Comments by "Crazy Eyes" (@CrizzyEyes) on "Court Orders Police to Give Man's Phone Back After 175M Failed Password Attempts" video.

  1. ​ @gobdeep It's worth noting that according to any reasonable security standard, Apple or Google or any other vendor shouldn't be able to simply unlock your device just because they're the vendor. That's absurd, but it's what happens when alphabet agencies shove their fingers everywhere.
    2
  2. ​ @michaels8607  The second request is easily doable, the first should be easily doable but I haven't looked into that use case specifically.
    1
  3. ​ @edwardlenovo3240 It is naive to assume you know all illicit entry devices and methods because they change every day. Perhaps there will be physical keyloggers soon that a criminal could install on the underside of your phone screen so they could get your password through position of finger touches. Match that exact pattern a few times, and you can easily deduce that it's the passcode. Just one thing I came up with off the top of my head.
    1
  4. I've worked in software for 10 years. The simple answer to your question is that it doesn't matter. Security standards have only increased over time and will continue to get better. Any arbitrary number you choose for password attempts will be irrelevant in less than 10 years. Actually, the new ideal to shoot for is passwordless security. The police will not only need to confiscate your phone but some other device to unlock it, or perhaps there will be an even better security measure in the future that I haven't thought of. Fingerprint and face scans are already way better than a stupid 6 digit number.
    1
  5. ​@theoneandonlysoslappy Not really, no. The ultimate access to a device is physical access. What the police are doing is like taking your safe from your home where you could say "Hey, stop messing with my safe" and moving it to the station where they can break in with impunity. Unfortunately for them, the safe in this case takes decades to cut through. It's virtually the same as an encrypted storage drive that they've removed from the device so they can try to hack it without getting stopped by the password interface.
    1