DEA Accused Of Leaking Misleading Info Falsely Implying That It Can't Read Apple iMessages

from the that's-not-the-truth dept

So this is interesting. Yesterday, CNET had a story revealing a "leaked" Drug Enforcement Agency (DEA) memo suggesting that messages sent via Apple's own iMessage system were untappable and were "frustrating" law enforcement. Here's a snippet from that article:
Encryption used in Apple's iMessage chat service has stymied attempts by federal drug enforcement agents to eavesdrop on suspects' conversations, an internal government document reveals.

An internal Drug Enforcement Administration document seen by CNET discusses a February 2013 criminal investigation and warns that because of the use of encryption, "it is impossible to intercept iMessages between two Apple devices" even with a court order approved by a federal judge.
CNET posted an image of the letter:
In reading over this, however, a number of people quickly called bullshit. While Apple boasts of "end-to-end encryption" it's pretty clear that Apple itself holds the key -- because if you boot up a brand new iOS device, you automatically get access to your old messages. That means that (a) Apple is storing those messages in the cloud and (b) it can decrypt them if it needs to. As Julian Sanchez discusses in trying to get to the bottom of this, the memo really only suggests that law enforcement can't get those messages by going to the mobile operators. It says nothing about the ability to get those same messages by going to Apple directly. And, in fact, in many ways iMessages may be even more prone to surveillance, since SMS messages are only stored on mobile operators' servers for a brief time, whereas iMessages appear to be stored by Apple indefinitely.

That leads Sanchez to wonder if there might be some sort of ulterior motive behind the "leaking" of this document, done in a way to falsely imply that iMessages are actually impervious to government snooping. He comes up with two plausible theories: (1) that this is part of the feds' longstanding effort to convince lawmakers to make it mandatory that all communications systems have backdoors for wiretapping and (2) that it's an attempt to convince criminals that iMessages are safe, so they start using them falsely believing their messages are protected.
Which brings us to the question of why, exactly, this sensitive law enforcement document leaked to a news outlet in the first place. It would be very strange, after all, for a cop to deliberately pass along information that could help drug dealers shield their communications from police. One reason might be to create support for the Justice Department’s longstanding campaign for legislation to require Internet providers to create backdoors ensuring police can read encrypted communications—even though in this case, the backdoor would appear to already exist.

The CNET article itself discusses this so-called “Going Dark” initiative. But another possible motive is to spread the very false impression that the article creates: That iMessages are somehow more difficult, if not impossible, for law enforcement to intercept. Criminals might then switch to using the iMessage service, which is no more immune to interception in reality, and actually provides police with far more useful data than traditional text messages can. If that’s what happened here, you have to admire the leaker’s ingenuity—but I’m inclined to think people are entitled to accurate information about the real level of security their communication enjoy.
While both scenarios are plausible, both seem fairly cynical as well. I'd like to think that law enforcement is above attempting such tricks, but unfortunately that might just be naive these days.

Filed Under: dea, encryption, imessages, privacy
Companies: apple


Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. identicon
    Derp, 5 Apr 2013 @ 7:03pm

    The theory is weak

    I think the theory in this followup article is flawed.

    I believe it would be quite easy for iMessages to be stored, in their encrypted form, and recoverable when you use a different device, simply based on the Apple login credentials. Naturally, all Apple would have is a hash of the credentials, not the cleartext. The decryption key for a user's imessages could also be stored by Apple in an encrypted form that used something Apple does not have --- the cleartext of the login password --- for the decryption key. Upon successful login to Apple, the encrypted key of the iMessages (which is all Apple has) is passed to the device, which the decrypts it with the cleartext (which never leaves the device) of the Apple login password.... and then decrypts the iMessage contents.

    This would allow for recovery of iMessages when your device is replaced, but Apple would not be able to decrypt them.

    This would also support password changes not having to re-encrypt all the iMessages... just the single key. But it doesn't allow for password resets. I don't know if iMessages survive a password reset. But even that may be doable w/o Apple being able to decrypt iMessages.

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Insider Shop - Show Your Support!

Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.