John McAfee enters the fray: 'I'll decrypt the San Bernardino iPhone for free'
posted by Daniel P. / Feb 18, 2016, 8:38 AM
With all the brouhaha surrounding the order that Apple opens up the iPhone 5c of the San Bernardino shooter, one would think that the FBI has no other way to find out what's in it, rather than that it's just being desperate for a backdoor into iPhones, and using this highly public matter as a pretext.
Enter John McAfee, of McAfee Antivirus and expat debauchery fame. In his typical brash style, McAfee is now offering to decrypt the San Bernadino terrorist's phone absolutely for free, so long as the Feds leave Apple alone with the backdoor requests. The legendary hacker has issued a lengthy open letter to offer his services, which boils down to this:
So here is my offer to the FBI. I will, for free, decrypt the information on the San Bernardino phone, with my team. We will primarily use social engineering and it will take us three weeks. If you accept my offer, then you will not need to ask Apple to place a back door in their product, which will be the beginning of the end of America. If you doubt my credentials, Google “Cybersecurity legend” and see whose name is the only name that appears in the first ten results out of over a quarter of a million.
There you have it, FBI, ball's in your court, and you can read the whole of John McAfee's statement below. After all, he is a presidential candidate from the Libertarian party, too, so he's not taking personal freedom and privacy issues lightly.
Using an obscure law, written in 1789 - The All Writs Act, the U.S. Government has ordered Apple to place a back door into its IOS software so that the FBI can decrypt information on an an iPhone used by one of the San Bernardino shooters.
It has finally come to this. After years of arguments by virtually every industry specialist that back doors will be a bigger boon to hackers and to our nation’s enemies than publishing our nuclear codes and giving the keys to all of our military weapons to the Russians and the Chinese, our government has chosen, once again not to listen to the minds that have created the glue that holds this world together.
This is a black day, and the beginning if the end of the US as a world power. The Government has ordered a disarmament of our already ancient cybersecurity and cyber defense systems, and is asking us to take a walk into that near horizon where cyberwar is unquestionably waiting, with nothing more than harsh words as a weapon, and the hope that our enemies will take pity at our unarmed condition and treat us fairly.
Any student of world history will tell you that this is a dream. Would Hitler have stopped invading Poland if the Polish people had sweetly asked him not to do so? Those who think yes should stand strongly by Hillary Clinton’s side, whose cybersecurity platform includes negotiating with the Chinese so that they will no longer launch cyber attacks against us.
The FBI, in a laughable and bizarre twist of logic, said that the back door would be used only once and only in the San Bernardino case.
Tim Cook, CEO of Apple, replied:
"The government suggests this tool could only be used once, on one phone. But that’s simply not true. Once created, the technique could be used over and over again, on any number of devices. In the physical world, it would be the equivalent of a master key, capable of opening hundreds of millions of locks — from restaurants and banks to stores and homes. No reasonable person would find that acceptable.
The government is asking Apple to hack our own users and undermine decades of security advancements that protect our customers — including tens of millions of American citizens — from sophisticated hackers and cybercriminals. The same engineers who built strong encryption into the iPhone to protect our users would, ironically, be ordered to weaken those protections and make our users less safe.”
No matter how you slice this pie, if the Government succeeds in getting this back door, then it will eventually get a back door into all encryption, and our world, as we know it, is over. In spite of the FBI’s claim that they would protect the back door, we all know that's impossible. There are bad apples everywhere, and there only needs to be in the US Government. Then a few million dollars, some beautiful women (or men), and a yacht trip to the Caribbean might be all it takes for our enemies to have full access to our secrets.
Tim Cook said:
“The FBI may use different words to describe this tool, but make no mistake: Building a version of iOS that bypasses security in this way would undeniably create a backdoor. And while the government may argue that its use would be limited to this case, there is no way to guarantee such control.”
The fundamental question is this: Why can't the FBI crack the encryption on its own? They have the full resources of the best that the US Government can provide.
With all due respect to Tim Cook and Apple, I work with a team of the best hackers on the planet. They attend Defcon in Las Vegas and they are legends in their local hacking groups, such as HackMiami. They are all prodigies, with talents that defy normal human comprehension. About 75% are social engineers. The remainder are hard core coders. I would eat my shoe on the Neil Cavuto show if we could not break the encryption on the San Bernardino phone. This is a pure and simple fact.
And why do the best hackers on the planet not work for the FBI? Because the FBI will not hire anyone with a 24 inch purple mohawk, 10 gauge ear piercings, a tattooed face, who demands to smoke weed while working and won't work for less than a half million dollars a year. But you bet your ass that the Chinese and Russians are hiring similar people with similar demands and have been for many years. It's why we are decades behind in the cyberrace.
Cyber science is not just something you can learn. It is an innate talent. The Julliard school.of music cannot create a Mozart. A Mozart, or a Bach are genetically created, much like our modern hacking community. A room full of Stanford Computer Science graduates, cannot compete with a true hacker without even a high school education.
So here is my offer to the FBI. I will, for free, decrypt the information on the San Bernardino phone, with my team. We will primarily use social engineering and it will take us three weeks. If you accept my offer, then you will not need to ask Apple to place a back door in their product, which will be the beginning of the end of America.
If you doubt my credentials, Google “Cybersecurity legend” and see whose name is the only name that appears in the first ten results out of over a quarter of a million.
For a team like mcaffee, it would take 3 weeks (as he stated)... That's a very very long time. Bro, I can wipe my phone remotely in 10 seconds from any device that has Internet. Really really not worried about my phone being hacked now.
On the other note: anyone know what he meant by "using social engineering" to hack into it?
Not anymore. Since iOS 8, Apple has encrypted (read: scrambled randomly) data on iDevices, and they are only decryptable by entering your passcode/fingerprint, which is the decryption key. A second copy of the key, which would allow Apple to open it, is not stored by Apple, and as such, even when the gov't wants it to, Apple technically can't. The govt says it wants Apple to force load a version of iOS that removes the security feature where it wipes data after 10 failed attempts, but Apple is refusing to do so.
Also, this issue will be null in devices from the 5S onwards: the passcode stuff is stored in a special part of the processor called Security Enclave, and that's unhackable and cannot be altered like what's technically possible in this case.
ok, so apple has a big ass pad lock on the OS, if a device has a key/code then it CAN be hack....this just blows my mind they are supposed to be able to hack ANY OS...i feel that this is all a big stunt it has to be
Im not exactly sure why, But I think the reason is that 5c didn't come with a Touch ID.
But let's say it did come with Touch ID:
1. After the phone was I unused for 48 hours it requires pin
2. If the phone was shut down - it will require pin upon reboot
3. Dead fingers (with no pulse) do not work
This copy is for your personal, non-commercial use only. You can order presentation-ready copies for distribution to your colleagues, clients or customers at https://www.parsintl.com/phonearena or use the Reprints & Permissions tool that appears at the bottom of each web page. Visit https://www.parsintl.com/ for samples and additional information.