Legal Issues

by Tim Cushing

Filed Under:
doj, fbi, san bernardino

FBI Is Using Classified Tools For Regular Investigations And That's Going To End Up Hurting Everyone

from the when-'going-dark'-just-means-parallel-construction dept

A recent Inspector General's report laid bare the FBI's real motivations in the San Bernardino shooting case. It didn't want a technical solution. It wanted judicial precedent. While the DOJ presented its claims that no tech breakthrough was forthcoming, the FBI's left and right hands were operating independently. Technically, this means Comey and the DOJ did not lie when they told a federal judge and Congress (respectively) that an All Writs Act order was the only solution.

But dig deeper into the report, and you'll find information much more damning than some truth-fudging. One division of the FBI, which had been explicitly asked to search for a way to hack into the locked iPhone, only made a half-assed effort to do so, in hopes of slow-walking the FBI into favorable precedent. The FBI's cryptographic unit (CEAU) was supposed to keep looking for a solution, but it didn't. It asked some cursory questions and then sat back to watch the courtroom drama.

Another area of the agency -- one supposedly limited to national security investigations -- did manage to find a solution via a third party. The Remote Operations Unit had this vendor drop everything else and work on an iPhone crack to help the CEAU out. Unfortunately for the helpful ROU official, the CEAU head didn't really want a solution and was irritated when one was found.

The reason the CEAU and ROU weren't speaking to each other directly was related to the ROU chief's belief its tools were not meant to be used in standard criminal investigations. The CEAU, however, felt it could use national security tools possessed by the ROU whenever necessary, even when the investigations had nothing to do with the agency's national security work.

Joseph Cox at Motherboard points to a couple of footnotes in the Inspector General's report that indicate the FBI has ignored this "wall" at least twice in the past.

One mentions the ROU chief, based on long standing policy, sees a “line in the sand” against using national security tools in criminal cases—this was why the ROU initially did not get involved at all with finding a solution to unlocking the San Bernardino iPhone.


“The ROU Chief was aware of two instances in which the FBI invoked these procedures,” a footnote in the report reads. In other words, although it seemingly only happened twice, the FBI has asked for permission to use classified hacking techniques in a criminal case.

The report does not provide any more info about the FBI's internal wall-breaking, but Cox speculates it may have something to do with its child porn investigations. The malware the FBI deployed to expose visitors of darkweb child porn sites was originally unclassified, but the FBI attempted to classify the exploit post-deployment for supposed national security reasons. And, indeed, the FBI has deployed this twice (that we know of) to target child porn site visitors.

The wall is there for a reason. If the exploits and tools are classified, the use in standard criminal investigations raises the chances they'll be exposed in court. It also initiates mission creep. Powerful tools become routinely-deployed exploits, eventually lessening their effectiveness and slowly (but surely) stripping away the layers of opacity surrounding them.

This is what has happened with Stingray devices. Originally, the repurposed military gear was used in only the most dire situations. Now, they're used to track people stealing fast food. In the process, the tool no one ever wanted to talk about has gone mainstream, with extensive paper trails emanating from courtroom decisions and public records requests.

The FBI had concerns Stingrays would become exactly what they are now: standard equipment, rather than overpowered tools that should only be deployed when public safety is threatened. It knew the slippery slope towards standardized use would end up exposing the devices and their capabilities. This is why it tied up agencies with non-disclosure agreements and demands it be consulted whenever info about Stingrays was requested by the public or at risk of being disclosed in court.

But there's another side effect of breaking down this wall between national security and vanilla law enforcement. The implications of this range far beyond the possible burning of a useful investigative tool. When the FBI uses classified tools to engage in normal investigations, defendants are placed at a severe disadvantage.

“When hacking tools are classified, reliance on them in regular criminal investigations is likely to severely undermine a defendant’s constitutional rights by complicating discovery into and confrontation of their details,” Brett Kaufman, a staff attorney at the ACLU, told Motherboard in an email. “If hacking tools are used at all, the government should seek a warrant to employ them, and it must fully disclose to a judge sufficient information, in clear language, about how the tools work and what they will do,” he added.

Perhaps the FBI's Remote Operations Unit was more aware, or simply more considerate, of the Constitutional implications of bringing hacking tools over the wall. The CEAU chief, at least according to this report, was less concerned about the constitutional implications but extremely worried any new tool might undermine the DOJ's push for compelled assistance precedent. As a whole, the FBI is only mildly concerned about violating rights. The agency's continuous creation of easily-indicted "terrorists" is only part of the problem. Beyond that, the agency appears to be willing to use any tools to achieve any ends… including ignoring its many options if there's a chance a court might deliver an opinion it can use to force US companies to crack open devices for it.

Reader Comments

Subscribe: RSS

View by: Time | Thread

  • identicon
    Personanongrata, 9 Apr 2018 @ 2:25pm


    It didn't want a technical solution.

    Do not Apples devices use flawed CPU's susceptible to the Spectre/Meltdown exploits? ml

    reply to this | link to this | view in chronology ]

    • icon
      Uriel-238 (profile), 9 Apr 2018 @ 3:12pm

      Spectre / Meltdown

      Yes, but that may not get a TPM to spill its authentication codes, which was the problem with the San Bernardino iPhone.

      TPMs can be hacked, but it's expensive.

      reply to this | link to this | view in chronology ]

  • identicon
    beta4, 9 Apr 2018 @ 3:02pm


    ""the FBI is only mildly concerned about violating rights.""

    well, if U don't trust the FBI ... exactly which Federal agency(ies) do U trust to reliably protect your constitutional rights?

    reply to this | link to this | view in chronology ]

    • icon
      Anonymous Anonymous Coward (profile), 9 Apr 2018 @ 3:25pm

      Re: rights

      None. Not that I can think of right now anyway. For that matter, I am having trouble thinking of any state, county, or municipal agency that I trust. Wait, maybe there is an animal control unit, someplace, that we might put some faith in. Then maybe not.

      reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 9 Apr 2018 @ 3:30pm

      Re: rights

      None! The FBI will step all over your constitutional rights just like everyone else.

      This is what FBI Tyrants do when you're on a public sidewalk with a Camera recording a FBI building, that is a first amendment constitutional protected activity!!!

      Or this

      and there are many others. You do not have to give out ID or tell them who the F you are. You've committed no crime. A so-called Suspicious activity is not a misdemeanor or a Felony. Throwing out 9/11 gives them no extra rights. They can't detain you when they can't cite a crime you did because you've done nothing wrong.

      You have ZERO expectation of privacy in public. I could stand in front of your house on the sidewalk and film you and your house. I can go into a public park and film your kid. All these things are 100% legal. In fact you're on cameras everywhere you go, maybe as soon as you're out your front door.

      Hell Google gets a better view from the street and above and you don't even have to leave your house. The FBI, DEA, Police, Security Guards, most are completely clueless. They will ALL LIE right to your face to get you to do what they want. They will stand there and makeup anything!!!

      You know you're more than 9 times more likely to be killed by the police than a terrorist!!!

      Justine Ruszczyk called 911 on Saturday night to report a possible sexual assault in an alley near her home, Two police officers responded and one of them killed Ruszczyk. She died of a gunshot wound to the abdomen!!!

      A Texas woman who called 911 on Saturday saying she was being stalked was shot and killed by a San Antonio police officer!!!

      The police these days shoot first and ask questions later. They are scared by their own shadow.

      reply to this | link to this | view in chronology ]

  • icon
    Uriel-238 (profile), 9 Apr 2018 @ 3:09pm

    Remember the FBI is NOT a law-enforcement agency.

    Not any more. The FBI is now a national security agency. It's interest is in preserving the current regime.

    For the FBI's new mission, it is a lot easier to justify methods that are classified or reserved for extreme cases whenever they are desired.

    I'm pretty sure the NYPD has also changed its mission from law enforcement to national security, which would explain its behavior in the last decade. I expect other precincts and agencies to follow suit.

    reply to this | link to this | view in chronology ]

  • This comment has been flagged by the community. Click here to show it
    FSSAI, 10 Apr 2018 @ 12:20am


    We are here to help you understand and comply with the requirements of this new and rapidly evolving law which has been put in place to provide safe and hygienic food to all the citizens of India.

    Our team has worked with the food and hospitality industry for more than a decade, helping you implement the best food safety practices by regularly testing your products, ingredients and facilities to ensure compliance with global food safety standards.

    reply to this | link to this | view in chronology ]

  • identicon
    ROU-TU DITU, 10 Apr 2018 @ 6:44am

    If you think the FBI has thrown away the Constitution AND due process as they manufacture terrorists-
    Imagine what theyare doing as they distribute child pornography?

    So- working within the hydra of NGOs and CVE programs that leak NSA backdoor data into local law enforcement, "the FBI is only mildly concerned about violating rights. The agency's continuous creation of easily-indicted "terrorists" is only part of the problem"

    What you actually have isthe FBI distributing child pornography, in sync with NGO and US military psyops runfrom offshore(Osaka, Phillipines, Thailand), and in most cases, they do not, and will not prosecute these cases because theyare creating HUMINT assets- because the real end goal is creating patsies,and informants, via slipping childporn into free-sites, and targeting individuals porn habits with "ooops".

    Then, in some cases they create controlled assets- in others, like the inter-generational FBI family of Las Vegas shooter Stephen Paddock, we see the FBI always curiously close to childporn, and mass shooters.

    I mean- do the research yourself, but the prima facie case is there.

    reply to this | link to this | view in chronology ]

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Use markdown for basic formatting. HTML is no longer supported.
  Save me a cookie
Follow Techdirt
Techdirt Gear
Shop Now: Copying Is Not Theft
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Report this ad  |  Hide Techdirt ads
Recent Stories
Report this ad  |  Hide Techdirt ads


Email This

This feature is only available to registered users. Register or sign in to use it.