Sen. Feinstein Looking To Revive Anti-Encryption Bill In The Wake Of Texas Church Shooting
from the exploitable-tragedies dept
Shortly after the horrific shooting of 26 people in a Texas church, the FBI began dropping hints about its inability to access the contents of the shooter’s phone. Things didn’t go the FBI’s way the last time it tried to access a phone’s contents following a mass shooting. It was unable to force Apple to break its own encryption and failed to obtain a judicial precedent it could wield against other manufacturers. In the end, the FBI ended up out a large sum of cash in exchange for access to phone contents that ultimately proved worthless.
These rumblings follow the DOJ’s push for “responsible encryption” — a mythical beast composed of “strong” encryption that can be broken at the drop of warrant. This is the FBI hinting it’s interested in taking a second swing at obtaining a pro-encryption breaking courtroom decision. What the FBI won’t do is offer any details on the shooter’s phone itself.
“We are unable to get into that phone,” FBI Special Agent Christopher Combs said in a press conference yesterday (see video).
Combs declined to say what kind of phone was used by gunman Devin Kelley, who killed himself after the mass shooting. “I’m not going to describe what phone it is because I don’t want to tell every bad guy out there what phone to buy, to harass our efforts on trying to find justice here,” Combs said.
Most agents aren’t adept at handing out off-the-cuff statements, as Agent Combs’s “harass our efforts on trying to find justice” word salad can attest. Withholding this information made little difference, however. The phone the FBI is trying to break into is an iPhone — something Apple may have inadvertently outed while preemptively defending itself against FBI/DOJ criticism.
Apple today tried to get ahead of another encryption showdown with the Federal Bureau of Investigation related to the Texas gunman’s attack this past Sunday, saying it reached out to the bureau to offer assistance in getting into the gunman’s iPhone and expedite its response to any legal process. The attack, which left 26 dead and many more injured, was committed by now-deceased Devin P. Kelley, who is confirmed to have been carrying an iPhone that may have crucial information about his activities in the lead up to the shooting.
Maybe the FBI should have taken Apple up on its offer. As Reuters reports, the FBI did not ask Apple for help during the 48 hours following its receipt of the phone — a time period during which Apple’s assistance may have been invaluable. (This echoes the FBI’s apparent mishandling of the San Bernardino shooter’s phone, which resulted in a locked phone and a courtroom showdown.) Apple likely would have known whether or not the phone was secured by the shooter’s fingerprint, which certainly could have been applied postmortem.
Instead, the FBI chose to complain about its lack of access. This may be part of the DOJ’s long game. Immediate assistance only helps in individual cases and only if done as soon as possible after taking possession of a device. But a favorable court decision? That lasts forever and can be applied at the FBI’s leisure.
Unfortunately, it’s not just the FBI and DOJ looking for permanently broken encryption. Sen. Dianne Feinstein is looking to revive her anti-encryption bill, last seen collecting dust following Congressional and presidential disinterest during the final year of the Obama administration.
As the FBI struggles to unlock the iPhone used by the gunman in the recent Texas massacre, Sen. Dianne Feinstein believes it’s time to bring back long-dormant encryption-piercing legislation. It’s been about 18 months since she and Senate Intelligence Committee Chairman Richard Burr floated legislation that would have required tech firms to hand over customers’ secure messages when served with a warrant. The measure, released after a bitter feud between the FBI and Apple over a locked iPhone, was never formally introduced but the latest case is exactly why it should be revived, she told Martin. “I think we ought to move that bill,” she said.
If everything alleged by the Reuters report is true, the FBI’s “struggles” are of its own making. It could have sought immediate assistance from Apple but chose not to. It also, apparently, turned down Apple’s offer to help. If so, the FBI doesn’t actually want cooperation from tech companies. It wants to be able to tell companies what features they can and can’t have. It wants to dictate all the terms of these engagements, which is very much in line with the DOJ’s views on tech company “partnerships.”
Filed Under: dianne feinstein, encryption, going dark
Comments on “Sen. Feinstein Looking To Revive Anti-Encryption Bill In The Wake Of Texas Church Shooting”
It doesn’t matter if the struggles FBI had were the fruition of their own stupidity or if the device is just impenetrable for now. They are not entitled to every single bit of evidence out there. They can’t have access to conversations in person, destroyed documents and other unrecoverable evidence and yet they can pursue other evidence from other sources to secure a conviction in the courts. If one bad guy goes free, well, though luck, it’s a small price to pay for the hundreds of millions of people that will be secure and will have their privacy respected. It’s a very small price to pay for the security of journalists, whistleblowers and generally (generally!) awesome people that rely on this privacy and security on a daily basis to do their jobs.
Besides, a criminal will not stop in a single crime and will eventually fail and leave breadcrumbs outside of encryption that can be used by competent law enforcement agents to build a decent case. Humans err. All the time. And again, if one exceptional criminal manages to stay under the radar once you weight this against the security and privacy of hundreds of millions the choice is obvious: preserve encryption as it is and if possible improve it.
Re: Re:
It’s called a search warrant, not a find warrant.
Re: Re:
Re: Re:
“They are not entitled to every single bit of evidence out there”
, yet.
Re: Re:
Besides the guy is DEAD. So no trial needed. Seeing what’s on a phone doesn’t stop a single person from being killed. They’re already DEAD!
The only way seeing whats on a phone to stop anything BAD from happening is if they can spy on everyone in real time. That’s what they really want. They just can’t come right out and say that.
The simple fact is, making security weak on the iPhone just means we are now all insecure because of a very tiny percentage of the population. In the end, you can just get an Android phone and install a 3rd party encryption software that has NO BACKDOOR because the software is made outside of the U.S. and so they can’t stop it or force a back wall into the software. In fact, most encryption software is made outside of the U.S.
Re: Re: Re:
It might, if for example he and a friend were planning attacks a month apart. But unless they have some reason to think that, it’s nothing more than a fishing expedition.
Re: Re: Re: Re:
In which case they can (1) take advantage of the help Apple offered before it’s too late for the offer to be used; (2) look at telecom provider records to see with whom the attacker has communicated, even if law enforcement can’t see the contents yet; (3) ask the telecom provider to supply all non-encrypted data records in its possession. For (2), if there are no telecom provider records, which could happen if the hypothetical co-conspirator only ever met with this attacker in surveillance-resistant ways, it’s pretty likely that they also had the sense not to leave any useful evidence on the phones, so breaking the phone still wouldn’t help. For (3), it’s possible that the attacker and his hypothetical co-conspirator carefully confined all their conversations to encrypted applications, but it’s also possible, and on balance seems more common, that the only security they had was that the phones were locked to their respective passcodes and that the messages were sent over the telecom provider’s network without any anti-law-enforcement-surveillance measures. In the latter case, the messages are protected from the current possessor of the phone, but completely accessible to the telecom provider, who can disclose their contents to law enforcement without the need to break any security systems.
“responsible encryption” = Oxymoron.
Re: Re:
“Responsible encryption” is encryption that is secure. They demand irresponsible encryption.
Re: Re: Re:
Perfect statement!
Re: Re: Re:
Kind of like “war is peace” and “slavery is freedom”. The DOJ seems to be using “1984” as an operations manual.
Re: Re:
Oxymorons
1) responsible encryption
2) Feinsteinian statesmanship
Re: Oxymoron
Apply a reducing agent and you get the person calling for “responsible encyption”
What do they need in this case?
I’m a bit confused why they need access to his phone? We know who did it and he’s dead. Justice served, case closed.
If they want to trace his step then his provider should have this info. If they want to know if he talked to anybody before the shooting, his provider has this info.
It seems to me unlocking the phone will not add anything to the case or harassing the justice thing.
Re: What do they need in this case?
Fishing expedition.
Re: Re: What do they need in this case?
In general yes, but in this case it’s almost certainly more about taking a second crack at setting a precedent they want.
They got slapped down and ran off the last time they had a locked phone, dead(and therefor unable to challenge the search in court) attacker and were claiming that the encryption was keeping them from valuable data, and now that a similar situation has arrived they want to give it another go, attempt to undermine encryption via tragedy once more.
I’m sure the FBI doesn’t actually care about what’s on that phone.
The Texas shooting is a horrible tragedy but is otherwise fairly cut and dry.
It’s not like this guy had any secrets.
Re: Re:
Let no good tragedy go to waste. This will fuel the FBI’s efforts to wreck encryption for at least the next 6 months. They care nought for those killed.
This is pure we hate that we can’t get into a phone when we want, along with a pile of misdirection to prevent too much examination of system failures in preventing a person known to have violent tendencies from acquiring legal firearms. The chances of that phone holding anything useful are very close to zero.
Re: Re:
It’s so much worse than that. He knowingly filled out the firearm purchase application with false information (which is a crime); we know he did this because if he had been truthful about his past, the dealer would have refused to sell to him. He was previously convicted of crimes that made him ineligible to possess a firearm (so merely buying those guns was another crime, even if he had never used them), so even if he had lied on the form, National Instant Check System should have rejected him. It didn’t, because the disqualifying criminal records were not forwarded to NICS. Further, the illegal purchases were over a span of several years, so we can’t even lament that NICS approved him through timeout and he committed the murders before the police were sent out to deal with the mistake. He illegally possessed firearms for multiple years before he committed the murders, and no one ever noticed or even attempted to have him arrested for that illegal possession.
Re: Re: Re:
The real crime is that he was able to purchase and encrypt an iPhone.
We need a list and application process to prevent people from doing this.
Re: Re: Re: Re:
He also purchased a vehicle and then proceeded to drive it to and from the crime scene. People with criminal records should be prohibited from owning or driving vehicles.
/s
Re: Re: Re:
I would go as far as to sat ‘oh look encryption’ has become governments favorite way of deflecting attention away from government failure, while also being used to further erode citizens rights.
Again, one suspects the reason they did not approach Apple immediately is that it’s not about getting into this specific device, but getting into every device, whenever they feel like it.
Re:
That is exactly the point.
Senator Feinstein and Her Congressional Ilk are Wrong (Again)
Sen. Feinstein Looking To Revive Anti-Encryption Bill In The Wake Of Texas Church Shooting
Straight from the US government’s operating manual:
Never let a crisis go to waste when attempting to garner new powers.
Dianne Feinstein and her congressional ilk propose we jettison 200 + years of the US Constitution being a bulwark against governmental abuses in the name of political expediency in 2017.
Is the US Constitution perfect?
No, but it certainly beats arbitrarily dismantling one of the nations founding legal documents for purely political motives.
Feinstein and her ilk are wrong – we should jettison congress – before we jettison the US Constitution.
Re: Senator Feinstein and Her Congressional Ilk are Wrong (Again)
Agreed. But how do you suggest we go about that?
Re: Re: Senator Feinstein and Her Congressional Ilk are Wrong (Again)
depends on how french we want to get, really.
The best of the best of the bestest
Isn’t it interesting how those with law enforcement jobs consider everyone without law enforcement jobs to be bad?
Then the is the phenomenon whereby a happy go lucking person (or maybe a depressed psychopath) gets hired by a law enforcement agency and is moved from the ‘bad’ column to the ‘good’ column. Presto magico!
And, in today’s training standards, these new hires are taught to obsess over digital information rather than how to obtain witnesses and follow up on leads, you know, actual investigative work? Digital isn’t easier, but it can be done without leaving the office. Oh, and let’s not forget shoot first, make excuses later.
Re: The best of the best of the bestest
“Isn’t it interesting how those with law enforcement jobs consider everyone without law enforcement jobs to be bad?”
Your thinking is rather shallow on this. They also sometimes consider law enforcement from other agencies as bad too! Just really…anyone who potentially could get in their way of enforcing what they feel like enforcing is bad.
The FBI is not competent supervise the specification of, design or building of any computer system. By 2010 the FBI had spent or intended to spend $4.5 billion dollars on computer systems that did not work, or have proved not to work, despite warnings that the systems would never work.
http://www.judiciaryreport.com/fbi_computer_system_fiasco_flagged_by_government.htm
And have spent untold billions more on systems that have failed for reasons that would be obvious to any systems engineering student who has passed a 101 course in design.
And it is obvious from FBI announcements on their computer systems of the future, that they still believe they will have a working design if only they can find a better magic wand.
Fail
You get an F-einstein.
Unfounded Claims
“In the end, the FBI ended up out a large sum of cash in exchange for access…”
Nice cover for a failed attempt to strong-arm Apple. FBI: “Never mind, we already found another way to accomplish our crack; so, we no longer need to risk a judicial precedent that rejects our jack-booted thuggery, AND we can claim that Apple security IS vulnerable.” No proof of the phone crack was ever demonstrated.
“…to phone contents that ultimately proved worthless.”
Nice cover for a false claim of access…also never demonstrated.
Re: Unfounded Claims
"In the end, the FBI ended up out a large sum of cash in exchange for dropping a case that wasn’t going their way…"
That better?
Given the timing I don’t particularly buy the ‘we just so happened to run across someone with the ability to crack the encryption we couldn’t, and would you look at that, nothing of note, no need to double-check it, and I guess we can drop the case now can’t we?’ excuse either. It’s possible that they were telling the truth, but the timing was crazy suspicious and looked for all the world like they were cutting and running before the court could set a precedent they didn’t want.
iPhone users should be arrested
How dare people buy iPhones?!
We should arrest all iPhone users, these irresponsible people are killing others with their decisions to own and use an iPhone.
Perhaps we need an iPhone registry, and a waiting list for iPhone buyers after they get a background check.
Feinstein Must Be Removed From Office
Senator Dianne Feinstein is 84 years old and in poor health, yet she still feels obligated to screw over the country for the rest of us who have some small hope of living here a bit longer than her.
How do you explain destructive creatures like this? It’s not like she needs more money from her wealthy donors. It’s not even like she’s creating some sort of grand legacy that people will admire long after her demise. Is she trying to damage the country out of spite? Is she as senile as Trump?
Re: Feinstein Must Be Removed From Office
Or at least Apple. I suspect the response she’s looking for is:
"The fantasy ‘back-door for only the good guys’ is unavailable, but we do have a very progressive portfolio of campaign fundraiser packages you can purchase."
Any government person that thinks they should be able to get into an encrypted phone has no respect for society and is pretty ignorant about the potential badness of government.
Let’s assume the FBI can get to the phone data.
Then what?
I don’t believe the FBI has the power to travel back in time to prevent the shooting, so best case for the data is it’s uploaded with petabytes of other useless data, for the sake of “profiling” which hasn’t stopped a shooting yet.
I said it before and I will keep saying it. We should allow backdoors into encryption, on one caveat, that Govt official also has that backdoor as well.
Bonus: Feinstein represents California, Which includes the City of Palmdale, which houses Lockheed Martin ADP (Skunkworks), Northrop Grumman, and Boeing. I am SURE they would just LOVE to have a backdoor into their R&D programs.
I don't get it.
They are trying to find justice? What does "justice" even mean in the face of mass killings? If they had said something like "we are trying to figure out how we can prevent people from turning into mass murderers", they’d have had a bit of my sympathy. That would involve engaging with his actual social environment (not really his phone since on the Internet you’ll find anything anyway: you need to approach people in real life to make them behave sanely in real life).
But justice? That’s just stupid. Particularly since the shooter as the principal target of justice is dead.
Is Now The Time To Talk About Guns?
Didn’t certain people complain about “politicizing” incidents such as this, with regard to gun control? But it’s OK to “politicize” it with regard to encryption?
Re: Is Now The Time To Talk About Guns?
Encrypted phones are worse than guns.
Guns don’t hide any evidence – you can seize a gun and analyze it. Try doing that with an encrypted phone!
Phone encryption is the new evil, it should be banned so that we can prevent killing and return society back to safety like it was before.
Without access to phones, there can be no justice!
or something…
uh, We’ll make sure of it!
A nation of Proof..
99% of the problem tends to be Proving something is Important.
most of this could be done by getting a list of phone contacts from the CELLPHONE COMPANY…
A point is made here that MOST people use the MOST common and easy way to USE a device..CHECK THE FINGER PRINT.. USE 1234, USE ABCD, USE HIS NAME..USE his religion..Dogs name..
Then there is the thought that the CELLPHONE company holds data..LIKE Internet DATA..its mostly Cached on the system to save Room on the phone..
WE dont want SMART COPS, WE WANT EASY CRIMES.. WE WANT TV CRIMES…
Totalitarian witch.
Now we know where MyNameHere gets his talking points…
What are they looking for?
I understand that this is really about ratcheting up the surveillance, but what is the argument?
Call and texts? The carrier has that info.
What apps are installed? Apple has that info.
Individual app content? You know what was installed, go talk to them.
The pictures they took? Do they expect he carefully documented his road to killing in selfies?
No only is this about increased access for police. This is about plain laziness. They don’t want to have to put in the footwork. They just one a simple single entry point to his entire digital life.
Re: What are they looking for?
They may also be hoping that they have an automatic login to his social media and email accounts, then they can look at everything without having to get a warrant.
Re: What are they looking for?
If digital play is easy, why not digital work?