Tales from the Orchard: FBI Hacker Says Apple Are ‘Jerks’ and ‘Evil Geniuses’ for Encrypting iPhones

An FBI forensic expert lambasted Apple for making iPhones hard to hack into.

 

By Lorenzo Franceschi-Bicchierai of Motherboard at Vice .com

 

Ever since Apple made encryption default on the iPhone, the FBI has been waging a war against encryption, complaining that cryptography so strong the company itself can’t break it makes it harder to catch criminals and terrorists.
On Wednesday, at the the International Conference on Cyber Security in Manhattan, FBI forensic expert Stephen Flatley lashed out at Apple, calling the company “jerks,” and “evil geniuses” for making his and his colleagues’ investigative work harder. For example, Flatley complained that Apple recently made password guesses slower, changing the hash iterations from 10,000 to 10,000,000.

That means, he explained, that “password attempts speed went from 45 passwords a second to one every 18 seconds,” referring to the difficulty of cracking a password using a “brute force” method in which every possible permutation is tried. There are tools that can input thousands of passwords in a very short period of time—if the attempts per minute are limited, it becomes much harder and slower to crack.

“Your crack time just went from two days to two months,” Flatley said.

“At what point is it just trying to one up things and at what point is it to thwart law enforcement?” he added. “Apple is pretty good at evil genius stuff.”

On the other hand, Flatley repeatedly praised the israeli company Cellebrite, which sells hacking devices and technologies to law enforcement agencies around the world. Flatley said that they are the ones who can counter Apple’s security technology.

“If you have another evil genius, Cellebrite,then maybe we can get into that front,” he said, facetiously coughing as he said “Cellebrite.”

Flatley’s statements come a day after FBI director Christopher Wray renewed former director James Comey’s rhetorical war against encryption, calling it an “urgent public safety issue.”

Cybersecurity experts and civil liberties organizations, meanwhile, have long made the case that iPhone encryption keeps the average consumer’s data safe from hackers and authoritarian surveillance, a net benefit for society.

How to: Password Protect a Folder in a Mac

 

 

 

By Henry T. Casey of Laptop Mag.com

Not all of your files are meant to be seen by everyone. Your friends and family may not appreciate this truth, but that’s just the way it is sometimes. Luckily, MacBook owners can protect their sensitive files from prying eyes by password protecting specific folders.

Many paid programs offer similar functionality, but we prefer this free method built into Apple that allows folders to be turned into protected disk images. We tested this on a MacBook Pro running macOS Sierra version 10.12.6 but research shows it works the same way going as far back as Mac OS X 10.6, Snow Leopard.

1. Click Command + Shift + A to open the Applications folder.

 

2. Open the Utilities folder within Applications.

 

3. Open Disk Utility.

4. Click File.

 

5. Select New Image.

6. Select Image from Folder.

7. Select the folder you wish to protect and click Open.

8. Click on the Image Format option menu and select read/write.

9. Click on the Encryption menu and click 128-bit AES encryption.

10. Enter the password for this folder twice, and click Choose.

11. Name the locked disk image and click Save.

12. Click Done.

You’ve turned your folder into a locked disk image! You can delete the original folder now, if you’d like. Just don’t delete that .DMG file!

And just like a folder, you can add items to your password-protected disk image before ejecting it.

 

Do you have any tips for protecting your data? Tell us about it in the comments below!

T&T: Tips for keeping strangers off your Wi-Fi network

 

 

Give digital trespassers the boot.

By David Nield of Popular Science

You don’t want neighbors or passers-by stealing your Wi-Fi any more than you want them stealing your water, electricity, or carefully curated collection of Blu-ray movies. In fact it’s more serious than that—if someone can hook on to the same network as you, it becomes easier for them to snoop on your browsing and your locally stored files.

So how do you go about locking things down? Thankfully, keeping unwelcome visitors away from your Wi-Fi isn’t difficult and doesn’t need an IT qualification. Here’s what you need to do.

Keep changing your password

By far the easiest way to boot freeloaders off your wireless network is to change the Wi-Fi password. You need to do this through your router’s settings—either dig out the manual or run a quick web search to find the instructions for your particular make and model.

Change the password to something very hard to forget (for you) and impossible to guess (for everyone else) and you’ve got a clean slate as far as access to your wireless network goes. You do have the inconvenience of then reconnecting all of your devices and computers, but it’s a small price to pay for a clean Wi-Fi slate. Pick something that’s important to you, like a date or a name, but that no one else would think of, so it’s both simple for you to enter and secured against unwanted visitors.

 

The router’s initial password is often printed on a sticker that’s attached to the device itself, so changing it will prevent guests like party goers from spying on the security code. If the password’s only in your head or somewhere secure then no one else can connect up until you tell them what it is.

Actually, that’s not quite true—some routers feature one-touch WPS (Wi-Fi Protected Setup) connectivity, so connecting to Wi-Fi can be done with a push of a button on the router itself. If you’re worried about someone doing this to get on the web, you can usually disable it through the router settings.

Check your router settings

While we’ve got your router configuration page open, a few other settings are worth looking at. First, change the default password used to access the router settings page to something else—this stops anyone who might gain access to your network from changing the Wi-Fi password themselves. As you’ll have realized when you accessed your router settings for the first time, you need a password to get into the menus, and a separate one to connect to Wi-Fi, so changing them both gives you maximum protection.

It’s also worth applying any pending firmware updates, which ensures your router is running the latest and most secure version of its own basic operating system. Again, with so many router makes and models on the market we can’t give you instructions for each one, but it should be simple to do—find the instruction booklet or a guide on the web for your device and it will only take a couple of minutes.

 

Elsewhere in your router’s settings you should find a screen listing the devices connected up to your Wi-Fi: Is there anything there you don’t recognize? You often have the option to disconnect a device, depending on the type of router you’ve got, though you might need to do a bit of detective work to identify the devices your router lists.

Finally, you should be able to find a setting that ‘hides’ your network (the technical term is the SSID or service set identifier) from view, so it won’t appear when your neighbors or visitors scan for Wi-Fi on their devices. If you need to connect a new device, you need to enter the SSID manually. It’s not a huge improvement in Wi-Fi security, but it’s a neat trick that can help you stay under the radar of hackers and Wi-Fi freeloaders.

Other security tips

If you want some extra help spotting who’s on your network who maybe shouldn’t be, beyond what your router offers, try Fing for Android or iOS, Acrylic Wi-Fi for Windows, or Who Is On My Wi-Fi for macOS. All those apps are free (for non-commercial use), and are easy to navigate around no matter what your level of networking know-how. Various other apps are available to do the same job too.

 

Installing a VPN on your computer doesn’t do anything extra in terms of stopping people from connecting to your Wi-Fi, but it does add an extra layer of encryption between you and the web—so that anyone who does manage to gain access to your network is going to have a much harder time trying to snoop on your activities (which websites you visit, the data you’re sending and so on). While a VPN might slightly slow down your connection speed, it keeps you a lot safer—just be sure to choose a reputable, paid-for service.

Finally, if your computer is close enough to the router to wire it up directly, and you’ve got strong cellular reception on your phone, you could turn off Wi-Fi on your router every once in a while, which can be done through the router settings on all modern boxes. No one’s going to be able to hook up to your Wi-Fi network if it’s switched off.

Do you have any tips for securing your home wifi network? Share them with us in the comments below!

Create a website or blog at WordPress.com

Up ↑

%d bloggers like this: