Skip to main content

Thoughts on Apple vs the FBI

According to this article on the Verge, the FBI basically wants Apple to create a system that allows them to make an unlimited number of guesses, at speeds of 80 ms per guess. On a 4-digit passcode, this means that the pass-code is cracked in just under 14 minutes. With a 6-digit pass-code, it will be cracked in just about 22 hours.

However, if Apple allowed creation of pass-codes of unlimited length, and someone chose a 10-digit pass-code (if you think that is hard to remember, keep in mind that most people memorise multiple 10-digit phone numbers), then the time required to crack it is around 25 years. However, the FBI or anyone cracking the pass-code also needs to know the length, so they will have to try all the way from 1-digit pass-codes to 10-digit pass-codes. 9-digit pass-codes will take around two and a half years, while 8-digit pass-codes will take 3 months.

So while I do appreciate and support Apple's resistance to the FBI, I think that they will be much better off asking people to set up 10-digit or longer pass-codes in the future.

Where did we start with 4-digit pass-codes? From ATM machines, where people had to enter these numbers by hand? Really, we ought to move towards longer pass-codes and pass-phrases.

This xkcd comic shows how to create secure pass-phrases. Just choose 4–6 words at random and join them together to create a rather secure pass-phrase. Or just use diceware.

Popular posts from this blog

Progressive Snapshot: Is it worth it?

I turned 25 last year, which in the highly mathematical and calculating eyes of the US insurance industry meant that I had suddenly matured into a much more responsible driver than I was at 24 years and 364 days of age. As a result, I expected my insurance rates to go down. Imagine my surprise when my insurance renewal notice from GEICO actually quoted a $50 increase in my insurance rates. To me, this was a clear signal that it was time to switch companies.Typically, I score really high on brand loyalty. I tend to stick with a brand for as long as possible, unless they really mess up. This qualified as a major mess up. As a result, I started shopping for insurance quotes.Two companies that quoted me significantly lower rates (30%–40% lower) were Progressive and Allstate. Both had an optional programme that could give me further discounts based on my consenting to the companies tracking my driving habits. Now, I am a careful driver – I hardly ever accelerate hard. I hate using the brak…

Cornell Graduate Students United: At What Cost?

On Monday and Tuesday, we graduate students at Cornell will be voting on whether or not we want to unionise. Actually, scratch that, only graduate students who hold a TA, RA, or GRA appointment can unionise.This is a shitty arrangement, and I will be voting against it.For those of you who are not aware of how graduate school works at Cornell, you could be on one of many appointments.FellowshipA graduate student on a fellowship gets a stipend and tuition paid without associated teaching or research opportunities. Graduate students on a fellowship typically work towards their own theses, but will be excluded from the unionGraduate research assistantshipsA GRA gives a graduate student stipend and tuition without teaching responsibilities. However, this money comes out of a specific project grant, and the students typically work on their own theses. Students on GRAs magically qualify to join the union, whereas there is virtually no difference between a GRA and a fellowship for the most pa…

De-addicting

I’m on a process to break away from the distractions of social media, primarily Facebook, and spend the time to pursue other interests. This is an interesting experiment, and it has required significant dedication and effort on my part. At the end, though, I’m not certain if I’ll be successful.I realised that I had a problem when Facebook became the most visited sites in my browser. I should have been working, not scrolling through Facebook like a, well, you know what Jerry Seinfeld has to say. I further noticed that I would tend to log on to Facebook every time I was stuck at work, so that my capacity to tackle problems was reduced to only those that involved cracking a walnut shell. Anything more complex, and I would procrastinate and end up on Facebook.What I needed was a swift kick in the arse to get off Facebook and into the real world. It came through the means of my latest project which required all my attention. At this time, I logged out of Facebook from my work computer and …