BC CRIME
Saved by @Mollyycolllinss

My students @maxzks and Tushar Jois spent most of the summer going through every piece of public documentation, forensics report, and legal document we could find to figure out how police were “breaking phone encryption”. 1/

 This was prompted by a claim from someone knowledgeable, who claimed that forensics companies no longer had the ability to break the Apple Secure Enclave Processor, which would make it very hard to crack the password of a locked, recent iPhone. 2/
We wrote an enormous report about what we found, which we’ll release after the holidays. The TL;DR is kind of depressing:

Authorities don’t need to break phone encryption in most cases, because modern phone encryption sort of sucks. 3/
I’ll focus on Apple here but Android is very similar. The top-level is that, to break encryption on an Apple phone you need to get the encryption keys. Since these are derived from the user’s passcode, you either need to guess that — or you need the user to have entered it. 4/
Guessing the password is hard on recent iPhones because there’s (at most) a 10-guess limit enforced by the Secure Enclave Processor (SEP). There’s good evidence that at one point in 2018 a company called GrayKey had a SEP exploit that did this for the X. See photo. 5/
There is really no solid evidence that this exploit still works on recent-model iPhones, after 2018. If anything, the evidence is against it.

So if they can’t crack the passcode, how is law enforcement still breaking into iPhones (because they definitely are)? 6/
The boring answer very likely is that police *aren’t* guessing suspects’ passcodes. They’re relying on the fact that the owner probably typed it in. Not *after* the phone is seized, in most cases. Beforehand. 7/
You see, iPhones can be in one of two states, which are respectively known as “Before First Unlock” (BFU) and “After First Unlock” (AFU). This is pretty self-explanatory.

When you turn your phone on and enter the passcode in the morning, you switch your phone from BFU->AFU. 8/
When you first unlock your iPhone after power-on, it uses your passcode to derive several sets of cryptographic keys. These stay in memory inside your phone, and are used to encrypt the file system. 9/
When you lock your iPhone (or press the button on the side, or leave it alone until the screen goes blank), exactly *one* set of keys gets “evicted”, ie erased from memory. Those keys are gone until you enter your passcode or use FaceID.

All of the other keys stay in memory. 10/
The key that gets evicted on lock is used to decrypt a subset of the files on the filesystem, namely the ones that have a specific protection class (NSComplete). The keys that don’t get evicted can be used to decrypt all the other files.

(This is all well-known so far BTW.) 11/
So the upshot of this is that, if police can capture your phone in the AFU state (yours is almost certainly in that state for 99% of its existence) *and* they have a software exploit that allows them to bypass the OS security measures, they can get most of the files. 12/
The real question is: what exactly does “most of the files” mean, and the corollary is “why not protect *more* than just a few of the files with that special key (the one that gets evicted)”. That’s where things get depressing. 13/
Apple *sort of* vaguely offers a list of the apps whose files get this special protection even in the AFU state. But notice how vague this language is. I have to actually decode it. 14/
Notice how this text simply reports that some app data is “protected through encryption” (this is vague and meaningless, since it doesn’t say whether it’s AFU or BFU) and other app data is explicitly only protected in the BFU state (before you first unlock.) Why so vague? 15/
Here is a version of the same text from back in 2012. Notice how it explicitly states that “Mail, App Launch images, and Location Data” are protected using the strongest type of encryption.

So it seems that Apple is actually protecting *less* data now than in 2012. Yikes. 16/
(Our most likely guess: Apple has weakened the protections on location data in order to enable fancy features like “location based reminders”. So they had to weaken the language in the security guide. This isn’t great.) 17/
But whether you look at the 2012 or 2020 data, the situation sucks. The built-in apps that definitely use strong AFU protection are:

Mail (which probably already exists on a server that police can subpoena, so who cares.)

App launch data (🤷‍♂️)

That’s not great. 18/
3rd party apps can opt-in to protect data using the strongest type of encryption, so this isn’t necessarily the whole story. But let’s list some data that *doesn’t* get AFU protection:

Photos
Texts
Notes
Possibly some location data

Most of what cops want. 19/
So this answers the great mystery of “how are police breaking Apple’s encryption in 2020”. The answer is they probably aren’t. They’re seizing unlocked phones and using jailbreaks to dump the filesystem, most of which can be accessed easily since keys are in memory. 20/
Oh my god my thumbs. 21/
Anyway, this leaves basically only one remaining question:

Why is so little of this data encrypted when your phone is AFU and locked? And the answer to that is probably obvious to anyone who develops software, but it still sucks. 22/
Most apps like to do things in the background, while your phone is locked. They read from files and generally do boring software things.

When you protect files using the strongest protection class and the phone locks, the app can’t do this stuff. It gets an error. 23/
Apple provides some tools to make this less painful: for example, they have a “write only” protection class.

But for the most part it’s annoying for software devs, so they lower protections. And if Apple *isn’t* using strong protection for its in-house apps, who will? 24/
If I could tell Apple to do one thing, I would tell them to figure this problem out. Because without protection for the AFU state, phone encryption is basically a no-op against motivated attackers.

Maybe Apple’s lawyers prefer it this way, but it’s courting disaster. 25/
For those who would prefer to read this thread in the form of a 65-page PDF that also discusses cloud backup systems and Android, here is our current paper draft: https://t.co/k3Qw0DNIoI

This will be on a pretty website soon. Thanks for not blocking me after this thread. // fin

More from Crime

The Chiefe
The Chiefe
@the_chiefe
Marxist Communist Harris-Biden's Great Reset #DeepState KILLUMINATI agenda

versus

CIA & Mossad #DeepState "Regime change in Iran" CRIME MINISTER Netanyahu TRAITOR-yahu's "Greater Israel Project" propaganda agenda?!?
CRIME
EFCC Nigeria
EFCC Nigeria
@officialEFCC
EFCC Docks Man for Alleged Investment Fraud in Calabar


The Uyo Zonal Office of the Economic and Financial Crimes Commission (EFCC) on Wednesday December 2, 2020, arraigned one Joseph Stanley Okputu before Justice Imelda Etape of the State High Court, Calabar, Cross River State for ponzi scheme.

He was arraigned on a two-count charge, bordering on obtaining by false pretence and stealing to the tune of N600,000.00 (Six Hundred Thousand Naira) only.

One of the charges read, "That you, Okputu Joseph Stanley ("M") on or about 6th of August 2018 in Calabar within the jurisdiction of this honourable court, fraudulently converted to your own use the sum of N600,000.00 (Six hundred thousand naira), belonging to Anietie Ekong...

...meant to be invested in bitcoin/forex trading package and to be returned to him with 80% interest on the fortieth (40th) day of the investment,"...
CRIME
Advertisement
Tatenda
Tatenda
@tatendam82
Anyone who exposes cults but sells anything is merely marketing their business. real sex cult victims always prioritize healing of their body, soul, mind & spirit-never $. U wont use your experience to make money, gain fame or campaign to be a president. U wont even need awards

People fall for cults because of lust, hunger for power,money &fame. Once they r broken & exploited victims become hardened like their abusers. They get out but use victimhood to get power,money & fame WITHOUT working on habits that led them to become victims in the first place.

I like when ex cult members share their testimonies BUT they use testimonies for selfish reasons. They hold on to victimhood &use it to sell books, lead online cults & have power over people. Most r still broken, spirits infested& lack self control but put themselves out as gurus

Pastors leading churches failed to break curses over their lives.They suffer more than most BUT decided to use knowledge on curses to control desperate people.People r deceived & buy oils &cursed objects while pastor who cant have a job is taking money to afford lavish lifestyle.

Weight loss "gurus" online sell fitness & weight loss lessons. They personally struggle with weight but know many do. They tap into people's desperation to make money from a problem they &many people suffer. Never get paid weight loss infor from a fat or thick person. it's scam!
ALL , CRIME
Pasquale "Pat" Scopelliti
Pasquale "Pat" Scopell...
@ThyConsigliori
4 December 2020 #MAGAanalysis #RestoreTheConstitution

Correcting A Monstrous Crime Against Our Country

My friend and legal mentor @shestokas provided this article and spent a bit of time with me speaking about

2) Dave told me that it's author, Publius Huldah, is one of his most trusted and respected authorities on all things constitutional. He encouraged me to go slowly with the article, contemplating each point carefully. That's what we're going to do together, here.

3) What's more, we're going to be build our Constitution reading skills while we're at it. As I started studying, I realized that I have never grown comfortable with the Constitution's format, in reading it. I get it, but I've not spent much time doing it.

4) Great news! The Internet makes it SO much easier than you might imagine. At this link, you can easily navigate to any section Publius Huldah (PH) guides us to. You'll also see, we really need to read it in context. Check this

5) Our story begins with Article IV, Section 4., with a clear statement of powers, responsibilities, and hierarchy of holding elections. If we're going to address this monstrous crime, we need to know exactly what the crime is, and who committed it. PH points us straight there.
CRIME
Ian Lyne
Ian Lyne
@lyne_ian
Thread

For the record.

Explosions (some more 'impressive' than others) that were caught on video in the the hours AFTER the twin towers came down, but BEFORE WTC 7 came down.

Also the locations and approximate times where these were recorded . . .


https://t.co/VrSv7mnZyl


https://t.co/MGrp5wLs8A


https://t.co/JeYH2IiHiv


https://t.co/ng1NyqnEfn
CRIME

You May Also Like

Jaya_Upadhyaya
Jaya_Upadhyaya
@Jayalko1
ARULMIGU SRI PARTHASARATHY SWAMY KSHETRAM, CHENNAI (TN)

Divya Desha where Perumal appears with moustache of a Sarathi (charioteer) to conduct Arjun’s Rath in Kurukshetra war.
Here, Venkatkrishna-Parthasarthy is present with his entire family.


He is flanked by Sri Rukmini, Sri Balarama, Satyaki, son Pradyumn and grandson Anirudha.
It is said that on the request of Raja Sumathirajan, Sri Perumal appeared and stayed here as Arjun’s charioteer (Partha-sarathi).


He is without chakra as he had promised not to wield weapons in Mahabharata war.
The face has scars caused by Bhishma’s arrows on Arjun. Prabhu took the arrows on himself to protect Arjun.


The Naivedyam offered here does not have spices. Ghee is used in it to cure Prabhu’s wounds. Sarkarai Pongal is famous here.

It is said that Rishi Bhrigu found Devi Lakshmi (as Vedvalli) in Alli flower in the mandir pushkarini. Later, Sri Ranganatha came here to marry her.
ALL
Kentaur Wolf2
Kentaur Wolf2
@fragma_dia2
Хајде да направимо мали осврт на случај Мика Алексић .

Алексић је жртва енглеске освете преко Оливере Иванчић .
Мика је одбио да снима филм о блаћењу Срба и мењању историје Срба , иза целокупног пројекта стоји дипломатски кор Британаца у Београду и Оливера Иванчић


Оливера Илинчић је иначе мајка једне од његових ученица .
Која је претила да ће се осветити .

Мика се налази у притвору због наводних оптужби глумице Милене Радуловић да ју је наводно силовао човек од 70 година , са три бајпаса и извађеном простатом пре пет година

Иста персона је и обезбедила финансије за филм преко Беча а филм је требао да се бави животом Десанке Максимовић .
А сетите се и ко је иницирао да се Десанка Максимовић избаци из уџбеника и школства у Србији .

И тако уместо романсиране верзије Десанке Максимовић утицај Британаца

У Србији стави на пиједестал и да се Британци у Србији позитивно афирмишу како би се на тај начин усмерила будућност али и мењао ток историје .
Зато Мика са гнушањем и поносно одбија да снима такав филм тада и почиње хајка и претње која потиче из британских дипломатских кругова

Најгоре од свега што је то Мика Алексић изговорио у присуству високих дипломатских представника , а одговор је био да се све неће на томе завршити и да ће га то скупо коштати .
Нашта им је Мика рекао да је он свој живот проживео и да могу да му раде шта хоће и силно их извређао
ALL
Advertisement
Queen Preshiii
Queen Preshiii
@preshdeyforyou
Men actually cum faster when having sex with someone they love

Haha y'all fw this tweet very well 😀

So why we're here lemme show you guys WHAT IMPRESSES A MAN MOST IN BED

Sweetie I wanna remind you that every Good sex😍 is based on mutual respect and love❤, so make sure that the guy you’re fucking is worthy of you.

. and never waste effort on a guy who isn't worth it. But as long as you’re convinced of the hero-status of this guy, your endeavours will never be wasted❤.

So Below Are Things He's Secretly Dying for You to Try In Bed👇

• BABE FUCK HIM WITH THE LIGHTS ON😋💡

Men loves it when they see their dick going in and out of our pussy🍑 —They love it so much.

They love to see our creamy💦 pussy wet their dick🍆— They fucking love it 😍

You may be worried about what your husband thinks of your post-breast-feeding boobs, your C-section scar, or that at some point, he'll stop being attracted to you because you look a little — OK, a lot—different than you did on your wedding day.
LIFE
\uff2c\uff41\uff44\uff59 \uff22\uff4c\uff41\uff5a\uff45\uff53
Lady Blazes...
@Lady_Blazes
Oh my Goodness!!!

I might have a panic attack due to excitement!!

Read this thread to the end...I just had an epiphany and my mind is blown. Actually, more than blown. More like OBLITERATED! This is the thing! This is the thing that will blow the entire thing out of the water!


Has this man been concealing his true identity?

Is this man a supposed 'dead' Seal Team Six soldier?

Witness protection to be kept safe until the right moment when all will be revealed?!

Who ELSE is alive that may have faked their death/gone into witness protection?


Were "golden tickets" inside the envelopes??


Are these "golden tickets" going to lead to their ultimate undoing?

Review crumbs on the board re: 'gold'.


#SEALTeam6 Trump re-tweeted this.
GOVERNMENT
Rudy Havenstein, listening to Nas all day.
Rudy Havenstein, liste...
@RudyHavenstein
I hate when I learn something new (to me) & stunning about the Jeff Epstein network (h/t MoodyKnowsNada.)

Where to begin?

So our new Secretary of State Anthony Blinken's stepfather, Samuel Pisar, was "longtime lawyer and confidant of...Robert Maxwell," Ghislaine Maxwell's Dad.


"Pisar was one of the last people to speak to Maxwell, by phone, probably an hour before the chairman of Mirror Group Newspapers fell off his luxury yacht the Lady Ghislaine on 5 November, 1991." https://t.co/DAEgchNyTP


OK, so that's just a coincidence. Moving on, Anthony Blinken "attended the prestigious Dalton School in New York City"...wait, what? https://t.co/DnE6AvHmJg

Dalton School...Dalton School...rings a

Oh that's right.

The dad of the U.S. Attorney General under both George W. Bush & Donald Trump, William Barr, was headmaster of the Dalton School.

Donald Barr was also quite a


I'm not going to even mention that Blinken's stepdad Sam Pisar's name was in Epstein's "black book."

Lots of names in that book. I mean, for example, Cuomo, Trump, Clinton, Prince Andrew, Bill Cosby, Woody Allen - all in that book, and their reputations are spotless.
EPSTEIN NETWORK