Connect with us

Business

White Hat iOS Hacker Advises Apple In Its FBI Battle

Published

on

Will Strafach, a widely-known iOS hacker and mobile security expert, has some advice for Apple in its public dispute with the FBI after a judge ruled the company must help the FBI break into an iPhone that belonged to one of the San Bernardino shooters.

// -- Discuss and ask questions in our community on Workplace.

Strafach, now the CEO of Sudo Security Group, which specializes in enterprise mobile protection, thinks Apple is in a much more difficult position than many people realize. He goes as far as to say that the FBI has laid a trap for Apple in his article posted on BGR.

Strafach spent years hacking every iOS release to achieve full control and develop user-friendly jailbreaking tools used by people worldwide. He has reversed engineered iOS code base and has run security stress tests on different aspects of the iOS system, such as timing and viability of passcode cracking.

Strafach Offers His Advice

Following are Strafach’s five pieces of advice for Apple.

// -- Become a yearly Platinum Member and save 69 USD and get access to our secret group on Workplace. Click here to change your current membership -- //

1) Many people have misinterpreted Apple’s public letter concerning the technique that could help break into the iPhone 5c. “The United States government has demanded that Apple take an unprecedented step which threatens the security of our customers,” the letter signed by company CEO Tim Cook says. “We oppose this order, which has implications far beyond the legal case at hand.” Strafach noted that the letter is referring to the issue of setting a precedent, not the technical issue.

Apple could comply with the order on a technical level by creating a RAM disk signed by the production certificate for the particular ECID of the suspect’s iPhone. Such a solution would permit Apple to use current technologies in the firmware file to provide access to the phone. Creating this disk would ensure there is no way the solution could work on another device.

Apple would show that breaking into an iPhone is doable and enable the FBI to use the case in the future as leverage. Giving the FBI this capability is the aspect that would impact the public.

Apple Will Set Precedent

If Apple assists in this, it sets a precedent for more technically difficult and unreasonable requests. The company will then have to explain why it cannot meet new requests. They will have to show why a new request differs from the last request.

2) Apple has encountered criticism about security issues in global markets it has been doing well in, such as China. If Apple does not fight the court order, it will lose standing with customers globally.

Blackberry was admired in the U.S. for taking a firm position on security, but it eventually succumbed when India demanded access to a user’s private data.

3) While the passcode attempt counter on the iPhone 5c can be done with little work, the FBI is asking to electronically make passcode attempts, which Strach sees as a “considerable issue.” To enable such attempts, Apple would have to adjust the SpringBoard source code powering the lock screen to add code and sign it with the production certificate so the device can run the code. Apple calls this is a “backdoor” since the order requests the company make an adjustment serving no purpose besides weakening iOS security. The modification weakens iOS security by enabling brute force attempts. If Apple complies, it again looks bad.

Why It’s Unreasonable

4) Not yet mentioned is the fact that the custom-signed RAM disk the FBI wants will not be possible to boot with the regular TSS restore servers that check firmware files being unloaded with each restore. To enable custom firmware to restore, the company would have to:

a) change the way the restore server works for this case, causing possible security issues of mistakes are made (something that could make the request unreasonable) or

b) bring the device onto its internal network and load the firmware with the restore server that is used internally. One can assume there is such an in-house server for restoring unreleased versions of firmware.

The company likely is not comfortable with what might occur on its internal network if it has to let in a phone belonging to a known terrorist. There is no way to know what might happen, considering that the FBI claims there is data it needs on the device.

Whether such arguments will convince a court is unknown, Strafach noted. The main point is that Apple has few technical arguments against having to comply with the order. The company’s objections can extend well beyond the moral positions it has publicly posted.

Also read:  Tim Cook: Building iPhone backdoor is ‘dangerous’; govt demand is ‘chilling’

The Public Relations Challenge

5) Apple has another public relations reason for opposing the order. It knows that if it complies, the FBI will be able to break the passcode quickly. Strafach, from his own testing, said a 4-digit passcode can be cracked in less than an hour and a 6-digit passcode in less than a day.

To a layperson, the company will not be able to argue against any claim that the company has decrypted the device for the FBI. Even though such a claim would not technically be true, it would only matter that Apple was taking actions to allow the FBI to gain access to once-encrypted data on an iPhone.

Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink.

Rate this post:

Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way.
0 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 5 (0 votes, average: 0.00 out of 5)
You need to be a registered member to rate this.
Loading...

4.8 stars on average, based on 4 rated postsLester Coleman is a veteran business journalist based in the United States. He has covered the payments industry for several years and is available for writing assignments.




Feedback or Requests?

1 Comment

1 Comment

  1. Real Anti-Racist Action

    February 19, 2016 at 7:38 pm

    Globalism has always been a bad idea. The Arab massacre of Americans is long over because none of their victims were armed, that is why more then three passed away.
    Their is no point for the FBI to do not, but to try and wither the few remaining freedoms away.
    The FBI is not with the people, they stand with the Zio-Rothschilds for now, and for ever more.
    http://antizionistleague.com/

You must be logged in to post a comment Login

Leave a Reply

Business

The Abyss Becomes First Startup to Test “DAICO” Concept

Published

on

An ICO by the name of The Abyss is looking to become the first project to test Vitalik Butrin’s “DAICO” concept. The founder of Ethereum outlined the new crowdfunding protocol in a post that appeared on the Ethereum Research Forum in January. If successful, The Abyss’ token raise could have profound implications on the budding world of ICOs.

// -- Discuss and ask questions in our community on Workplace.

The Abyss Token Sale

Next-generation gaming platform The Abyss is developing a token sale based on Butrin’s Decentralized Autonomous Organization Initial Coin Offering, or DAICO for short. The company will launch a month-long token sale on Mar. 7, with early participation giving investors a bonus of up to 25%. A hard cap of $60 million has been placed on the sale, with 1 ABYSS token valued at 24 U.S. cents. Minimum investment in the project is 0.1 ETH.

According to a post that appeared on the project’s Medium channel last month, The Abyss token raise “will represent an advanced and improved ICO mechanism, allowing token holders to control the fund withdrawal limit, also providing an option to vote for refund of the remaining contributed money in case the team fails to implement the project. With all this, The Abyss project is to become the world’s first Token Sale, pioneering and promoting the DAICO concept.”

The Abyss essentially serves as a multi-level referral platform allowing gamers to participate in in-game and social activities. It also allows developers to lower marketing expenses by directly engaging the gaming community.

// -- Become a yearly Platinum Member and save 69 USD and get access to our secret group on Workplace. Click here to change your current membership -- //

As far as we can tell, no other company has adopted DAICO yet. As a member of the Ethereum Enterprise Alliance (EEA), The Abyss could provide a valuable case study into the system’s viability and reception among investors. As it turns out, The Abyss is very well received by the blockchain community, with several third parties giving the company a favorable review.

DAICO Model

At the core of Buterin’s DAICO model is the need to minimize investor risk during an ICO campaign. The solution is to combine the current ICO structure with the DAO, The resulting DAICO system utilizes smart contracts to encode certain rules into the token raise that startups must follow from the very beginning.

For example, DAICO could stipulate that management receive “approval” from investors each time it wants to utilize funds generated from a crowdsale. In this case, the company would “tap” investors for approval, and the investors themselves would decide whether to grant the firm access to the funds.

DAICO systems can also implement KYC/AML standards and structure a campaign more transparently than current methods. Widescale adoption of this system could have a lasting impact on the blockchain economy by weeding out scams and other companies looking to generate easy cash to finance their business operations. Hacked covered the development of DAICO in a Jan. 19 article, which provides greater insight into Buterin’s thought process.

ICOs generated billions of dollars for hundreds of startups last year, but the parade may soon end as regulators begin clamping down on token raises. The U.S. Securities and Exchange Commission (SEC) has taken special interest in ICOs, warning companies that their definition of a “utility token” will come under intense scrutiny by federal regulators.

Although ICOs aren’t illegal in the United States, there’s a good chance they will be categorized as securities. Such a designation would make them bound by federal securities laws, something most ICO projects want to avoid entirely. Against this backdrop, many ICOs are electing to avoid the U.S. market entirely.

Disclaimer: The author owns bitcoin, Ethereum and other cryptocurrencies. He holds investment positions in the coins, but does not engage in short-term or day-trading.

Featured image courtesy of Shutterstock.

Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink.

Rate this post:

Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way.
2 votes, average: 5.00 out of 52 votes, average: 5.00 out of 52 votes, average: 5.00 out of 52 votes, average: 5.00 out of 52 votes, average: 5.00 out of 5 (2 votes, average: 5.00 out of 5)
You need to be a registered member to rate this.
Loading...

4.5 stars on average, based on 155 rated postsSam Bourgi is Chief Editor to Hacked.com, where he specializes in cryptocurrency, economics and the broader financial markets. Sam has nearly eight years of progressive experience as an analyst, writer and financial market commentator where he has contributed to the world's foremost newscasts.




Feedback or Requests?

Continue Reading

Business

Lessons From Venture Capital Craziness

Published

on

Financial technology or Fintech is a white hot area these days and lots of folks are after a piece of the action.  The payments business is one huge area of opportunity even before counting cryptocurrencies. When the global economy generates more than $90 trillion in GDP, that means lots of money constantly on the move.  Trouble is, these days, it moves slowly and at a high cost.

// -- Discuss and ask questions in our community on Workplace.

With that much at stake, there is no shortage of entrepreneurs with the next disruptive idea.  As an analyst and investor, it is hard to choose who knows their stuff.   Revulut got my attention and here is how it happened.

Venture Capitalists are wrong on about 95% of their investments but to put a valuation of this magnitude was quite unusual, maybe even a little crazy. The crypto buzz had a lot to do with Revolut’s capital raising success.

Last summer, Revolut founders Nikolay Storonsky and Vlad Yatsenko raised over $66 million in VC funding and another $23 million from Crowdfunding. That is serious money considering the company was scarcely a year old at the time with hardly any revenues.  This placed the implied value of the company between $200-$400 million.

// -- Become a yearly Platinum Member and save 69 USD and get access to our secret group on Workplace. Click here to change your current membership -- //

It would be easy to declare insanity in the ranks of venture capital.  An equally plausible conclusion is that a major source of risk capital has done their homework on crypto and has given their seal of authenticity.  Just something to keep in mind as the price of crypto is soaring and the word bubble comes up.    

About Them

The Revolut app allows customers to open a current account in under 3 minutes, and includes a prepaid contactless MasterCard debit card.  So far there is nothing unusual about Revolut. Sounds like about any other branchless bank.

The company marketing offers freebees like free international money transfers that could save users 3% so that is good.  Also there is free access to global ATM machines although no mention is made of what networks are included or their location.  

And there is one other caveat; the free ATM access ends when you withdrawn $250 in any month.  That is chump change for most people.  If you average closer to $500 per month at the ATM, you will want to select the Premium service.  That will cost $6.99 per month.

OK so not everything is really free but still $6.99 per month beats the $25-$35 charged by conventional banks.

Offering freebees can be a great way to attract customers but read the fine print before making any commitments.  In Revolut’s case you really have to dig into the details such as the limit of free ATM withdraw before little charges start to creep in.  And if you are an American here is the most puzzling detail taken directly from the company website.

“You can transfer money to banks in the United States using Revolut. However, if you are currently living in the United States, you cannot make a bank transfer from Revolut to your local bank account due to licensing restrictions.”  Something must have been lost in translation: what does this mean?

The firm launched personal international bank account numbers (IBANs) across Europe last summer.  So if you live in the United Kingdom or one a a dozen or so Eastern European countries, Revolut offers real value added services.  For the rest of the planet, not quite yet.

Since then they have begun integrating  currencies like Bitcoin, Ethereum and Litecoin.  Here is the sizzle to bring in new customers.  “Revolute will now be able to buy, hold and exchange Bitcoin, Litecoin and Ethereum in just 30 seconds at the best possible rates.”  There is a 1.5% fee for this service which is competitive with exchanges like Coinbase and others.

Revolut is adding other new services beyond cryptocurrency to lending and pay-as-you-go travel insurance at the tap of a button.  Altogether, not a bad business plan but it is the crypto connection that moves the needle.

VCs Depending On Experienced Management

Storonsky is more than a slick operator with a pretty pitch deck.  He and his partner have deep experience in the global payments business.  Nikolay spent years as a currency trader with Credit Suisse so he understands the level of fees charged by the current system.  

The technical wizardry, however, rests with his partner Yatsenko. Vlad spent over 10 years building financial systems for major Wall Street investment banks.  He serves as the company’s CTO.

Conclusion: Why Is Revolut Unique?

The global payments business has long been a gigantic oligopoly controlled by a series of networks, governments, banks and a group of oversized corporations such as Visa, MasterCard, Fiserv and others.  

Taken together it is like a mafia of financial behemoths interested in nothing more than keeping the status quo.  Perpetuating the system enables them to maximize the amount of fees for the mindless service of money transfer.  Revolut could be one of many disruptive forces but will it take $90 million to get them there.  Evidence shows the answer is most definitely no.  The cache of cryptocurrencies in the Revolut business mix has attracted Venture Capitalist and others to pay outsized prices for access.  Bravo for crypto investors everywhere.

Featured image courtesy of Shutterstock.

Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink.

Rate this post:

Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way.
0 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 5 (0 votes, average: 0.00 out of 5)
You need to be a registered member to rate this.
Loading...

4.3 stars on average, based on 21 rated postsJames Waggoner is a veteran Wall Street analyst and hedge fund manager who has spent the past few years researching the fintech possibilities of cryptocurrencies. He has a special passion for writing about the future of crypto.




Feedback or Requests?

Continue Reading

Business

Are You Considering a Career in Crypto?

Published

on

In 2008, a bizarre and esoteric technology by the name of bitcoin was introduced to the world in a whitepaper penned by Satoshi Nakamoto. Just one decade later, that whitepaper would spawn a budding industry racing toward the trillion-dollar mark.

// -- Discuss and ask questions in our community on Workplace.

At the time of writing, there are more than 1,550 cryptocurrencies trying to do a variation of what bitcoin has accomplished. Hundreds more are expected to be created this year alone. To bring these currencies online, startups, institutes and not-for-profits are depending on a talented workforce made up of engineers, analysts, marketers and business professionals.
That’s a long-winded way of saying the crypto-economy is hiring, and there’s no shortage of opportunity. Recently, freelance marketplace Toptal announced it was launching a blockchain engineering platform for talented technology professionals. As TechCrunch pointed out, this is a huge deal because Toptal represents about half of “on-demand engineering labor by revenue.”

Blockchain Talent Demand: By the Numbers

Blockchain engineering has quickly emerged as the fastest-growing segment on Toptal. Since January 2017, demand for professionals in this category has surged 700%. The company also reports that some 40% of fully managed software development jobs in the last month require blockchain skills and domain knowledge.

Toptal isn’t the only freelance community witnessing a surge in blockchain skills. Upwork also reported blockchain as the fastest-growing skillset in terms of revenue, with billings skyrocketing 35,000% year-over-year. For a site like Freelancer, bitcoin job posts grew 82% in the third quarter alone.

// -- Become a yearly Platinum Member and save 69 USD and get access to our secret group on Workplace. Click here to change your current membership -- //

It’s not just freelancing websites that are witnessing an upsurge in blockchain-related job posts. Last year, LinkedIn reported that finance companies saw a 900% increase in bitcoin-related job postings since 2014. There are now tens of thousands of users who list “blockchain” as one of their available skillsets.

At the time of writing, there are 1,060 “cryptocurrency” jobs listed on the U.S. section of Indeed.com, one of the world’s largest job boards. The “blockchain” job category had nearly 3,200 hits. Pretty much all of the jobs had a minimum salary of $70,000 per year and about 40% paid six figures.

Job Categories

From the author’s perspective, working in blockchain/crypto usually involves one of the following organizations:

  • startup company launching an initial coin offering (ICO)
  • an advisory service helping ICOs launch their product
  • a large technology or financial services company utilizing blockchain technology
  • an institute or not-for-profit researching blockchain applications and use case

In terms of job categories, you are mostly looking at the following:

  • Technical: Software developers, engineers, programmers and other IT specialists get the lion’s share of job postings.
  • Writing and Marketing: This is a fairly broad category that covers journalism, content development and copywriting. If you understand blockchain technology and the world of crypto and have good writing skills, there’s no shortage of opportunity.
  • Advisory Services: Domain experts can charge a premium advising startups on how to navigate the crypto sphere. Experts usually make it on to an ICO’s adviser page.
  • Legal: We are seeing a steady rise in legal services that assist token issuers navigate the regulatory requirements of cryptocurrency crowdfunding.

It’s clear from many of these categories that most people didn’t specialize in blockchain initially but have applied their skills and experience to the domain. Depending on how you view the future, specializing may or may not be a good idea.

In mainstream and institutional circles, blockchain is much more of a sure thing than cryptocurrency. That’s one place budding professionals can focus on if they do decide to enter the labor market.

Disclaimer: The author owns bitcoin, Ethereum and other cryptocurrencies. He holds investment positions in the coins, but does not engage in short-term or day-trading.

Featured image courtesy of Shutterstock.

Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink.

Rate this post:

Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way.
5 votes, average: 5.00 out of 55 votes, average: 5.00 out of 55 votes, average: 5.00 out of 55 votes, average: 5.00 out of 55 votes, average: 5.00 out of 5 (5 votes, average: 5.00 out of 5)
You need to be a registered member to rate this.
Loading...

4.5 stars on average, based on 155 rated postsSam Bourgi is Chief Editor to Hacked.com, where he specializes in cryptocurrency, economics and the broader financial markets. Sam has nearly eight years of progressive experience as an analyst, writer and financial market commentator where he has contributed to the world's foremost newscasts.




Feedback or Requests?

Continue Reading

Recent Comments

Recent Posts

A part of CCN

Hacked.com is Neutral and Unbiased

Hacked.com and its team members have pledged to reject any form of advertisement or sponsorships from 3rd parties. We will always be neutral and we strive towards a fully unbiased view on all topics. Whenever an author has a conflicting interest, that should be clearly stated in the post itself with a disclaimer. If you suspect that one of our team members are biased, please notify me immediately at jonas.borchgrevink(at)hacked.com.

Trending