FBI Says It Can't Get Into 6,900 Encrypted Phones. So What?

from the doing-less-with-more dept

The new director of the FBI, Christopher Wray, has apparently decided to take up James Comey's anti-encryption fight. He's been mostly quiet on the issue since assuming the position, but the DOJ's recent calls for "responsible encryption" has emboldened the new FBI boss to speak up on the subject.

And speak up he has. Although the FBI still hasn't released the text of his remarks to the International Association of Chiefs of Police, more than a few sites are reporting it was the usual "go team law enforcement" boosterism, but with the added zest of phone encryption complaints.

He also spoke about roadblocks in dealing with cellphone encryption technology, saying that in first 11 months of the fiscal year, the FBI has been unable to access content from 6,900 mobile devices despite having the proper legal authority to do so.

"It's going to be a lot worse than that in just a couple of years if we don't come up with some responsible solution," he lamented. "I'm open to all ideas."

All ideas, maybe. But certainly not all viewpoints. The Deputy Attorney General has made it clear in multiple speeches he views phone encryption as the end result of tech companies' low-minded pursuit of revenue. DAG Rosenstein repeatedly emphasized US law enforcement measures success by a different standard -- a standard mercenary phone manufacturers couldn't even begin to approach.

Of course, the FBI head also nodded towards the importance of device security.

"I get it, there's a balance that needs to be struck between encryption and the importance of giving us the tools we need to keep the public safe."

But does he actually "get it?" What if the status quo is the ending "balance?" Would that satisfy Wray? Doubtful. He wants law enforcement-friendly security holes and he wants tech companies to provide them voluntarily.

The number of locked devices means nothing. The "6,900 mobile devices" will be 8,000 or 10,000 by early next year -- sound-and-fury totals signifying nothing. It was 6,000 phones when Comey trotted out numbers earlier this year. It will always increase and it will always grab eyeballs but it won't ever mean anything unless the FBI is willing to provide a lot more context.

Is the FBI just spectacularly bad at cracking cell phones? We're not hearing these complaints from local law enforcement agencies with less expertise and lower budgets. Is the FBI just not even trying? Is it not using everything it has available -- including a number of judicial forgiveness plans for rights violations -- to get into these phones? It's inconceivable the nation's top law enforcement agency is experiencing nearly a 50% failure rate when it comes to locked phones.

All Wray says is there are 6,900 phones the FBI hasn't gotten into. Yet. What's never discussed is how many investigations resumed unimpeded by cellphone encryption. Phones are not the sole repository of criminal evidence in any investigation. The FBI has options even if the seized phone seems impermeable. The FBI insinuates it's being stopped, but never specifies how many of these phones have resulted in terminated investigations.

It's just a number, divorced from context, but one the FBI can ensure will always be larger than last time it was mentioned.


Reader Comments

The First Word

Subscribe: RSS

View by: Time | Thread


  • icon
    Anonymous Anonymous Coward (profile), 26 Oct 2017 @ 7:55am

    6900 cases

    "the FBI has been unable to access content from 6,900 mobile devices despite having the proper legal authority to do so."

    Proper legal authority? They have 6900 warrants with sufficient specificity to search those phones, or are there 6900 subpoenas that authorize non-specific fishing expeditions issued by some DoJ rubber stamping troglodyte supervisor? Or are these the phones confiscated for having the temerity to cross a border without every single byte in ones possession or that one has access to being exposed?

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 26 Oct 2017 @ 9:30am

      Re: 6900 cases

      Orrr...

      Maybe it is that there are 6,900 phones that they are unable to access content from .... maaaybe here's the part they left out ... without using our advanced methods.

      reply to this | link to this | view in chronology ]

  • identicon
    Jordan Chandler, 26 Oct 2017 @ 9:27am

    Homeland Security

    At the ISACA conference yesterday a Special Agent of Homeland Security didn't give a very good answer when I asked why there was such a disconnect between law enforcement and the people who develop encryption.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 26 Oct 2017 @ 10:39am

      Re: Homeland Security

      Possibly it is because leos do not understand encryption, computer security or how things go terribly wrong in a hurry ... on a computer.

      reply to this | link to this | view in chronology ]

    • icon
      Roger Strong (profile), 26 Oct 2017 @ 10:49am

      Re: Homeland Security

      (BS) "You cannot trust an encryption algorithm designed by someone who had not 'earned their bones' by first spending a lot of time cracking codes."

      (PRZ) "...Practically no one in the commercial world of cryptography qualified under this criterion!"

      (BS) "Yes, and that makes our job at the NSA so much easier"

      - Conversation between Philip Zimmermann and Brian Snow, a senior cryptographer with the NSA.

      reply to this | link to this | view in chronology ]

  • icon
    sigalrm (profile), 26 Oct 2017 @ 9:55am

    It would be interesting to ask how many of those 6900 inaccessible devices have completely stalled an investigation.

    I'd wager the answer is "not many".

    reply to this | link to this | view in chronology ]

    • identicon
      spodula, 27 Oct 2017 @ 12:58am

      Re:

      I would say that if the only proof of wrongdoing is what someone has on their phone, you dont have much of a case to start with...

      reply to this | link to this | view in chronology ]

  • identicon
    Stosh, 26 Oct 2017 @ 10:00am

    I'll agree that encryption can be weakened when all those calling for such to do their online banking in the clear on the internet.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 26 Oct 2017 @ 10:26am

    What they say can be bullshit.

    If it's true, it means that encryption is working as intended.

    reply to this | link to this | view in chronology ]

  • identicon
    Michael, 26 Oct 2017 @ 10:33am

    "the FBI has been unable to access content from 6,900 mobile devices despite having the proper legal authority to do so"

    I think the real story here is that the FBI seems to be able to acquire the legal authority to access an awful lot of phones. According to some simple Google searches, 67% of people don't even have a password on their phone. Why are they searching so many phones?

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 26 Oct 2017 @ 10:46am

    Balance?

    As someone else pointed out, there is no "balance" between mathematics and wishful thinking.

    reply to this | link to this | view in chronology ]

  • identicon
    David, 26 Oct 2017 @ 12:05pm

    "Pursuit of revenue"

    The Deputy Attorney General has made it clear in multiple speeches he views phone encryption as the end result of tech companies' low-minded pursuit of revenue.

    Let's focus on that: how is phone encryption aiding revenue unless there is a significant ratio of people wanting privacy and not trusting the infrastructure's and/or the government's integrity? Does that mean that a revenue-relevant ratio of tech company customers consists of criminals and/or terrorists?

    Or does it rather mean that a revenue-relevant ratio of tech company customers thinks the government cares shit about the Fourth Amendment to a degree that they'd listen in on anything including stuff of private nature without warrant?

    If you want to target terrorists and criminals, wouldn't it make more sense to mess with the Second rather than the Fourth Amendment once you decide the Bill of Rights is optional? Obviously, the problem is that that's harder to do in a sneaky and underhanded manner.

    reply to this | link to this | view in chronology ]

    • icon
      That One Guy (profile), 26 Oct 2017 @ 3:43pm

      Re: "Pursuit of revenue"

      The analogy is a little loose, but it's rather like an agency that got busted peeking through every window in every house they could now whining that 'house designers' have built 'closed by default blinds' on the windows.

      If 'encryption by default' has become a selling point it's because they made it absolutely clear that it was needed. That if people wanted to protect their privacy they were going to have to do it themselves, as they could not trust the police/government to do so.

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 26 Oct 2017 @ 1:30pm

    How many criminals were unable to get into stolen phones? I suspect more than 6,900.

    reply to this | link to this | view in chronology ]

    • identicon
      David, 26 Oct 2017 @ 2:19pm

      Re:

      In particular if you include in the count the number of law enforcement officials illegally trying to access a phone without a warrant outside of exigent circumstances.

      reply to this | link to this | view in chronology ]

  • identicon
    David, 26 Oct 2017 @ 2:24pm

    One after the other.

    Let's start with responsible law enforcement.

    reply to this | link to this | view in chronology ]

  • icon
    Krolis (profile), 26 Oct 2017 @ 5:04pm

    Responsible encryption, is that the same thing as responsible gun control?

    reply to this | link to this | view in chronology ]

  • icon
    Bergman (profile), 26 Oct 2017 @ 6:18pm

    The FBI are notorious Luddites

    Their inability to access the phones might well be another example of their extreme resistance to joining the 20th century.

    Yeah, that's right, the 20th. The FBI only recently switched from having all of their interviews and interrogations recorded by an agent with a pencil and paper tablet. They still refuse to switch to even tape recorders, let alone digital recorders, for all such recordings -- they claim the paper and pencil method is somehow more accurate and less prone to error, though they won't or can't say how.

    The majority of FBI agents have a very extensive history of simply behind incapable of comprehending modern technology -- there was a book about it back in the 1990s, called The Hacker Crackdown, which is available online for free. They haven't improved much since then. The sheer Keystone Kops absurdity of how the feds acted, combined with the astounding constitutional violations, mean that many people refuse to accept it could possibly be a work of non-fiction, and shelve it accordingly in libraries.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 27 Oct 2017 @ 12:19am

    How ever did any crimes get solved before smartphones were invented?

    reply to this | link to this | view in chronology ]

    • icon
      That One Guy (profile), 27 Oct 2017 @ 5:25pm

      Re:

      They didn't. At all. That's why prisons were completely empty before smartphones were invented, they couldn't successfully convict anyone due to lack of evidence.

      It was only once smartphones really hit the market that prosecutors and investigators finally had a way to find incriminating evidence, and now they're upset that the Golden Era of Law Enforcement might be coming to a close, that the narrow window where they could at last successfully prosecute someone might be ending, and naturally they're upset about it.

      reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Use markdown for basic formatting. HTML is no longer supported.
  Save me a cookie
Follow Techdirt
Techdirt Gear
Shop Now: I Invented Email
Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.