Free Republic
Browse · Search
News/Activism
Topics · Post Article

Skip to comments.

California Assembly Bill 1681 - Banning secure encrypted smartphones for sale in California
State of California Legislative Information ^ | JANUARY 20, 2016 | Assemblyman Jim Cooper (D-9)

Posted on 03/10/2016 10:42:30 AM PST by MeganC

In the interests of brevity here's the dangerous part of this bill that's being discussed in California today:

b) A smartphone that is manufactured on or after January 1, 2017, and sold or leased in California, shall be capable of being decrypted and unlocked by its manufacturer or its operating system provider.

(Excerpt) Read more at leginfo.ca.gov ...


TOPICS:
KEYWORDS: apple; california; encryption; smartphones; tyranny
Navigation: use the links below to view more comments.
first previous 1-20 ... 41-6061-8081-100101-102 next last
To: rarestia

If you truly believe that any encryption you can buy in the public square is 100% secure.. well let’s us just say that is special.

Remember, not that long ago, all the celebrities that got their nude selfies splashed all over the internet? The FBI can, and has, gotten into that phone. This is a much different game being played.


81 posted on 03/10/2016 5:32:48 PM PST by redgolum
[ Post Reply | Private Reply | To 5 | View Replies]

To: MeganC

Sounds like something that would be outlawed in the old Soviet Union, like private access to copying machines.

Remember, when they outlaw encryption, only outlaws will have encryption.


82 posted on 03/10/2016 5:39:56 PM PST by catnipman (Cat Nipman: Vote Republican in 2012 and only be called racist one more time!)
[ Post Reply | Private Reply | To 1 | View Replies]

To: redgolum
Special? Do you understand anything about encryption? It is, by its nature, secure. If it wasn't, we'd have bank compromises on a regular basis. Nothing secret would ever be secret. What you're proposing is ridiculous. Please do some research on your own time. There's such a thing as a trust between partners, vendors, developers, etc. Break that trust anywhere in the chain, and you no longer have a secure chain.

As far as the celebrity selfie "hack," again, do you research. That was the result of a very successful spear fishing campaign where the users provided their usernames and passwords at the request of bulk emails sent directly to them. It was NOT an attack against anything encrypted. This CNet article does a decent post-mortem. There was no compromise of encryption.

The majority of compromises are at the hands of insiders (look up the Home Depot POS compromise) or aren't really compromises at all but successful social engineering attacks against specific targets. There's not been a single, documented successful attack against a properly implemented PKI environment. As long as you're using the latest and greatest (TLS1.2 with SHA2 signatures), you're as safe as anyone can be.

83 posted on 03/11/2016 4:00:47 AM PST by rarestia (It's time to water the Tree of Liberty.)
[ Post Reply | Private Reply | To 81 | View Replies]

To: MeganC; ThunderSleeps; dayglored; ShadowAce; ~Kim4VRWC's~; 1234; Abundy; Action-America; ...
More information on the California bill to ban encrypted smartphones. — PING!

Pinging dayglored;, ThunderSleeps, Shadow Ace, for their ping lists. . .

Thanks to MeganC for the post.


Apple
Ping!

The latest Apple/Mac/iOS Pings can be found by searching Keyword "ApplePingList" on FreeRepublic's Search.

If you want on or off the Mac Ping List, Freepmail me

84 posted on 03/12/2016 1:23:45 PM PST by Swordmaker (This tag line is a Microsoft insult free zone... but if the insults to Mac users continue..)
[ Post Reply | Private Reply | To 1 | View Replies]

To: I want the USA back
Government does not have the right to tell manufacturers what their products will look like.

I agree with you, but the totalitarians at the EPA, BATF, FCC, FDA and all the rest seem to think otherwise

85 posted on 03/12/2016 2:40:52 PM PST by IncPen (Hey Media: Bias = Layoffs)
[ Post Reply | Private Reply | To 10 | View Replies]

To: Swordmaker

So they buy em in Nevada, Arizona or Oregon ..... Stoopid Kalipornia Polidiots.


86 posted on 03/12/2016 2:53:47 PM PST by Squantos ( Be polite, be professional, but have a plan to kill everyone you meet ...)
[ Post Reply | Private Reply | To 84 | View Replies]

To: Brian Griffin
Congress has the Article I Section 8 right to raise armies which means it has the right to tell Apple (and Samsung)programmers what to do.

Uh, Samsung is in South Korea. National sovereignty? Every hear of it? Apple? Are we at war? Regulating commerce does not extend to telling anyone how to design their products beyond environmental hazards and safety. They attempted to do that with firearms. Didn't get too far.

87 posted on 03/12/2016 3:30:58 PM PST by Swordmaker (This tag line is a Microsoft insult free zone... but if the insults to Mac users continue..)
[ Post Reply | Private Reply | To 44 | View Replies]

To: TexasGator
98% of smart phone users don’t give a hoot about encryption.

I see you are still making up 98% percent of what you post. You do know that 98% of all online statistics posted–just like this one and yours–are made up by the posters on the spur of the moment. You most of all have a predilection for pulling "facturds" from your rear end to forward your ignorant claims.

88 posted on 03/12/2016 3:34:33 PM PST by Swordmaker (This tag line is a Microsoft insult free zone... but if the insults to Mac users continue..)
[ Post Reply | Private Reply | To 46 | View Replies]

To: SaveFerris
Oh, that I already know (its general capabilities).

I’m just wondering what is encrypted. Certain messages?

Any voice they’re speaking is already captured.

In addition to all personal data stored on the iPhones and iPads being encrypted to 255 bit AES encryption standards, you'll find what's also protected here:

http://www.welivesecurity.com/2015/09/10/ios-9-security-boosted-2fa-stronger-passcode/

89 posted on 03/12/2016 3:55:42 PM PST by Swordmaker (This tag line is a Microsoft insult free zone... but if the insults to Mac users continue..)
[ Post Reply | Private Reply | To 43 | View Replies]

To: Captain Compassion
I'm sure that Apple (the manufacturer) is capable of decrypting and unlocking their phones. They just refuse to do it for the FBI. This bill is meaningless.

No. Apple does not have the key. Without a key, it is literally impossible to decrypt 256 bit Advanced Encryption Standard data in anything except astronomical time frames. Only the customers hold the keys to their devices.

90 posted on 03/12/2016 4:16:26 PM PST by Swordmaker (This tag line is a Microsoft insult free zone... but if the insults to Mac users continue..)
[ Post Reply | Private Reply | To 52 | View Replies]

To: Brian Griffin
Do you think the Chinese government allows phones with unbreakable encryption to be sold in China, the world’s largest market?

They do. They know that anyone can put a 256 bit Advanced Encryption Standard App on any cellular device to encrypt the data they want hidden. . . there are hundreds of them out there. They are pragmatists. They can't stop it.

91 posted on 03/12/2016 4:57:02 PM PST by Swordmaker (This tag line is a Microsoft insult free zone... but if the insults to Mac users continue..)
[ Post Reply | Private Reply | To 65 | View Replies]

To: Swordmaker

>No. Apple does not have the key. Without a key, it is literally impossible to decrypt 256 bit Advanced Encryption Standard data in anything except astronomical time frames. Only the customers hold the keys to their devices.<

Apple may not have the key but I would be greatly surprised if there were no back door known by Apple to gain access. The owner of the terrorist phone is dead. If what you say is true then there would be little reason for the FBI to take Apple to court.


92 posted on 03/12/2016 5:15:05 PM PST by Captain Compassion
[ Post Reply | Private Reply | To 90 | View Replies]

To: I want the USA back

“Government does not have the right to tell manufacturers what their products will look like.”

Actually, they do. ITAR.


93 posted on 03/12/2016 5:16:16 PM PST by CodeToad (Islam should be banned and treated as a criminal enterprise!)
[ Post Reply | Private Reply | To 10 | View Replies]

To: Brian Griffin

How about the old fashioned way? Serve a warrant to the owner of an encrypted device, seize said phone & if owner refuses to make data on phone accessible, sort it out in the courtroom with a judge.

It is all about sneak & peek. The agencies who are against encryption want the ability to access smart phones without any prior notification. Delayed notification will be routine and would be extended indefinitely.


94 posted on 03/12/2016 5:36:10 PM PST by Protect the Bill of Rights
[ Post Reply | Private Reply | To 50 | View Replies]

To: Protect the Bill of Rights

The owner has waived all rights to the phone and data within.


95 posted on 03/12/2016 5:56:03 PM PST by TexasGator
[ Post Reply | Private Reply | To 94 | View Replies]

To: TexasGator

In this particular case, yes. Unfortunately San Bernadino did not implement MDM and the FBI screwed up when they had the county change the password.

I am looking at the long game.


96 posted on 03/12/2016 6:11:30 PM PST by Protect the Bill of Rights
[ Post Reply | Private Reply | To 95 | View Replies]

To: redgolum
Remember, not that long ago, all the celebrities that got their nude selfies splashed all over the internet? The FBI can, and has, gotten into that phone. This is a much different game being played.

No, it was not the current iPhone, or even the past three versions of the iPhone.

The supposed and claimed "hack" was a hack into iCloud, not the iPhones themselves. But even hacking into iCloud was not what actually happened. The "fappening" involved social engineering their way into the celebrities' individual accounts by the simple expedient of changing their passwords through the "Forgot My Password" answering of their too simplistic security questions which, for celebrities, was as easy as reading their celebrity biography. There was no "hack", no superior computer skills required, only stupid celebrities answering truthfully to security questions such as "What elementary school did you go to when you were eight years old?" and "What was your mother's middle name?" The answers to those questions are found in ANY celebrity biography worth its salt, and the perverts who collect nude pictures merely did good research. They got the celebrities AppleID email addresses, told the system they had forgotten their passwords, and then did their research to answer the security questions and changed the password to one of their choosing. In. Copy everything, and out, before the celebrity gets the emailed alert there's anything amiss.

It had nothing to do with brute forcing their way in using "iBrute" which coincidentally was released the same week as the "fappening" was made public. The facts, as revealed later, found that the "fappening" photos were being offered on 4Channel and Reddit for several WEEKS before "iBrute" was every released, and "iBrute" as released could not have even done what was claimed for it, in that it used a dictionary of only the 500 most common passwords. Only two of those passwords met Apple's criteria for use on iCloud. Even more interesting were two passwords that did not match all of the others, being constructed of random characters. These were the iCloud passwords used by the author of "iBrute" and his main tester to prove the concept.

The only way iBrute would possibly work would be to use a dictionary of all possible 8 to more than 16 character passcodes using all 223 characters available from Apple's character set, in an online system that after each try, takes you back to the start to try again. Each try takes at least one minute. The potential number of KEYS you'll need to try will be a mere

37,560,000,000,000,000,000,000,000,000,000,000,000

In English, that's:

Thirty-seven duodecillion, five hundred sixty undecillion possible passwords.

At one per minute, to try every possible password, it would only take our iBrute user:

71,460,000,000,000,000,000,000,000,000,000 years.

In English, thats:

Seventy-one nonillion, four hundred sixty octillion years.

Just to steal some some nude selfies?

97 posted on 03/12/2016 6:59:42 PM PST by Swordmaker (This tag line is a Microsoft insult free zone... but if the insults to Mac users continue..)
[ Post Reply | Private Reply | To 81 | View Replies]

To: Captain Compassion
Apple may not have the key but I would be greatly surprised if there were no back door known by Apple to gain access. The owner of the terrorist phone is dead. If what you say is true then there would be little reason for the FBI to take Apple to court.

The 256 bit Advanced Encryption Standard, by definition, can have only one key.

There ARE NO BACKDOORS to 256 bit AES Standard encryption. The iPhone 5C is not quite as locked down as the 5S, 6, 6S, 6Plus and 6S plus. It is not quite as secure as those modes in that it does not have a Secure Enclave, but its Encryption Engine, which instead of being independent as on those models, is buried deep inside the A6 processor but has its own independence from the data processor segment of that processor. It, and the special code and data stored in it, is unreadable by the data processor or by a ny app running in RAM or any hardware or software probe.

The FBI is demanding that Apple create a new iOS version that voids the lock-outs that prevents playing around with entering the user passcode. . . which opens the phone. The phone allows only ten tries before it makes the data forever unavailable on the phone. Apple does not have the user's passcode.

98 posted on 03/12/2016 7:47:28 PM PST by Swordmaker (This tag line is a Microsoft insult free zone... but if the insults to Mac users continue..)
[ Post Reply | Private Reply | To 92 | View Replies]

To: Swordmaker
>The FBI is demanding that Apple create a new iOS version that voids the lock-outs that prevents playing around with entering the user passcode. . . which opens the phone.<

I'm sure the FBI and others would like this but this would not help with the San Berdoo terrorist's phone. The encryption is of course an Apple trade secret and has value. I would hope that the courts would protect this. But who knows now days. I know that California is trying to stop the sales of strong encrypted phones but they are fascists.

99 posted on 03/12/2016 8:13:25 PM PST by Captain Compassion
[ Post Reply | Private Reply | To 98 | View Replies]

To: rarestia
What's your prognosis for my medical files now processed at the IRS? Is this coincidental to combine revenue generation with peek-a-boo into my confidential communication with my M.D. whose gone Electronic Medical Record Keeping? It seems quaint how many locks are used to keep my pts. paper files from being read.
100 posted on 03/13/2016 10:53:52 PM PDT by The Westerner
[ Post Reply | Private Reply | To 73 | View Replies]


Navigation: use the links below to view more comments.
first previous 1-20 ... 41-6061-8081-100101-102 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson