Tim Cook...
Playing a brave game, or a dangerous one? Answers on an encrypted post card to....
Apple isn't backing down from a move to lock down the iPhone’s data port to increase security for users, even though it means thwarting some of the password-cracking tools used by forensics experts. In the latest beta versions of iOS, Apple includes a feature called USB Restricted Mode, which disables the data connection of …
"Since cracking the six-digit passcode may take up to 22 hours (or longer for a passphrase), then brute-force methods used by the cracking tools are likely to cease to work."
Why didn't they operate a 1 hour lock-out after five (or whatever) failed attempts? Or did they and the hackers have found a way to bypass it?
You could also "hack" the RTC chip (theoretically).
Another attack is done using NAND flashing - in which the chip is backed-up at zero passcode attempts, then the iPhone is bruteforced until it gets locked out, at which the NAND is restored ... Sort of like savestates in an emulator.
It isn't clear how Cellbrite et al's PIN finder works, though presumably Apple got their hands on one at some point so you would think they should have been able to fix whatever they were doing to brute force the passcodes.
This fix is more elegant though, since 99% of the time you haven't entered your password within the last hour even if the cops get your phone while it is unlocked (or force to finger/face unlock it) the USB port will be disabled.
I have to think that the FBI is going to have a hissy fit about this - but they're going to play it coy and wait for a headline terrorist incident or school shooting investigation that is hampered by this before they do to try again to get the public on their side like they failed to do with San Bernadino.
@frank ly
Why didn't they operate a 1 hour lock-out after five (or whatever) failed attempts? Or did they and the hackers have found a way to bypass it?
I think that "found a way to bypass it" is implicit in this sentence from the article:
An analysis was undertaken by Malwarebytes in March that suggested it took advantage of undisclosed flaws in iOS.
So there's three of you who think that DJs use audio out from an iPhone instead of balanced output from a FireWire/Thunderbolt soundcard? Okaaaay
Some DJs will use an iPhone as an XY control surface (ersatz Kaos Pad) in conjunction with with other devices. Some will even take advantage of its gyros and accelerometers. Either way, its just a control device.
I think you misunderstand. A professional DJ can likely afford a dedicated device. Indeed if they're smart, that's exactly what they'd do in case some app gone rogue destroys their set.
The amateur DJs, be they playing music for themselves, their friends, or another small gathering probably don't have a separate balanced output system. They have an iDevice and speakers.
Agreed but nostalgia apart, there is/was a greater sense of theatre with a box of 12's, a pair of SL-1200s and working the crossfader on an SH-DJ1200. I was a very poor amateur but when you saw DJ Shadow or Z-Trip or DJ Hype do a vinyl set live (as I have several times over the years) it was some experience.
It's all too perfect today where you can fade in the breakdown to the thousandth of a millisecond and you can pretty much pre program your set. Even the old school DJs who have embraced the digital age still have a little xtra something to my mind as a lot of them still use it in an analog way with all the imperfections that implies.
I know, I know, rose-tinted.
Ah well I knew the days of being good with the turntables were numbered when a friend who ran a mobile DJ company showed me his latest toy - a Numark board that had two CD players with pitch control and a "mix" button. It was only a matter of time before the million monkeys took over all but the priciest venues because few patrons can tell a live performance from a computerized or pre-staged one - they might notice a blown mix but 1) not realize it means the DJ is performing live and 2) prefer the "perfect" pre-staged one anyway.
I never liked re-using the same mixes very often unless they were really something, so I was always doing something different. I'd make cassette recordings for people for $20 for whatever I happened to play during that 90 minutes. It was always fun to listen to the next day, since I was usually so drunk by the time things got really hopping I couldn't remember what I'd played. I learned some of my favorite mix combinations listening to what I'd drunkenly come up with the night before :)
Yep, it got easier and easier as technology continued to progress. I downloaded a DJ app for my iPhone a while back intending to fool around and see what it can do but never got around to it. Maybe this weekend I'll check it out now that its top of mind again.
The ironic thing is that while I correctly assessed that being a skilled DJ would matter much less when computers could do the job for you, I totally missed that a small number of DJs would be able to make millions of dollars a year in the future. Not that it would have helped me had I chosen that as a career path - it isn't about skill it is about star power. Unless Paris Hilton really is such an amazing DJ that she's worth $300,000 for a night's work!
It's less DJing now and more live "producing" now that you can essentailly have a complete recording studio on your MacBook. Layering not just effects but actual instruments over the tracks and then doing the mixdown live as you go. Be it automated or manually tweaking it with a controller. The next step is no doubt going to be an AI DJ. (shudders)
In the end the real skill of a DJ is not being able to put together a seamless mix or knowing where exactly to place the drop or being able to scratch 3 decks at once, it's simply about choosing good music to create a mood as it always has been. Be it in a hip club at 2.00am or your cousin's wedding.
Right I'm off to Discogs....
So there's three of you who think that DJs use audio out from an iPhone instead of balanced output from a FireWire/Thunderbolt soundcard? Okaaaay
And here's another, except in my case I've worked with world class DJs and plugged up the 3.5mm jack to phono cable into the mixer for them. Besides, using a balanced out when going into an unbalanced input on a DJ mixer is a bit pointless dontyathink?
I still think there is nothing better than a 10—12-character alphasymbonumeric passcode. The Adversary can try a million times a second for half a billion years and see where it gets him.
I won't rehearse the passwords again because I've said it here before. To summarise:
• Make up something ridiculous, non-dictionary and memorable because you can say it—like "sq8-Ed2ph01e" (squat-ed-to-foal)
• Make up a nemonic if you need to, e.g. a short fat guy called Ed having a baby horse: hard to forget that image once you've pictured it
• The Adversary has 12 random (to him) characters, each from among about 70 possibilities if you include upper/lower alpha, numeric and a few symbols
• That's 13,841,287,201,000,000,000,000 combinations
• To go through half of those at 1 million/sec would take just under 439 million years
I agree the system should introduce progressive latency after X failed attempts, but even if it doesn't, you can easily create a passcode which is (a) unbruteforceable and (b) resistant to errors by Apple and weaknesses in its hardware.
And Reg: FFS get a less hopelessly incompetent Captcha system.
Now repeat it over and over and you start asking, "Now was it correcthorsebatterystaple or donkeyenginepaperclipwrong?" Even with mnemonics you can get mixed up, especially if you start mixing up mnemonics.
Apologies if you've seen me bang on about this before. I figure every time it's new to a few more people. It just WORKS! My most clueless users do this with no problem.
Start with a sentence you can remember. SAY IT to yourself silently, and type every first or second letter (depends on length). Capitalize the first letter, add punctuation at the end. This method means it's not necessary to actually remember the password itself! There's no need to remember which letters were changed to what. It's stupid easy.
Example: "What we've got here is failure to communicate" (Cool Hand Luke) becomes
"Whwegoheisfatoco..."
There are no numbers and limited symbols. However it's a random string of letters that real people can actually remember and use. If there's an easier way to remember random-ish passwords, please share!
Quite.
Choose a password that isn't brute-forceable. You then never have to worry about someone brute-forcing it, or changing it either (it's now considered BAD advice to enforce regular password changes on users ).
To paraphrase the XKCD that we all know, after 20 years of effort we've trained everybody to use passwords that are easy for computers to guess and difficult for people to remember.
The only thing that matters in a password in length. That's it. Not even complexity. A long a-z-only password beats out a short, complex password basically EVERY TIME, sometimes by factors of millions or billions.
M to the power of N is much more heavily influenced by N (the number of characters in the password) than by M (the number of possibilities for each character). You don't need to get far out of stupid-password territory (8-10 characters or so) for it to always be true, even if someone decides to use the entire Unicode space as possible characters.
And if you have a password that's not brute-forceable, you don't have to worry about someone attacking your number of password attempts per second (whether time-outs are incorporated or not) past the fact that they would DoS you in even trying a million combinations a second.
Seriously, stop it and use real passwords. And avoid services that refuse to let you use longer passwords (HSBC banking stops at 12 characters, I believe) and/or which enforce ridiculous character sets on you (Apple iTunes accounts are terrible for this).
A long password with an uncommon symbols such as µ or » make it super secure as most brute forcers only tries common symbols available on the keyboard plus numbers and letter so would never crack it even if it were left running for 100s of years.
Technically true, but usually it won't work. Most systems will disallow things other than plain ASCII. Unicode and in some cases extended ASCII is out. In fact, there was one system I had to use that blocked a password using the question mark (?) symbol. Actually, it sent the password in but chopped out the question mark first, such that the original password would not work but the one with the mark excised would. Great job there. Rather than allowing a system to get confused, I tend to go for length plus a few punctuation marks; that way, nobody can just brute force the alphabet to get it.
I also had experience with a system that accepted numerical characters in some fields (user name and surname) when they had a typo... but of cause refused them in the login field. I was only paid to answer the phone... so my efforts to fix that obviously broken system were to transfer the call.
Not quite correct, if the password is alphanumeric and an actual word or combination of words, dictionary based attacks drastically shorten the time to "guess". If a single word length is possibly even a negative as the number of words at a given length reduces past beyond about 8 letters. Combinations of words are harder but still have the drawback of being drawn from a very limited subset of the possible combinations of words.
Using first letters of words from phrases also has weaknesses as the letters are drawn from typically a very limited subset of possible combinations. If the pass phrase is long enough this may be mitigated, but only truly random combinations require random searches and are subject to the combination rules.
And of course "truly random" combinations are very much harder to remember.
Just FWIW
> Combinations of words are harder but still have the drawback of being drawn from a very limited subset of the possible combinations of words.
If using words in a password, each word is the equivalent of a single character in a random character password. But that actually expands the set of characters when compared to an ASCII character set at least. Below is a copy-paste of a post I wrote a few weeks ago about using dictionary words, note that it was based on using 5 words (not just 1) as a password. I will preface it by saying that I think it is not practical to use, as while theoretically the set is quite large, what's the chances anyone would use the long words (say 6+ characters) in their combination of words? But in theory:
The Oxford English Dictionary has ~171,000 'active' words in it (it has an additional 41k obsolete words and some other types).
So, a 5 word phrase would have complexity of 171000^5, or a complexity of:
146,211,169,851,000,000,000,000,000
And this assumes that every letter is typed in in the same case, no mixed case.
A 10-character password using the printable characters usually found on an English-based QWERTY keyboard is, umm, roughly 49 keys, each with 2 characters, for 98 combinations.
So it'd be 98^10 which is a complexity of:
81,707,280,688,754,689,024
Which is significantly less complex than 5 random words.
You'd need a difficult to remember password of 14 random characters to exceed the difficulty of an easier to remember 5 random words password.
Of course, you may be able to increase the set of characters above 98 by using a larger UTF character set.
But then, you could increase the set of words by including non-english words, or using techniques others have discussed like misspellings, mixed case, replacing alphabetic characters with other characters, and so on.
Spanish has around 88k words, depending on how you count them (some sources say there are many more), German, again depending on how you count the words and which sources you use, has at the low end about 140,000, and another 100k or more for french.
So if we add those 4 dictionaries (English, Spanish, French and German) we've increased our word set to 469k, so:
469000^5 =
22,691,552,673,349,000,000,000,000,000 combinations.
Using first letters of words from phrases also has weaknesses as the letters are drawn from typically a very limited subset of possible combinations.
Assuming, of course, that the attacker knows you have used this method.
What you describe is correct for a specific known password mnemonic method. However, an attacker typically has no way to determine which method the user might have employed to create the mnemonic. Or, in fact, that the user even employed such a method at all.
if the password is alphanumeric and an actual word or combination of words, dictionary based attacks drastically shorten the time to "guess" [blah blah blah]
Sigh.
Arguments like this are just handwaving without some actual statistics, or at least back-of-the-envelope approximations.
A recent version of the aspell US English dictionary contains around 204800 words. Using an xkcd-style four-word phrase (which gives a passphrase on the order of 20 characters, quite easy to type reliably for many users; I routinely use passphrases twice that long) gives about 70 bits of entropy. That's assuming words are chosen with equal distribution from the list; it assumes nothing about, say, the per-symbol entropy of English.
Note it also assumes the passphrase contains no spacing, punctuation, or non-letter symbols, except the ones that appear in the aspell US-English dictionary (things like apostrophe and hyphen). Those can easily be added by the user in a meaningful fashion, increasing the entropy. It also assumes monocase, or a case-insensitive verification mechanism; if the system is case-sensitive, we can use mixed case as well.
What's 70 bits of entropy worth? Compare it with a random (equal distribution) password drawn from mixed-case English letters, numerals, and a dozen non-alphanumerics. That's 64 symbols, or 6 bits of entropy per symbol. So 70 bits of entropy for the passphrase is just shy of a 12-character password using this scheme.
If you can make a million attempts per millisecond, brute-forcing a 70-bits-of-entropy passphrase takes a little under 19 thousand years, on average.
The trick with xkcd-style bag-of-words passwords is to generate a number of unbiased phrases from the dictionary, then pick one you can remember by visualization, "newspaper headline" interpretation, or whatever. The relatively low per-symbol and per-word entropy of natural language really doesn't matter when it comes to resistance to brute forcing, once the phrase gets to be even a few words long. Models only do well against plausible natural-language phrases.
There's a commonplace among infosec folks that xkcd-style passphrases are not particularly strong. Schneier subscribes to it in this post, for example, talking about the password-cracking bake-off Ars Technica hosted back in 2013. But it's not the scheme itself that's broken. The weakness comes from weak use of it - from users choosing words from too small a dictionary,1 or creating passphrases that are too small.
(Also, the Ars piece only worked with one attack mode - cracking a corpus of unsalted MD5 hashes. While Schneier generalizes that to "password crackers know to combine words from their dictionaries", even with smarter candidate generation, stronger key-derivation functions such as Argon2 are going to slow brute-forcing tremendously.)
Even then, terms like "broken", "weakness", and "too small" are misleading. Absolutes are always inaccurate when discussing security. What we need to talk about is the risk (probable loss) under a threat model. My probable loss for someone brute-forcing my Reg password is very low - I don't have much at risk here, under my threat model. And the probability of someone brute-forcing it is relatively low, because most attackers have little incentive to do so. So my password only has to be strong enough against brute-forcing to lower that risk to a point that I'm comfortable with.
1Generally that means "user has a larger dictionary, but only chooses familiar words, and has a relatively small working vocabulary in the first place". For a random-word-phrase scheme, the user's "dictionary" is the set of words they're willing (with high probability) to use.
@Tikimon - "it's a random string of letters"
Wrong!
"Start with a sentence you can remember."
This isn't a random start to the process, the following steps are deterministic, so the output is not random. Meaningful sentences in any language will have some statistical pattern to the initial letters. Worse, a memorable sentence is likely to be a quote, so the password crackers will drop a dictionary of quotations into their process if this becomes popular.
So, if you are using this scheme, the last thing you want is for everyone else to be using the same scheme... Therefore, you aren't using this, and you're a spook who has worked out how to crack this easily, hey, are those black helicopet//