Feeds

back to article 'Who knew in 1984 that Steve Jobs would be Big Brother?'

This was the week when Linus Torvalds, chief Penguin of LinuxLand, unleashed not one, but two mighty rants on the interwebs. First, Torvalds said he resented recent attacks on the integrity of the kernel's security. This is after a call was made for the use of Intel processor instruction RdRand for generating random numbers to …

COMMENTS

This topic is closed for new posts.
Silver badge

Linux, and why I don't love it

I get it, open source is a good thing, and the people who work on free, open source operating systems must be very clever. Being clever doesn't mandate being a total dick about things though. If the guy a the top is a total tool, people throughout the collective also behave like tools because it must be the 'right' thing. And this is why I don't embrace the open source community more fully.

I know mentioning Linux without giving it a blowjob invokes the downvote army, whatever. Easier than open discussion.

7
11
Bronze badge

Re: Linux, and why I don't love it

So you criticize Linus for being a dick in a post in which you behave like a total dick.

But it's ok, you don't write free software so you are entitled to do it.

12
3
Bronze badge

Re: Linux, and why I don't love it

A reach around would probably suffice

3
0
Silver badge

Re: Linux, and why I don't love it

" If the guy a the top is a total tool, people throughout the collective also behave like tools because it must be the 'right' thing. And this is why I don't embrace the open source community more fully."

You (like many others) have made that annoying assumption that open source == Linux

Ther are plenty of opensource projects being run in different ways that have nothing to do with Linus, or indeed Linux.

2
0
Silver badge
Paris Hilton

Irony

So thick it wobbles the mind.

1. Famous ad for the first MacIntoshs - "Big Brother"

2. Subsequent ads promote this independence and superior advanced technology

3. People PAY to be spied on. - iPhone

4. ITunes, iCloud - self explanatory

Google "apple macintosh ad"

8
3
Silver badge

The Free software foundation are talking without knowledge, the Fingerprint sensor may be network accessible or it may not be. Typically a secure subsystem like that will be designed to store the print data securely and locally. The question is, is there a path in terms of data bus layout or data-bus layout in combination with security chip design whereby the CPU can access the print. There are three distinct likely possibilities which match Phil Schiller's statement on the security (more unlikely ones but I won't touch on those)

1. No, the security chip and firmware are entirely discrete and non upgradable and have a small amount of local storage with a simple CPU side interface which allows new "prints" to be taken and confirms or denies when a scan has passed.

2. The security chip firmware can be upgraded such that a modification could direct the "print" data to the CPU. But the firmware will be protected by a locked bootloader and only those with the key can access it. The "print" data is not accessible by the CPU unless subverting firmware is installed.

3. The data is accessible directly by the CPU, but isn't as a matter of policy.

1. Is obviously the strongest but is bad if a weakness is later discovered and hackers with physical access to the phone can exploit it. My money is on 2. in which case if Apple state clearly and publicly the firmware is secured, then that is quite a big commitment to break and would destroy the brand if they made the claim now, after recent revelations but got caught out at a later date. Note however this doesn't entirely rule out the NSA being able to subvert individual phones on a case by case basis. If they had that capability or there is any weakness they have an exploit for in the secure bootloader, (or backdoor, which may even not be known to Apple - yes that's the weird subverted security world we now find ourselves in, 4 months ago such a consideration would not have been taken terribly seriously) they wouldn't want to be doing that on a mass basis (though not so sure about pre-Snowden NSA) or if they can legally force Apple's hand to target individual handsets with a firmware change that too remains a problem. 3. Clearly 3 Should raise the most alarm bells

Unless we know which is the case it's premature to comment. Unfortunately Apple are taking the road if security by obscurity which, as a phrase, should be re-written as "security if you believe us, possibly."

I think they should issue more details, with at the very least informing if the system is 1, 2 or 3 above.

1
1

"I think they should issue more details..."

I agree, but this is Apple we're talking about. The few details that will never be released are the minutes of the marketing meeting concerning this new "feature", I'll just assume it went like this:

exec_drone_1 : we need more innovation for our "new" product

exec_drone_2 : How about biometrics? I like that word....

exec_drone_1 : Hasn't been done before, and proved rather, uh, gimmicky?

exec_drone_2 : Screw it, this on a mobile device!

->files vague patent

http://www.theregister.co.uk/2004/10/05/biometric_thinkpad_t42/

2
0
Silver badge

Apple have already said that the biometric sensor is connected to a separate chip with it's own storage, and all the OS can do is read validation results from the chip, and request that new identifiers are added to the on-die storage. Your fingerprint is never in any memory addressable by the main processor.

0
1

Well they would say that, wouldn't they?

4
2
Silver badge

"Apple have already said that the biometric sensor is connected to a separate chip with it's own storage, and all the OS can do is read validation results from the chip, and request that new identifiers are added to the on-die storage. Your fingerprint is never in any memory addressable by the main processor."

That's very interesting, any chance of a source?

I heard Phil Schiller say words to that effect, but I thought not quite that specific, though I didn't make a note at the time. So that being the case, if they have been that specific, they may be somewhere between 1 & 2. The key question is if the fingerprint subsystem can relay identifiers to the processor if there is a change of firmware. If yes, it's scenario 2. I've laid out above. If no, it's scenario 1 or a slight variation close too it.

BTW, my assumption in what I have said is the fingerprint recognition processing doesn't involve the main processor, which would be the case if what you have outlined is accurate. Most commenters seem to be assuming it would and that this is one of the reasons they have gone 64bit. I assume it wouldn't because, having worked for security tech clients (I'm not an expert though I have to say) to keep it in the subsystem is a natural and standard design and exactly what I would expect the Authentec technology Apple purchased to bring to the mix. I carefully worded my remark above to avoid this potential difference because there are so many subtleties and possible combinations of solution, though it is an important one and if everything is security subsystem side it is possible the solution is a combination of 1 and 2 where only the fingerprint interpretation function is hard wired. Then the digital "print" can't be obtained, ever, without resorting to an electron microscope, though potentially device access could still be compromised (with a convoluted subversion of the system) if a firmware upgrade would allow that.

1
0

Linus really lost it? Really???

A quick read of the thread will show that a) Linus was (for Linus) being *very* mild mannered and b) it was part of a serious discussion about the nature, consequences and frustrations of trying to cope with explosion of interfaces / features of ARM based systems. As someone that occasionally has to dabble in these areas I share his pain - but probably in more explicit terms.

3
0
Silver badge

Re: Linus really lost it? Really???

"It was part of a serious discussion about the nature, consequences and frustrations of trying to cope with explosion of interfaces / features of ARM based systems. "

Ah yes, and of course, most such discussions involve wishes of death etc:

and I hope that ARM SoC hardware designers all die in some incredibly painful accident.

So if you see any, send them my love, and possibly puncture the brake-lines on their car and put a little surprise in their coffee, ok?

Now, I'm not suggesting that he was being serious, but come on, how on earth can you try to justify that?

"Fred", you forgot the pengiuin icon - your biased linux fanboism is showing in spades

0
4

Iphone, shmIphone....has anyone thought of the children ?????

I believe that the fingerprint reader concept is cool as a gimmick but ultimately it will go the way of the Dodo or at least be as used as it currently is for personal computers: something a minority uses. The idea of Spooks obtaining fingerprints from this reader I find it quite romantic, to say the least, given that obtaining fingerprints is really trivial.

I am however, more concerned of the last part of this article: Natural selection being replaced by cultural selection. Has anyone recently checked the latest trends, fads, religions, etc ? the movie IDIOCRACY comes to mind.....

3
0

Re: Iphone, shmIphone....has anyone thought of the children ?????

I had to go out and get a copy of Idiocracy. Totally agree, though I doubt it'll take 500 years.

Just one major omission... no obesicles in that giant Costco?

0
0
DJO
Bronze badge

Well that's secure then

"Apple have already said that the biometric sensor is connected to a separate chip with it's own storage, and all the OS can do is read validation results from the chip, and request that new identifiers are added to the on-die storage. Your fingerprint is never in any memory addressable by the main processor."

So all you need to do is put a validation signal to a couple of pins on this "special" chip to bypass the sensor completely, that'll cheer up the NSA people no end.

0
0
Silver badge

Re: Well that's secure then

And how do you do that when a) the signal will be digital with a secure handshake where the input has to have the same timing as the bus your tapping into , b) any sensitive parts will likely be sealed solid in a hard resin (internal buses, processor etc) just so that attempts to gain access will likely destroy said equipment? Security firms such as Authentec, who Apple purchased, do know a little bit about creating secure systems you know. Of course if you have enough money and resources there is a way around such measures. However it might take a couple of goes, or access to an Electron Microscope (in which case you need a lot if time - Chinese hackers trying to gain access to pay-tv conditional access cards have reportedly resorted to such). Unfortunately if you don't have an electron microscope, if you need a second go it will be because you've damaged the handset belonging to your target, in which case you've failed.

2
0
Silver badge

What the scanner does do well

With just a pass code lock, you can identify that an authorised phone user made a call. With this you can demonstrate exactly who it was. Loss of any semi-plausible deniability.

2
0
J 3
Gimp

Re: What the scanner does do well

...and when someone easily copies one's fingerprints, hilarity ensues.

0
0

Re: What the scanner does do well

>> With just a pass code lock, you can identify that an authorised phone user made a call. With this you can demonstrate exactly who it was. Loss of any semi-plausible deniability.

Never used an i-anything, but does that mean you don't have an "Emergency call" option? i.e. the ability to manually enter a number and make a call without unlocking the phone and accessing the contact list

0
1

Re: "Emergency call"

I think there are relevant regulations in various jurisdictions that mandate it be possible to make an emergency call.

However it is just that, only the local emergency number can be called.

0
0
J 3

Re: What the scanner does do well

And it didn't take long, apparently:

http://www.theregister.co.uk/2013/09/22/iphone_5_touchid_broken_by_chaos_computer_club/

0
0

Moore's Law has been dead for years.

What was the fastest CPU available in 2006, IIRC it was around 3.3 ghz, now what is the top speed of a 2013 CPU, I've seen an article or two about 4ghz ones, and granted the "cores" are doubling every now and again, but that isn't doubling the "speed" now is it?

If Moore's Law was really still in effect, we would all have 50ghz CPUs today, instead we have roughly the same speed as 2006, just with 8 cores.

0
4

Re: Moore's Law has been dead for years.

I think you should read up on the actual definition of Moore's Law.

2
0
Facepalm

Re: Moore's Law has been dead for years.

> If Moore's Law was really still in effect, we would all have 50ghz CPUs today, instead we have roughly the same speed as 2006, just with 8 cores.

FAIL.

Moore's law predicts a doubling of transistors on a chip. Nothing to do with clock speed.

http://lmgtfy.com/?q=moore%27s+law

3
0

Re: Moore's Law has been dead for years.

I will agree that the definition is for number of transistors on a chip, but adding cores is not what common people associate with Moore's Law, we think of the %40 clock rate increase that comes with the increase in transistors per die. If they are not going to get any faster, then who cares if they are doubling the number of transistors on a chip? If I wanted a dual chip system in 2006 I could always just buy a Xeon, just like if I want a 16 core system, I could find someone that is building a 16 chip system, or I could create a Beowolf cluster.

I want speed.

0
2
Bronze badge

Fingerprint scanner

I don't know a lot about how the thing is wired up, but rather than all the various and highly technical ways discussed above, wouldn't it be easier to compromise the system with a bit of relatively benign malware that merely pretended to lock the phone, so you scan your print in to unlock it but instead the malware copies the fingerprint?

I genuinely don't know if that's possible, I don't know if the phone has access to the actual scanner or if the whole thing really is a discrete system so the rest of the system can't see the scanner part, I'm sure others will tell me :)

0
0

There are many forms of natural selection

One of the most active in evolution is the question of "who to mate with". We haven't put an end to that one. The girls still decide who gets their end away... as it should be of course. Clever chaps find out what the ladies like and provide it, amplifying cleverness - of various kinds - in the gene pool over the generations.

But unfortunately the ability to make beautiful programmes about charismatic mammals is not at all the same thing as actually understanding that evolution thingy.

0
0
This topic is closed for new posts.