Apple 1 – FBI 0

The FBI has suspended proceeds agains Apple in the case where they were attempting to force Apple to write a custom OS for the use of the government to gain access to an iPhone 5C.

In all likelihood, this is the end of the case, though the FBI has until April 4th to resume the case.

iOS Passwords are very secure

All recent iOS devices have two very important security features that cannot be overcome. First, all attempts to check the password must be done on the phone. Second, there is a hardware limit of 80ms (0.08 seconds) before you can check another password. Neither of these security limits can be changed, subverted, overcome, bypassed, or in any way mitigated.

Because of the hardware limit of 80ms per guess, short alphanumeric passwords are very secure in iOS. For example, a 6 character password using only 0-9A-Za-z yields a password that takes well more than a century to crack:

(62^6) * 80 ms = 52,592.8107 days

Even using ONLY A-Za-z would take 50 years:

(52^6) * 80 ms = 50.1204957 years

Increase it to 8 characters and it’s 135 thousand years. 8 characters of upper and lower case. Yes, a password like frjAgntq would take 135 thousand years to crack, regardless of how fast your computer is. Hell, with 8 characters even an all cap or all lowercase password (assuming you know the password is using only A-Z) is still over 500 years.

That’s right, a random password of zafheenp will take until the 26th century to crack, just based on the hardware limit of 80ms per guess.

If you count all the 102 characters on the 4 iOS keyboards (not counting any longpress characters) then a six digit password would take nearly three thousand years to check all possible combinations and an 8 character password would take 30 million years.

Non-Sponsor: BBEdit

BBEdit is one of the few applications that I use every day. It may seem strange to pay for a text editor, but BBEdit is such a joy to use and does so much for me that I find myself using it even where they might be other tools that might be more efficient. For example, I tend to use BBEdit via a shell worksheet to batch rename files, even though that functionality is built-in to the Finder.

Pebble Time after two months

Well, the Pebble Time watch band has recently caused a rash onIMG_0009 my wrist. There’s no blistering, but the rash is a bit tender and I’m not sure I can keep wearing the watch.

As far as I know, I am not allergic to latex, so I don’t know what has caused this.

No, really, web advertising is broken

There’s been a lot of discussion, both on the web and in podcasts, about the broken state of web advertising. On the one hand, you have people who make their livings because of advertising pointing out that without ads, they can’t make money and they can’t provide “free” content to users and that users will not pay for content.

On the other hand you have users who are saying, “No, your ads suck.” And they are right.

Continue reading No, really, web advertising is broken