Apple mempublikasikan surat dukungan dari salah satu korban penyerangan San Bernardino

Salihin Kondoker, suami dari salah satu korban serangan teroris di San Bernardino kepada Apple (PDF):

In my opinion it is unlikely there is any valuable information on this phone. This was a work phone. My wife also had an iPhone issued by the County and she did not use it for any personal communication. San Bernardino is one of the largest Counties in the country. They can track the phone on GPS in case they needed to determine where people were. Second, both the iCloud account and carrier account were controlled by the county so they could track any communications. This was common knowledge among my wife and other employees. Why then would someone store vital contacts related to an attack on a phone they knew the county had access to? They destroyed their personal phones after the attack. And I believe they did that for a reason.

Tanggapan seorang hacker iOS soal Apple vs FBI

Sebuah artikel menarik dari seorang ahli keamanan mobile yang juga seorang hacker iOS legendaris Will Strafach (@chronic) yang membahas beberapa poin soal perseteruan Apple vs. FBI yang lagi ramai dibicarakan.

3. Although the passcode attempt counter on the iPhone 5c can be handled without much work, the FBI request to allow it to electronically make passcode attempts is a considerable issue. This would specifically require Apple to modify the source code of SpringBoard (which powers the lock screen) to specifically add code that enables this capability, and sign it with the company’s production certificate so that the device will run the code. The reason Apple stresses that this is a “backdoor” in its statement is because the order is specifically requesting that Apple make a modification that serves no purpose other than to weaken iOS security by allowing brute force attempts. As touched upon in point #2, this will look horrible for Apple if it complies.

4. Here’s something pretty vital that no one has mentioned yet: The custom signed RAM disk that the FBI is requesting will not be possible to boot using the regular TSS restore servers, which check the validity of firmware files that are being loaded during each restore.

To allow restoration to a custom firmware, Apple would need to either: (a) make changes to the way its restore server works for this specific case, potentially causing major security concerns if any sort of mistake is made (which could make this an unreasonable / burdensome request, or (b) bring the device onto its internal network and load the firmware using the restore server used internally, since it can be assumed that such an in-house server exists for the purpose of restoring to unreleased firmware versions.

Selengkapnya bisa dibaca di sini.

Situs penyedia aplikasi bajakan untuk Android ditutup

FBI Anti Piracy Warning

FBI, DoJ (Departemen Kehakiman AS), dan beberapa departemen lainnya di AS dilaporkan telah mengambil alih beberapa situs penyedia aplikasi bajakan untuk Android.

Android Police:

One small and two major sites that have a long history of distributing pirated Android apps have been seized in a first of its kind operation conducted by the FBI, DoJ, and a variety of U.S. and foreign governments. These sites are:

  • applanet.net
  • snappzmarket.com
  • appbucket.net

Continue reading “Situs penyedia aplikasi bajakan untuk Android ditutup”