FBI Back To Complaining About Encryption Making It Difficult To Scrape All Data From A Dead Person’s Phone
from the can-it,-chris dept
It’s 2016 all over again. The FBI can’t get everything it wants from a dead person’s phone, so it has decided to start revving up its anti-encryption engine. The DOJ took Apple to court in hopes of securing precedent compelling tech companies to crack encrypted devices for it after it recovered the San Bernardino shooter’s iPhone. That attempt failed. But that hasn’t stopped the complaining.
Before we get into the latest bout of whining to Congress, let’s take a look back at another date: May 29, 2018. That’s the date the FBI acknowledged it had seriously overstated the number of uncracked encrypted devices in its possession. That was the same day it promised to deliver an updated, far more accurate tally of these devices. It has been 2,246 days since that promise was made — 6 years, 1 month, and 23 days. That number still has not been updated.
However, that six years has been filled with FBI Director Chris Wray’s intermittent bad faith attacks on encryption. If nothing else, no one should allow the FBI to push anti-encryption arguments until it hands over the updated number of devices so everyone has the same facts available to gauge exactly how big the “problem” is.
But the latest round of complaints sound like the ones made in 2016. Even though the FBI was able to break into the Trump rally shooter’s device thanks to unreleased software provided by Cellebrite, Chris Wray is telling Congress that being able to break into a phone simply isn’t enough. All encryption must go, not just that protecting the device itself.
Wray said the bureau is facing challenges with getting into “encrypted messaging applications” used by Thomas Matthew Crooks, who was killed by a Secret Service counter-sniper team after firing at least eight shots toward the stage at the July 13 rally in Butler, Pennsylvania. Reports said officials have identified at least three such accounts.
Speaking to the House Judiciary Committee, Wray said that in some cases, the FBI is waiting on “legal process returns” to get into the accounts. He did not specify what companies or services host them.
Wray is presenting the reality of all criminal investigations like it’s evidence that the criminals are constantly one step ahead of the feds, even when said criminal is dead and neither facing prosecution nor capable of committing more crime. It’s not a great test case for anti-encryption legal battles or legislation, much like the last time the FBI made a lot of noise about not being able to get into a dead person’s phone.
But that’s not all Wray said. This part is even worse and a whole lot stupider.
“This has unfortunately become very commonplace,” he said. “It’s a real challenge not just for the FBI but for state and local law enforcement all over the country.” Even with access to a user’s phone, the end-to-end encryption used in many apps would make messages and other data inaccessible even to the app developer.
“Some places we’ve been able to look, some places we will be able to look, some places we may never be able to see, no matter how good our legal process is,” Wray said.
First off, there’s no way of telling how “commonplace” this is because, as noted above, the FBI’s encrypted device numbers have been wrong for more than six years and have yet to be corrected. We can assume it’s more commonplace now that more services are offering end-to-end encryption, but we should not automatically assume it’s enough to be referred to casually as “commonplace” and a persistent threat to successful criminal investigations. If it were, one would expect to hear more about it from other law enforcement officials. Instead, most of what we hear about the supposed evil of encryption has come from the mouths of consecutive FBI directors.
As for the second paragraph, that’s something that’s always been true about criminal investigations, dating back to long before devices or device encryption existed. No investigation will ever uncover all existing evidence. It’s an impossibility. Some evidence will be destroyed. Some evidence simply won’t be where investigators are looking for it. And some evidence is ethereal, gone as soon as it’s uttered via untapped phone calls or in-person conversations.
Pretending that this reality of criminal investigations is somehow new is intellectual dishonesty. Claiming that it’s somehow more common due to encrypted devices and communication services is meaningless if the FBI’s not willing to give the public — or at least its congressional oversight — accurate information detailing just how often the FBI runs into this particular problem.
Until the FBI can be honest about the problem its directors claim is omnipresent, its anti-encryption agitation should be ignored. And it should certainly be ignored when the FBI is doing nothing more than complaining about a lack of access to a dead person’s phone contents and communications.
Filed Under: chris wray, encryption, fbi, lawful access
Companies: cellebrite
Comments on “FBI Back To Complaining About Encryption Making It Difficult To Scrape All Data From A Dead Person’s Phone”
'If we don't have literal unicorns on our K9 teams we can't do our jobs.'
Complaining that they can’t access everything, all the time on electronic devices/services is no different than whining that people are able to speak without being recorded and that means that criminal communications might not be available for law enforcement to access.
Law enforcement historically has never had complete access to all evidence or communications and yet somehow they’ve manage to stumble through and do their jobs, so if the current batch want to claim that without access to something they’ve never had it’s impossible to do their jobs what I’m hearing is that they’re terrible at their jobs and should be replaced with competent people.
Bait and switch complaint
and the thought
Complaining about “the developer can’t access the messages” is a straw man when you are holding one of the ends in your hands.
There might be a password to open the app, but it will almost certainly be short and brute force-able if so. It’s a phone. You going to create a 128 character password you have to type in accurately each time you use your messaging app? Same deal if there’s a password manager.
Otherwise, the entire communication stream is open to examination.
If the FBI really want the list of the people that want to shoot Trump, breaking all encryption will only be the start, but they’ll also need to build Skynet using quantum supercomputers.
Getting the list of people than doesn’t want is much easier, just create an online poll.
Re:
They can add me to their list right fucking now. The difference is, I respect the rule of law, for now.
We’ll see what SCOTUS does in the next decade, since they are now “beyond laws”.
My sole regret about the attempted assassination of Mango Jabba, was about 2 inches of lateral movement.
We can’t access dead criminals’ thoughts and memories, the world is doomed. i don’t know how we could have possibly survived this long; it’s a miracle.
Wray has always grasped at straws when it came to encryption, but this time he’s had to grasp particularly hard – because he desperately needs the distraction, more than ever before. He needs to sell encryption as the be-all, end-all thing that the poor poor FBI just can’t handle, because to do anything else would be admitting that a 20 year old lone wolf managed to outwit the FBI and Secret Service in shoving a bullet into Trump’s ear.
The truth is that Crooks could probably have put his intentions out on a billboard for everyone to say, and Wray wouldn’t have done a thing to stop it. Because he’s just that incompetent.
If nothing else, no one should allow the FBI to push anti-encryption
arguments until it hands over the updated number of devices so everyone has the same facts available to gauge exactly how big the “problem” is.