Archive

Archive for February, 2016

How could Apple help bypass an iPhone Pin?

February 17, 2016 Leave a comment

This week BBC news reported that Apple would not help the FBI bypass the pin on one of their phones

The FBI have apparently asked Apple to create two assistive technologies :

“Firstly, it wants the company to alter Farook’s iPhone so that investigators can make unlimited attempts at the passcode without the risk of erasing the data.

Secondly, it wants Apple to help implement a way to rapidly try different passcode combinations, to save tapping in each one manually.”

Ignoring who is right or wrong in this matter – these are not uncommon requests – I’ve been asked by various governments and “three letter agencies” in the past to do exactly the same thing, which I too have politely declined.

Reading between the lines, the FBI requests would indicate an admission that the actual cryptography within the iPhone is robust and correctly implemented – and that there are no discovered back doors which would allow the FBI access to the data without Apple’s help.

So we can assume that the FBI cannot usually access data stored on iPhones. What help can Apple give?

Read more…

Advertisements
Categories: Encryption, Privacy Laws Tags: , ,

Elective Age Ratings, Breaking down Age-Label

February 9, 2016 Leave a comment

age-de-xml_age-label-de_startbild_282x297This week I was introduced to the web site age-appropriate rating system Age-Label, sponsored by OMK in Germany. Proposed as a standard for self-regulation of web sites, it allows owners to insert a small xml file “age-de.xml” in the root of their websites which defines the appropriate age ratings of the site, or subsections of such. I dug deep into the system and did some trawling across the internet to find out how used it is.

You can read an English translation of the standard online.

It would seem like a good idea – instead of relying on a third party to analyse the content of your site and make a determination on what age groups it’s appropriate for, web site owners can define it for themselves. The XML file also allows you to specify different sections of your website for different age readers.

Of course, this requires some appropriate technology on the readers device to look for, interpret, and act on the age-de.xml file – but if you imagine a world where the majority of sites are (honestly) tagged, and browsers use the xml data, and parents set the browsers with the appropriate age information, we could indeed go a long way towards protecting minors from inappropriate content.

Read more…