BC CRIME
Saved by @Mollyycolllinss

My students @maxzks and Tushar Jois spent most of the summer going through every piece of public documentation, forensics report, and legal document we could find to figure out how police were “breaking phone encryption”. 1/

 This was prompted by a claim from someone knowledgeable, who claimed that forensics companies no longer had the ability to break the Apple Secure Enclave Processor, which would make it very hard to crack the password of a locked, recent iPhone. 2/
We wrote an enormous report about what we found, which we’ll release after the holidays. The TL;DR is kind of depressing:

Authorities don’t need to break phone encryption in most cases, because modern phone encryption sort of sucks. 3/
I’ll focus on Apple here but Android is very similar. The top-level is that, to break encryption on an Apple phone you need to get the encryption keys. Since these are derived from the user’s passcode, you either need to guess that — or you need the user to have entered it. 4/
Guessing the password is hard on recent iPhones because there’s (at most) a 10-guess limit enforced by the Secure Enclave Processor (SEP). There’s good evidence that at one point in 2018 a company called GrayKey had a SEP exploit that did this for the X. See photo. 5/
There is really no solid evidence that this exploit still works on recent-model iPhones, after 2018. If anything, the evidence is against it.

So if they can’t crack the passcode, how is law enforcement still breaking into iPhones (because they definitely are)? 6/
The boring answer very likely is that police *aren’t* guessing suspects’ passcodes. They’re relying on the fact that the owner probably typed it in. Not *after* the phone is seized, in most cases. Beforehand. 7/
You see, iPhones can be in one of two states, which are respectively known as “Before First Unlock” (BFU) and “After First Unlock” (AFU). This is pretty self-explanatory.

When you turn your phone on and enter the passcode in the morning, you switch your phone from BFU->AFU. 8/
When you first unlock your iPhone after power-on, it uses your passcode to derive several sets of cryptographic keys. These stay in memory inside your phone, and are used to encrypt the file system. 9/
When you lock your iPhone (or press the button on the side, or leave it alone until the screen goes blank), exactly *one* set of keys gets “evicted”, ie erased from memory. Those keys are gone until you enter your passcode or use FaceID.

All of the other keys stay in memory. 10/
The key that gets evicted on lock is used to decrypt a subset of the files on the filesystem, namely the ones that have a specific protection class (NSComplete). The keys that don’t get evicted can be used to decrypt all the other files.

(This is all well-known so far BTW.) 11/
So the upshot of this is that, if police can capture your phone in the AFU state (yours is almost certainly in that state for 99% of its existence) *and* they have a software exploit that allows them to bypass the OS security measures, they can get most of the files. 12/
The real question is: what exactly does “most of the files” mean, and the corollary is “why not protect *more* than just a few of the files with that special key (the one that gets evicted)”. That’s where things get depressing. 13/
Apple *sort of* vaguely offers a list of the apps whose files get this special protection even in the AFU state. But notice how vague this language is. I have to actually decode it. 14/
Notice how this text simply reports that some app data is “protected through encryption” (this is vague and meaningless, since it doesn’t say whether it’s AFU or BFU) and other app data is explicitly only protected in the BFU state (before you first unlock.) Why so vague? 15/
Here is a version of the same text from back in 2012. Notice how it explicitly states that “Mail, App Launch images, and Location Data” are protected using the strongest type of encryption.

So it seems that Apple is actually protecting *less* data now than in 2012. Yikes. 16/
(Our most likely guess: Apple has weakened the protections on location data in order to enable fancy features like “location based reminders”. So they had to weaken the language in the security guide. This isn’t great.) 17/
But whether you look at the 2012 or 2020 data, the situation sucks. The built-in apps that definitely use strong AFU protection are:

Mail (which probably already exists on a server that police can subpoena, so who cares.)

App launch data (🤷‍♂️)

That’s not great. 18/
3rd party apps can opt-in to protect data using the strongest type of encryption, so this isn’t necessarily the whole story. But let’s list some data that *doesn’t* get AFU protection:

Photos
Texts
Notes
Possibly some location data

Most of what cops want. 19/
So this answers the great mystery of “how are police breaking Apple’s encryption in 2020”. The answer is they probably aren’t. They’re seizing unlocked phones and using jailbreaks to dump the filesystem, most of which can be accessed easily since keys are in memory. 20/
Oh my god my thumbs. 21/
Anyway, this leaves basically only one remaining question:

Why is so little of this data encrypted when your phone is AFU and locked? And the answer to that is probably obvious to anyone who develops software, but it still sucks. 22/
Most apps like to do things in the background, while your phone is locked. They read from files and generally do boring software things.

When you protect files using the strongest protection class and the phone locks, the app can’t do this stuff. It gets an error. 23/
Apple provides some tools to make this less painful: for example, they have a “write only” protection class.

But for the most part it’s annoying for software devs, so they lower protections. And if Apple *isn’t* using strong protection for its in-house apps, who will? 24/
If I could tell Apple to do one thing, I would tell them to figure this problem out. Because without protection for the AFU state, phone encryption is basically a no-op against motivated attackers.

Maybe Apple’s lawyers prefer it this way, but it’s courting disaster. 25/
For those who would prefer to read this thread in the form of a 65-page PDF that also discusses cloud backup systems and Android, here is our current paper draft: https://t.co/k3Qw0DNIoI

This will be on a pretty website soon. Thanks for not blocking me after this thread. // fin

More from Crime

Corry Wang
Corry Wang
@corry_wang
1/ In September 1993, then-Microsoft exec Nathan Myhrvold wrote his landmark memo "Road Kill on the Information Highway", laying out a dozen-ish predictions on the rise of the internet

27 years later, I think it's a super interesting case study. Let's evaluate the predictions -


2/ PREDICTION #1: The rise of a surveillance society - police bodycams, CCTV, 24/7 personal recording, and deepfakes

GRADE: A-

Pretty close!


3/ PREDICTION #2: Telecommuting, an end to the "tyranny of geography" and gerrymandering

GRADE: B-

Alas, the electoral college still matters today. The WFH prediction hits closer, but turns out it took two and a half decades + a pandemic to get things going


4/ PREDICTION #3: Telco convergence - phone companies become cable providers and vice versa

GRADE: A-

Honestly this one was a bit of a layup, although it took 15 years longer than anyone expected


5/ PREDICTION #4: The rise of online neo-banks

GRADE: C

Three decades later, and physical banks still exist. Neobanks have a presence in emerging markets, UK, and basically nowhere else. Regulatory inertia: officially a thing
CRIME
EFCC Nigeria
EFCC Nigeria
@officialEFCC
EFCC Docks Man for Alleged Investment Fraud in Calabar


The Uyo Zonal Office of the Economic and Financial Crimes Commission (EFCC) on Wednesday December 2, 2020, arraigned one Joseph Stanley Okputu before Justice Imelda Etape of the State High Court, Calabar, Cross River State for ponzi scheme.

He was arraigned on a two-count charge, bordering on obtaining by false pretence and stealing to the tune of N600,000.00 (Six Hundred Thousand Naira) only.

One of the charges read, "That you, Okputu Joseph Stanley ("M") on or about 6th of August 2018 in Calabar within the jurisdiction of this honourable court, fraudulently converted to your own use the sum of N600,000.00 (Six hundred thousand naira), belonging to Anietie Ekong...

...meant to be invested in bitcoin/forex trading package and to be returned to him with 80% interest on the fortieth (40th) day of the investment,"...
CRIME
Advertisement
SamSays
SamSays
@samjawed65
Now that CBI has charged the 4 Hathras accused for gang rape and murder, let us look at how the ‘honor killing, no rape’ narrative was echoed by the entire BJP ecosystem. Thread 1/n👇

Republic: “now that it appears there was no rape, leave alone gang rape...some people are suggesting it could be case of honor killing. Needs to be investigated.” 2/n


BJP Mahila Morcha’s national social media in charge. Wherever there is misleading narrative being built, you are sure to find her there. 3/n.


BJP loyalists started getting ‘hints’. One with ‘facts’ in the handle name even declared “Hathras- No Rape” 4/n


BJP supporters dutifully circulated a random video as ‘new facts coming out’. 5/n
CRIME
Dr. Hadar Aviram
Dr. Hadar Aviram
@aviramh
While we'll be celebrating New Year's Eve, thousands of terrified people will languish in cages, locked up by institutional actors who are deliberately indifferent to the grave risks to their health and safety. Here's a brief summary of my 2020 professional activities.

Early 2020: With the indispensable help of @lindar, I migrate #CaliforniaCorrectionalCrisis to https://t.co/mk2kUVD1XB, which would become the one-stop-shop for the COVID crisis in CA prisons.

February 2020: My book #YesterdaysMonsters, about the hurdles in the path of aging, infirm people seeking parole, comes out. It becomes a frightening omen of things to come in ways I couldn't imagine at the time.

In March it became evident that the only way to prevent an impending catastrophe was to release people. I started collecting resources.

In early April, I linked between the atrocity of Susan Atkins' last hearing and the impending doom of thousands sentenced to death by COVID. It was obvious that the optics of releasing so-called "violent inmates" was going to sabotage relief efforts.
CRIME
Forecast 432Hz
Forecast 432Hz
@Forecast432hz
Breaking Thread: D5 MEMORY LANE & OUTLOOK
In this thread we will cover the different meanings behind D5 and what the near term might have in store for us.

D5 Multiple Meanings & Outlook:
1. Events that took place on 5th Dec 2018
2. Date of DNI Report regarding unmaski*g of Gen. Flynn.
3. CF Investigation re: Crim*s Against Humanity
4. D5 Forecast 432Hz (Ongoing Investigation re: Election Frau*)

1. Lets warm up with 2 Year Delta Drop 2549:
Role of Huber (as portrayed by 'Q')? What are the odds that Huber would be scheduled to testify re: Clint*n Foundation on D5? What are the odds GHWB passes away and the State Funeral date is on D5? What other interviews and

investigations were wiped clean (postponed) given a STATE FUNERAL takes up media coverage for a week? Why does the FAKE NEWS media [largest in the world] continually attack 'Q'? Why is the WASH POST leading the attack? Think ABC agency. When you are awake you can SEE CLEARLY.

My take: DS tried to cover up Huber BOOM via Funeral Date, but they didn’t realise D5 meant something else…👇
CRIME

You May Also Like

William
William
@wimgz
🛠️ OPEN BUSINESS IDEAS 🛠️

Below a list of business/product ideas I had or read about.

They are worthless if they remain ideas and if you don't overcome the challenges in building them, so feel free to copy / tweak / implement them!
👇

Better: use one and make a MVP during the #24hrstartup challenge!

😻 Product Hunt Time
A clock that displays the time it is @ProductHunt
Also displays what you should do and where you should post, at each specific time during your launch

🚧 IndieCrunch - VC free tech news
Techcrunch but only for bootstrapped companies

🎧 Kickstarter for audiobooks
A lot of awesome books are not available as audio.
Crowdfund the money to buy the audio rights + a voice actor
MAKERS
Hector Navarro
Hector Navarro
@Hectorisfunny
I'm going to attempt to chronologically list all of the Marvel characters Stan Lee had a hand in creating. Working with his genius collaborators, Stan and his team produced an insane amount of iconic characters in a roughy ten year period. (Thread)


With his younger brother, writer Larry Lieber, and Jack "the King" Kirby:

Groot

Tales to Astonish #13 (November, 1960)


With writer Lieber, and artist Kirby:

Fin Fang Foom

Strange Tales #89 (October, 1961)


With the King, Stan gives birth to the Marvel Universe:

The Fantastic Four

Fantastic Four #1 (November, 1961)


With Jack Kirby:

Mister Fantastic

Fantastic Four #1 (November, 1961)
CULTURE
Advertisement
Anu Satheesh \U0001f1ee\U0001f1f3
Anu Satheesh 🇮🇳...
@AnuSatheesh5
Cherthala Karthyayani Kshetram
#Alappuzha, Kerala
#KeralaTemples 🚩

Cherthala Karthyayani Temple Prathishta was done by Vilwamangalam Swamy. Chertala Pooram is very famous. Devi is Mangalya Dayini here removes obstacles relating to marriages. Sthala Puranam says that, once 👇


Vilwamangalam Swamiyar was passing this area after Prathista of Padmananbhaswamy Temple, he felt Devi chaitanyam and recognized as Karthyayani Devi. But Devi seeing Vilwamangalam went inside the pond. Swamy searched for Devi continously for 6 days and on 7th day Vilwamangalam


got hold of Devi's hair. Thus only Devi's head is Prathishta here. Devotees do Kozhi parathal ( offering cock) here as an offering to Karthyayani Devi.

Karthyayaniamme Sharanam
🙏🕉🙏
ALL
Simon DeDeo
Simon DeDeo
@SimonDeDeo
One thing that goes unremarked about Wikipedia: the vast majority of the content was written over 12 years ago—which means (given turnover) that the editors dominant today were not directly involved in that creation.

Put another way, the editors who built the dominant nodes in this network...


...have little overlap with the ones who made this much more recent managerial flowchart.


Internet time runs at hundred-fold speed—the difference between the people who painted what's in the Uffizi, and the people in charge of keeping those paintings from deteriorating. Very different tasks, and (one presumes) very personalities as well. @PaulSkallas?
ALL
sriram
sriram
@SriramKannan77
'Treasure Gods' - Sangha Nidhi' and 'Padma Nidhi', Tirumala, Tirupati.

------------------------------------

These are the two guards guarding the Wealth and Treasure of Lord Sri Venkateswara.

They are representatives of two treasures of Kubera, the God of Wealth.


One guard who is holding shangam (conch) on both the hands is known as Shanka Nidhi ('nidhi' means wealth).

On the other side, the guard who is holding Lotus flowers on both the hands is known as Padma nidhi.

Shangu is from the ocean which includes all types of wealth like pearls and corals.

Why shagam in his hand? Because shangam only gives the sound of 'omkaram'.

'Padmam' is the symbol of water sources in land like river, lakes, tanks etc. which is very important for all living beings.

As per the tradition, these guards are installed at the third entrance of the temple.

One enters the holy shrine after saluting the first protection threshold - Sankha Nidhi and Padma Nidhi.
ALL