So what black magic did the FBI use to get into that iPhone anyway?

>How much is apple paying you?
10 million dollaroos.

I work in security field, however. anyone with half a brain will figure out how they cracked it.

1) phone locks up after a certain number of wrong password entries
2) it will even delete all its memory if it was set to do that
3) so to avoid that, you clone the storage chip
4) then you try passwords on clones until you find the 4-digit combination that works

but in iphone 5s+, that's impossible because whole storage is encrypted with a key stored in the CPU.

>BACKDOOR
kek'd. thanks for a laugh.

why don't you then collect the $1.5 million bounty then, genius?

wired.com/2016/09/top-shelf-iphone-hack-now-goes-1-5-million/

>uses iToy instead of a real phone
>calling anyone else a child

also, forensics:
zdziarski.com/blog/?cat=11

I don;t but I bet you're a windows kiddy.

besides, it's irrelevant what I use. arguments stand on its own.

It was backdoored from the start, and they had access to it from the start, but part of the deal with Apple (the US's biggest company) was that the government would have to make a big stink out of "not being able to" get into it, to help promote reputation and drive sales.

Dam nigga, hope that pay is good. I'm looking at the vulnerability that's essentially a backdoor right now. It doesn't require you to clone the nand chip or any fancy shit, just a cable and a computer. It's sad really, people put so much trust in apple and they fuck them in the ass every time and they like it.

its funny because you probably actually believe that

This, all that BS was just a PR stunt. Backdoors on iOS have been around for eons and is why that chinese dude down the street is rolling deep in benjamins today by unlocking "encrypted" iPhones.

Thank you ipanjeet, 5 turds have been deposited into your mouth.

>Dam nigga, hope that pay is good. I'm looking at the vulnerability that's essentially a backdoor right now. It doesn't require you to clone the nand chip or any fancy shit, just a cable and a computer. It's sad really, people put so much trust in apple and they fuck them in the ass every time and they like it.
collect the $1.5 mil then. lots of people claim they have a backdoor or a crack but they rarely walk the talk.

>Backdoors on iOS have been around for eons and is why that chinese dude down the street is rolling deep in benjamins today by unlocking "encrypted" iPhones.
hahahahahaha... this is what mentally ill and tech illiterate actually believe.

nigga, go and steal that shit from a chink dont the street and sell it to one of the forensics companies for $500k.

JESUS FUCKING CHRIST

those are remote and mostly affect webkit, safari and related programs/libs

>US government spends trillions of dollars to bail out major banks and auto manufacturers
>believing that same government wouldn't also do PR tricks (that cost $0) for a U.S. corporation even bigger than the bailed-out corporations

that's nothign. look at this one.

what's worse, there's millions of devices that are unpatched against most of these vulns.

no, they spend trillions on banks they would have no issue spending a couple million to pay an israeli firm to do it for them

grow a brain

>people actually unironically trust this joke of an OS

>it's okay, at least they use lube

Android is a MUCH bigger joke.

and if you think it's a joke, go crack it and collect $1.5million.

>thread about govt owning an iphone
>talks about remote vulns
context, fag
also, you should know that these days any crash that resembles a vulnerability is taken as such, even when few people, if anyone, really check if those are exploitable

>israeli firm

straight from the horse's mouth lol

how many more signs do you need that this is a cover up? lmao

Total vulnerabilities discovered:
>Android: 553
>iOS: 975
hmmmm

Android is also open source and vulnerabilities like these are quickly patched and updates are sent through OTA updates.

You remember the date bug? That shit wasn't patched for months.

theguardian.com/technology/2016/feb/12/setting-the-date-to-1-january-1970-will-brick-your-iphone-ipad-or-ipod-touch

Anyway Android isn't perfect but it's miles better than iOS in terms of security, usability, and useful features.

Ayy ya'll niggas should reset your routers/phones and leave this thread. I got a bad feeling we're being watched and there might be a snitch in this thread.

Nobody here post what the backdoor in the vulnerability list is.

it's not about the #, it's about severity. and patch time.

your'e aware that there's tens of millions android devices still vulnerable to stagefreight, right?

>Anyway Android isn't perfect but it's miles better than iOS in terms of security, usability, and useful features.
HAHAAHAH HAAHHAAHHAHAHAH HAHAHAHAHAH HAHAHAHAHAH HAHAHAHAHA... thanks for a laugh, Pajeet. That's a well deserved $0.25 that google paid you.

>You remember the date bug? That shit wasn't patched for months.
who cares. you had to set it yourself and 99.999% of ppl never did that. that's not an RCE that plagues almost every install of Android.

GeorgeJ.Tenet, Director of Central Intelligence (CIA), told Serbia's Counterintelligence Service (Kontraobavesajna Sluzba - KOS) about plateau d'Albion (Alps of Haute-Provence) frenchelon station : a sexually addicted to young soldiers sent C4I2 (OTAN Comand, Control, Communications, Computers, Inteligence & Interoperability)`s sensitive secured letters deciphered to Armed Islamic Group (GIA) !

Ask DoD-C3I (Command, Control, Communications, Intelligence)`s contact of Giat Industries greed & sadness & unhappiness Dpt via dtic.mil/ for Ref. SARA, Rapid Reaction, JSOFC3IP, Corporate Security, Electronic Surveillance.

Reconnaissance Office (NRO), told Serbia's Counterintelligence Service (Kontraobavesajna Sluzba - KOS) about Kourou (American continent) frenchelon station : a bad bad bad bad bad guy sent ISI (pakistan Inter-Service Intelligence)`s web based CGI proxys & Anonymizers logs to al-Qaida (Usama Bin Ladin) !

Ask 634th Military Intelligence`s contact of PricewaterhouseCoopers paramilitary forces Dpt via fsb.ru/ for Ref. USCOI, CID, BOP, FINCEN, FLETC, NIJ, ACC, AFSPC, BMDOSASSTIXS, NAVWAN, NRL, RL.

ITT: shills using every image in their shitposting kit

Dennis Richardson, Director-General of Security, Australian Security Intelligence Organization (ASIO), told Ukraine's Security Service (Sluzhba Bespeky Ukrayiny - SBU) about Mayotte (Indian Ocean) frenchelon station : a bad bad bad bad bad guy sent TsSR (NIS Tsienntral'naya Sloujba Razviedki)`s email addresses with logins & passwords to Basque Fatherland and Liberty (ETA) a.k.a. Euzkadi Ta Askatasuna !

Ask JMIC (Joint Military Intelligence College)`s contact of Verisign assassination Dpt via bundesnachrichtendienst.de/ for Ref. AADCCS, DABM, DAIRSDIA, DALATS, DALATS, DIFAX, PSM, SECMANs, tampering.

apple is collaborating with them, this resistance on their part is just theater to make us think that they aren't

Most likely NAND mirroring which has been proven to work. If you're asking me, I think they used a bootloader exploit. That would allow an attacker to easily flash a custom OS while bypassing signature checks. So here's how it works:

Red part
>ROM which is actually RO starts at the address of 0x0
>it copies itself over to DATA
>DATA is actually written to each time this happens
>DATA is writable from ROM, so fuck it, we can do it too
>DATA is sent to the load address (same address as the LLB further up the bootchain, but that's not important now)

Blue part
>after the load address is found, the DATA is copied there
>DATA is shifted to a specially allocated piece of memory
>the address in the memory to which DATA is shifted to is selected at random each time
>heap can be attacked but isn't really important here

Yellow part
>Main stack is used to start the SoC and AES module and then decrypt and load the LLB and get it started to kick off the iOS bootchain

Exploitation
>make USB fuzzer
>find a way to feed the main stack lots of bullshit
>crash it
>analyze crashes
>repeat crashes
>use crashes to your advantage to stop the indexes of the exception or main stacks (or both) from resetting
>write to vulnerable DATA (red) section
>congrats, you did it!

Secure Enclave is a part of Touch ID. No iOS devices are safe from NAND mirroring. The newer generations will just be more difficult to crack.

t. iToy enthusiast

It's a shame that there is too many people here with their own biases and agendas for people to actually find the truth by talking to them.

One thing that is interesting, Jobs didn't seem like the kind of guy to make big stink over things like LGBT politics or encryption under the law. Jobs seemed a little more subtle about things like this compared to Tim Cook. The whole drama between Apple and the FBI felt more like Tim Cook vs the FBI. Which is interesting because Tim Cook does seem to live a pretty private life, not really implying that Tim Cook has something bad he has to hide but it's kinda interesting how that turned out.

In addition, Apple loves to use the fact that they don't sell user data like Google does and a lot of their services are quite crippled compared to other companies (Siri being not as useful compared to competing Cortana due to not having a wealth of info, features like AirDrop being designed in a way that would reduce interception, etc). In light of these choices and actions, I can believe that on some level, Apple does care about the consumer's right to privacy.

Another interesting thing is how the FBI and other law enforcement have treated the iPhone and other Apple devices. When people claim that the iPhone is going to be popular with pedophiles, I have to ask what are they trying to do? Lure people away from iOS to something less secure? Or maybe honeypot people to use the iPhone? Really, neither of these make sense when you consider GSM networks and how the hardware is backdoored due to the nature of cellphones.

Point is, I think on some level, Apple clearly needed more PR, since iOS devices are slipping to Android and the Mac was never really popular but a lot of this seems to be actions of Tim Cook.

But to make this issue out of which mobile OS is more secure (not really due to hardware backdoors) and a dick measure contest over found exploits is pointless.

zdziarski.com/blog/?p=6020

at least we know who did it

it's sad that groups like anonymous and lulzsec don't exist anymore. they fucked some security companies in the ass very hard

officially: they bought some software from an isreali security firm that does this kinda thing. The company already existed, but the software hadnt been developed for that specific model yet. how it works I dunno

but irl, the FBI had the password and then changed it. This was never about getting into this specific phone. I think it was about creating a precedent to force apple to unlock phones, considering the number of devices they want unlocked the only reason this one got as much publicity as it did is because publicity was the goal, it was a bid to sway public opinion.

but you are surrounded by anonymous right now

see

sure, but these days, knowing what happened to them, no one will risk anything anymore... I suppose

i hope you realize that anonymous were a bunch of nu-males that were occasionally used as a fall guy. they were incompetent and useless unless all you hope to achieve is a bunch of overweight and underweight retards standing around in guy fawkes masks.

but they did something about what they thought could be helpful
meanwhile, you are here shitposting

what did they do? they haven't accomplished anything.

no one even gives a fuck about scientology anymore and that was by far their biggest thing.

this

the HBGary and rootkit.com hacks were awesome

MacOS Terminal?

It was an older iphone, they could've easily got into it but instead they pushed a narrative in the media that Apple had to backdoor their shit for national security just to see if they could make that a new policy. It was a game.

The new iphones with their 'Secure Enclave' shit are impossible to get into physically but as with everything else almost trivial to break in remotely and grab whatever you want through pushing a malware itunes update or other method.

Android is for sure a joke.

Daily reminder that until last year, to defeat Android full disc encryption on any device all you had to do was type garbage into the "enter password" input screen. It overflowed and just booted the phone without even needing the password.

They also had a major issue with webkit remote vulns so many times I can't remember, and the radio still has access to /sdcard and other user data storage areas unless you specifically tell it not to and build your own ROM with SEAndroid prohibiting any radio access to those mount points.

Also... Android is no longer "open source". You can't build your own AOSP rom anymore because Google no longer provides any binaries for the proprietary drivers, and no other handset mfg do anymore either. Android latest it's a pile of proprietary bins, and even if you rip them from the phone and try building your own rom it's a rabbit hole of debugging trying to get it to work on all but a select few handsets.

tl;dr it's a pile of shit, also Google is replacing Android completely with a proprietary version in 2017

>tl;dr it's a pile of shit, also Google is replacing Android completely with a proprietary version in 2017
Still light years ahead of iOS. Also google ain't replacing shit, Android is too popular to just abandon now (~90% smartphone OS marketshare). This is like saying Linux will replace Windows 7,10,XP and all the other variants.

This is coming from an ex-iPhone 6s user btw. Currently have an HTC 10 and don't plan on switching to iturds anytime soon.

Cut the dead guys finger off, warmed it up and used it to access the phone.

Literally what they should've done in the first place.

No, Android is not important. Literally all the features are in GAPPS, vanilla android without GAPPS has nothing but barebones functionality and hardly any modern apps work for it with access to GCM. This was done on purpose as Google has wanted to make a proprietary version for some time now to avoid even LGPL and due to complaints of people like Qualcomm who have also been pushing for a proprietary release free of L/GPL code theregister.co.uk/2016/06/08/google_is_taking_android_proprietary_heres_how/

As long as it looks like Android people won't give a fuck what OS is on their phones. People use Windows because switching to Linux requires effort. Phones are simple enough and all function the same from a user's perspective they won't care.

> Anyway Android isn't perfect but it's miles better than iOS in terms of security

fucking lol. With this level of fanboyism, i'm actually surprised you're not an Applefag.

Butthurt apple fag
>pic related

Share the backdoor so I can collect the bounty

they spend trillions on banks because they can't just hire someone to unfuck it. I hope it's only minimum wage. Shit, I hope it's less.

does your logic also imply that we'd receive more than 1.5million for cracking the MUCH bigger joke, pajeet?

I was being spoofed a little bit earlier so I made sure to do nothing but spend time on facebook inspecting elements and removing them. I got the same notification three times for the same event after checking it and clearing it each time. Clear spoof.

Anyway, I wrote out that solution to cracking the iphone on here months ago. It's not like it's fancy when you have an unlimited budget. This is all just a cover up.