I'm very excited and intimidated by WebGL and other graphics/animation platforms for the web. It's something I've always been very interested in but I don't have any clue on how any of it works. I think it will probably always remain mostly separate from the type of typical web dev work I do, but I still want to learn it.
I'm not too familiar with how iPhone hardware is put together, but is there a possibility of performing a forensic extraction of the flash memory and performing a brute-force attack offline? Or does the conversion of PIN to the storage encryption key happen in the secure enclave, which may resist such forensic meddling?
Each iPhone comes with a unique key burned into the processor. I believe the PIN is cryptographically combined with the unique key to derive the encryption key on device. That makes offline brute-force intractable without knowing the unique key (or somehow getting it out of the chip by looking at it or something, but it won't be easy).
Ah yes, the infallible password that's really small and hard to see. I'm sure the guys at the NSA were all "man we'd need, like, a microscope or some shit to read that!" and just went to lunch and called it a day. There is literally nothing Apple could do to have a key of some sort on their processor that wouldn't be laughably easy for a well funded organization to get access to.
I am no expert in that sort of stuff, so I have no estimate of the difficulty of it. I'd imagine it's too costly to be worth doing on every random iPhone in every random investigation, but if someone really really wants it, then yes. The weakest link most of the time remains the stupid unencrypted iCloud backup.
If you actually care about security, use a long alphanumeric password. It's not a big hassle when you have Touch ID. If you are ever in trouble, try turning the iPhone off immediately or quickly touch your fingerprint reader a few times with a wrong finger or enter the passcode wrong five times (so that Secure Enclave discards the cached decryption key and no longer accepts fingerprints). Also, use Apple Configurator tool to make your iPhone "Supervised" and don't let it pair with any new computer. And disable iCloud backup entirely.
If you really care about security from an organization like the NSA, the only option is either to have it be entirely air gapped or to be entirely open source, including BIOS and UEFI firmware and anything else that might run on the hardware. There are really no feasible options, and especially so in phones.
Not being able to read the key material with a microscope (optical or electron) is a specific design goal for these things. This takes me back more than 30 years to my very first job, the summer between high school and college. I had to disassemble and modify a number of crypto units used in the banking industry. These things had all sorts of mechanisms to make it hard to access the key, including zapping the EPROM containing the key with very high voltage if any of the case intrusion switches were tripped. My boss cheerfully informed me that the previous model had used a small explosive charge, and this new one was a safer alternative!
You probably can, but this isn't to access the phone of some international criminal mastermind but of some guy that was picked up on the corner for peddling drugs. Its not like the NYPD can dump 500,000 or more for every phone they need to access.
What worries me is that this will lead to laws being passed that will criminalize refusal to hand over passwords and encryption keys.
the secure enclave stores the actual encryption key. I'm not sure if it's just unlocked or generated from the PIN, but in either case they can only brute force the actual encryption on the flash and not the pin offline.
I think Dark Souls is one of those few games that does a perfect job of projecting the emotions of the hero and the atmosphere of the world onto the player's own emotion and perception. It could have used more guidance at the onset, and it doesn't clearly convey the type of game you're about to play (I was expecting something like God of War meets Skyrim), but once I pushed past the first region or two, it became one of my favorite games. Learning more about the lore took it up a few notches.
Large typography is trending. Personally I love it because I have a 30inch monitor that sits further back. It's way better for the eyes and just feels more natural.
I've started canceling all of this stuff recently because it's too expensive and seeing this $200 bundle makes me glad I did. That is a lot of money for essentially no value.
