN attended. First he said this about the tool that was used to access the iPhone 5c of San Bernardino shooter Syed Farook:

“The people we bought this from, I know a fair amount about them, and I have a high degree of confidence that they are very good at protecting it, and their motivations align with ours,” he said.

So that adds some validity to the use of a tool from Cellebrite who specializes in this sort of thing. He also said this:

The FBI director also said the purchased tool worked only on a “narrow slice of phones” that does not include the newest Apple models, or the 5S.

I think I know why that might be the case. Anything that uses the Apple A7 processor or newer has something called the “secure enclave” which is defined as follows in this Wikipedia article:

The A7 also includes an area called the “Secure Enclave” that stores and protects the data from the Touch ID fingerprint sensor on the iPhone 5S and iPad mini 3. The security of the data in the Secure Enclave is probably enforced by ARM’s TrustZone/SecurCore technology.

If you really want to go in depth on this, Apple has a guide that goes into a lot of techy nerdy detail here [Warning: PDF]. Page 7 is where you want to start reading about the “secure enclave” (though I found the entire document to be very intersting. But my thinking is that the “secure enclave” that is part of the A7 or newer chips makes it difficult if not next to impossible (at least at present) for Cellebrite or anyone else to hack into an iPhone. Thus, it leads me to believe that the fist time a iPhone 5S or higher needs to be unlocked by the FBI, Apple’s lawyers are going to get a phone call.

Leave a comment »

Help The FBI To Find 250 Sextortion Victims

Posted in Commentary with tags , on July 11, 2015 by itnerd

Here’s the good news. Lucas Michael Chansler is a 26-year-old sexual predator that was sentenced to 105 years in prison after pleading guilty to multiple counts of child pornography production. The reason why this scumbag is in jail is because he tricked roughly 350 teenage girls from 26 states into giving him explicit pictures of themselves by posing as a teen boy and befriending them online before threatening to distribute the photos on social media. That’s where the bad news starts. There are 250 victims that the FBI has not been able to identify.

That’s where you come in. The FBI has posted a list of aliases, email addresses, MySpace accounts and AIM logins that this scumbag used. So if you suspect that you, or someone you know, may have been victimized by this scumbag, contact the FBI or NCMEC right away. Because it’s really important that these victims are found and given the help that they need.

To highlight how important this is, watch this video with FBI Special Agent Larry Meyer who is the man responsible for taking this scumbag off the streets:

Leave a comment »

Source Of Apple Device IDs Revealed: NBC

Posted in Commentary with tags , , , on September 10, 2012 by itnerd

You might recall that a ton of device IDs linked to Apple devices that threaten iDevice users everywhere. The FBI denied that they were the source for this leak. And it turns out that they were telling the truth. NBC has the source identified:

Paul DeHart, CEO of the Blue Toad publishing company, told NBC News that technicians at his firm downloaded the data released by Anonymous and compared it to the company’s own database. The analysis found a 98 percent correlation between the two datasets.

“That’s 100 percent confidence level, it’s our data,” DeHart said. “As soon as we found out we were involved and victimized, we approached the appropriate law enforcement officials, and we began to take steps to come forward, clear the record and take responsibility for this.”

At least the company behind this is taking responsibility for this. But it also really goes to the heart of what Antisec said last week. Whatever. It’s still a clear and present danger to iDevice users out there. That’s something that still needs to be addressed.

Leave a comment »

Hacker Group antisec Claims Hack Of FBI Laptop Proves FBI Tracking Apple Users [UPDATED]

Posted in Commentary with tags , , , on September 4, 2012 by itnerd

Here’s something that will not make Apple users freak. I’ll let the Toronto Star tell you the details:

Internet activists claim to have hacked more than 12 million identification codes for Apple devices from an FBI agent’s laptop and have posted instructions on online bulletin board Pastebin on how to access one million of the user IDs.

Known as the Anti Security Movement, or Antisec, the group said on a Twitter account belonging to the Anonymous “hacktivist” collective that many of the IDs come complete with the device owner’s personal information.

In a blog post Tuesday that included attacks on security agencies, Antisec said it withheld information such as names, phone numbers and addresses, but left enough for “users to search for their devices.”

The group did not indicate that bank account numbers or passwords were included.

“During the second week of March 2012 a Dell Vostro notebook used by supervisor special agent Christopher K. Stangl from FBI regional Cyber Action Team and New York FBI Office Evidence Response Team was breached using the AtomicReferenceArray vulnerability on Java,” Antisec said in the post.

“Some files were downloaded from his desktop folder; one of them with the name of NCFTA_iOS_devices_intel.csv turned out to be a list of 12,367,232 Apple iOS devices including unique device identifiers (UDIDs), user names, name of device, type of device, Apple push notification service tokens, zipcodes, cellphone numbers, addresses, etc.”

Antisec said it published the alphanumeric IDs to call attention to the possibility that the FBI had used or was planning to use the information to track citizens.

The FBI was quick to deny this. Here’s what the CBC said:

“The FBI is aware of published reports alleging that an FBI laptop was compromised and private data regarding Apple UDIDs was exposed,” the agency said in a statement Tuesday afternoon.

“At this time, there is no evidence indicating that an FBI laptop was compromised or that the FBI either sought or obtained this data.”

So the question is, whom do you believe? It really doesn’t matter as even if this is half true, it’s something to be concerned about. If you want to see if you’re on the list, you may want to start here for what the group posted. Advance warning, it’s not for the average person. Hopefully someone will take this data and come up with an easy way to search it.

UPDATE: My wish has been granted. Here’s an easy way to see if you’ve been affected.

Leave a comment »

Newer Entries »