cyber security

APPLE vs The FBI

Posted on by Helena

The Apple vs FBI controversy is gaining momentum and deserves a better overview. It’s implications are not nearly as simplistic as the media is framing:

The San Bernardino case is being used as the catalyst to require that Apple provide a backdoor for the FBI on all iphones in order to combat terrorism. Apple is refusing, claiming that it would be a violation of privacy laws. The media is divided.

The iphone in question is ‘encrypted’. That means that unless you have the key or code you cannot access the data. The encryption protects your personal data, it protects you in the event of theft, and it protects the data on your phone from being hacked. Just as your computer has security features for hacking protection.

There is also available a security feature that erases the data on the phone if the password attempt is incorrect after so many tries. The FBI is demanding that Apple create software that will allow them to correctly guess the password within the range of tries before the security feature erases the data. This software would thus work on any and every iphone – everywhere.

What is interesting is the notion that this feature would only be available to the FBI when in fact, software hackers around the world would be then able to then duplicate – replicate the backdoor and have access to CIA agents, FBI agents, police, civilians and governments…

Given the NSA, cyberwarfare and a technology future, why wouldn’t the FBI simply write the software program themselves? Have other countries already developed the software themselves? While the FBI claims that it is only interested in this one specific iphone (the San Bernardino terrorist’s), Apple has offered to hack the phone for the FBI for free – and still the FBI refuses, because in reality, what they want is access to all.

While Apple continues to state that it will personally hack this one particular phone and the FBI continues to state that it doesn’t want an all inclusive ‘backdoor’, no one seems to be moving forward. If in fact the FBI is not looking for a backdoor then why wouldn’t they accept Apple’s compromise to specifically hack this one phone?

Because words are being played.

According to CEO, Tim Cook, Apple does not have the capability to hack the erase feature of its security. Thus, in essence the FBI is asking for Apple to create a new piece of software that would disable this feature. While the FBI adamantly denies that is their intent, it would be the outcome.

This is not the first time the FBI has requested greater access to privacy. Currently, the FBI is required to obtain a warrant to hack a computer, but they have been attempting to steamroll that security as well.

The argument being misapplied is, “if you don’t have anything to hide, why would you care?”.

I care because it is a violation of our Constitutional right to privacy… The IV Amendment to the Bill of Rights states:

The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.”

This is the basis for obtaining and issuing a warrant. Apple has stated it will hack into this one phone on behalf of the FBI to the best of their ability, but abridging the rights of all persons could actually subject Apple to lawsuits as being in violation of the IV Amendment.

Software is like an A-bomb – once created, it can be used for good – and it can be used for evil.

Giving the government unprotected access to everyone’s privacy without a warrant, or probable cause, is Big Brother, and I already have one, his name is Bobby.

Cyber Warfare – The New World War

Posted on by Helena

Cyber Security Attacks are the mainstay – they come from every nation in the WORLD! It would appear that even the smallest, most obscure countries are cited as having cyber warfare capabilities. Attacks are fairly common on individuals, on identity theft, on governments and the military. Electrical grids are also a fairly common target, but this past Christmas was the first time that the attack on a grid was successful. It happened in Ukraine, and the malmare took out 3 towers and shut down electricity to 700,000 residences.

While the intention was for the attack to occur during the Christmas Eve and Christmas Day celebrations, apparently the hackers didn’t know that Ukraine celebrates Orthodox Christmas on January 7th. This would indicate the hackers were not informed of Ukrainian customs, ie Orthodox Christianity.

Security ‘experts’ love to point fingers as to who is the Hacking Team, when even in some of the more unsophisticated instances the source could not be determined. Speculations are rampant and usually refer to whomever is the latest craze of bad guy. There was never any evidence to support the Sony hack coming from North Korea, but they are a bad guy and so the US accepted the accusation as proof positive.

I imagine the hackers get quite a laugh at the schoolkid routines, ‘who’s on first’ type of deductive reasoning.

There is a hacking tool readily available online that allows the user to hack an auto’s controlboard. It costs $25. This is something anyone can utilize.  And most likely have.

For years, individuals in Ukraine were hacking into hundreds of US companies giving them insider information for Wall Street trades. They made over $100 million, it took an informant to get the US onboard despite a trail of cyber attacks, and four of the men involved have still not been found.  That is not – good.

It’s a schoolyard bullying tactic of you hack me and I hack you back times 10. The US hacks and nothing, Germany, France, UK, China, Russia, Syria, Saudi Arabia, Iran, Ukraine, EVERYONE has joined the party. So what can a country do? It can upgrade its poor systems and hire the best of the best to mitigate and try to be one step ahead at the very least. But everything we do, everything we own, everything that comprises our daily life is now governed by computers vulnerable to hackers.

Russia claims that the slippery slope of cyber warfare included 57 million attacks it suffered last year. Government officials are banned from using Google and WhatsApp as a result and Russia has begun the process of creating its own parallel networks to operate alongside the public internet in order to safeguard from attacks levied from ‘abroad’. This will serve to enhance security while allowing global connectivity.

The US still lives within a punitive instead of solution based reaction. Sanctions against countries appear to our deterrent, which of course, has absolutely no effect whatsoever because a) we don’t know who is really doing the hacking and b) the countries just don’t care anymore – sanctions are primitive at best.

While we threatened China and we threatened Russia and we threatened North Korea, we didn’t threaten anyone else. Why?   Have our threats resulted in a lessening of attacks?  Not even close!

When we know that cyber warfare is very real and very threatening, why don’t we acknowledge that it can come from within our allies, ourselves, our coups, and beyond? What good is sanctioning? It attempts to define an evil and thus give us a source of hatred, but it doesn’t – solve the problem!

It’s the same logic we use when looking at inserting Muslims into assimilation within the US. While we say that not letting them in will only give them the impetus to join ISIS, we fail to understand that isn’t a good deterrent…  as in promise you won’t behead us and we’ll let you live off welfare forever.

Our logic has and is failing miserably.

How is it that we, the greatest economy in the world, are failing at cyber warefare? For one thing, we didn’t anticipate, we saw the threat as small, and we underestimated its potential. Trying to catch up to our competitors when they are far advanced in their IT capabilities is much like chasing a flood with one sandbag. It might deter one or two drops, but the damn – she is a flooding!

In the meantime – pointing fingers and slapping on sanctions is like swatting a dinosaur with a flyswatter. Ain’t going to happen.