Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Database Security
Authentication
Mobile
Privacy
Compliance
Careers and People
Identity & Access Management
Security Monitoring
Advanced Threats
Insider Threats
Vulnerability Management
Comments
FBI Vs. Apple: Privacy Syllabus
Newest First  |  Oldest First  |  Threaded View
<<   <   Page 2 / 2
Dr.T
Dr.T,
 User Rank: Ninja
2/25/2016 | 4:46:01 PM
Re: yay
Personally I like is a slide mode better than an article with bunch of paragraphs.
Dr.T
Dr.T,
 User Rank: Ninja
2/25/2016 | 4:44:50 PM
There is a way out
Since FBI asks for a modification in the firmware, Apple can do this with a cost that can only work on that phone. Anything that goes beyond that is just a show. I love apple and using all their products, reality is they are for profit company, when they say I want to secure you data they mean I want to make more profit, this is not about my security or privacy.
ANON1251553927262
ANON1251553927262,
 User Rank: Apprentice
2/25/2016 | 10:54:04 AM
Dark Reading's Primer on FBI vs Apple
I am surprised that you have not 1 opinion from the other side.  I am sure that there are reasoned, intelligent opionions in the opposite direction.

 

I am having serious trouble with this issue.  The part of me that works for / with the Government says, "Damn straight, open that box here is the warrant."  The part of me that is still a hippi of the 60s says, "Hold on there cowboy."


I want to believe that organizations (private and public) have for the most part honorable intentions.  It just doesn't seem that way.  Once the tool is there some Apple employee will take the 50,000 bribe to sell it to Mr. Terroristsky.  If not at Apple, the at some government branch where it was just laying around.

Tough choices all around.  Good luck, America.
cyclepro
cyclepro,
 User Rank: Strategist
2/25/2016 | 9:28:19 AM
Apple vs FBI
You would think that with all of the resources available to the federal goverment that they should be able to crack it (or be able to bypass it).

I think that it is wrong for the goverment to force a company to reveal it's secrets. Let the goverment go out. buy an iphone and crack it themselves..

 
Whoopty
Whoopty,
 User Rank: Ninja
2/25/2016 | 7:01:06 AM
Solid Support
It's really heatening to see so many individuals and companies stand up in defence of Apple's actions and that Apple/Tim Cook are willing to go so hard to defend their position. The latest rumor I read is that it will be citing the first and fifth amendments in its defence, which suggests to me that it's really digging its heels in.

I think this case will set a lot of precedents, so I have my fingers crossed. 
hewenthatway
hewenthatway,
 User Rank: Strategist
2/24/2016 | 5:29:01 PM
yay
Great!  Another multi-click adventure! /s
<<   <   Page 2 / 2


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
The 10 Most Impactful Types of Vulnerabilities for Enterprises Today
Managing system vulnerabilities is one of the old est - and most frustrating - security challenges that enterprise defenders face. Every software application and hardware device ships with intrinsic flaws - flaws that, if critical enough, attackers can exploit from anywhere in the world. It's crucial that defenders take stock of what areas of the tech stack have the most emerging, and critical, vulnerabilities they must manage. It's not just zero day vulnerabilities. Consider that CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilitlies in widely used applications that are "actively exploited," and most of them are flaws that were discovered several years ago and have been fixed. There are also emerging vulnerabilities in 5G networks, cloud infrastructure, Edge applications, and firmwares to consider.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2023-1142
PUBLISHED: 2023-03-27
In Delta Electronics InfraSuite Device Master versions prior to 1.0.5, an attacker could use URL decoding to retrieve system files, credentials, and bypass authentication resulting in privilege escalation.
CVE-2023-1143
PUBLISHED: 2023-03-27
In Delta Electronics InfraSuite Device Master versions prior to 1.0.5, an attacker could use Lua scripts, which could allow an attacker to remotely execute arbitrary code.
CVE-2023-1144
PUBLISHED: 2023-03-27
Delta Electronics InfraSuite Device Master versions prior to 1.0.5 contains an improper access control vulnerability in which an attacker can use the Device-Gateway service and bypass authorization, which could result in privilege escalation.
CVE-2023-1145
PUBLISHED: 2023-03-27
Delta Electronics InfraSuite Device Master versions prior to 1.0.5 are affected by a deserialization vulnerability targeting the Device-DataCollect service, which could allow deserialization of requests prior to authentication, resulting in remote code execution.
CVE-2023-1655
PUBLISHED: 2023-03-27
Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.4.0.