Legal Issues

by Tim Cushing


Filed Under:
congress, encryption, fbi, going dark



Lawmakers Ask FBI Why It Isn't Getting Busy Cracking Its Stockpile Of Seized Smartphones

from the nerd-harder,-g-men dept

Ever since the FBI began its "going dark" crusade, crucial questions have gone unanswered. Considering the budget and technical expertise the FBI has access to, why was it so necessary to get Apple to crack an iPhone's encryption for the Bureau? Turns out it wasn't. The FBI did have a solution, but the head of the division charged with cracking open the San Bernardino shooter's phone didn't want a technical solution. He wanted a courtroom solution.

The report that outed the FBI's general disinterest in using outside contractors to crack encrypted devices is now being used against the FBI. Ten (bipartisan) legislators have signed a letter demanding answers from the agency about its anti-encryption efforts. The "going dark" narrative continues to be pushed by director Christopher Wray, despite recent reports showing at least two vendors have tools that can crack any encrypted iPhones. The tools are also much cheaper than the ~$1 million the FBI spent to open the shooter's phone, which raises questions about the agency's fiscal responsibilities to taxpayers.

The letter [PDF] highlights portions of the Inspector General's report indicating the agency was less than motivated to find an outside solution while engaged in a legal battle with Apple. It also points to the thousands of devices the FBI says it can't access, despite the ready availability of vendor tools designed to do what the FBI continues to claim is impossible.

These are the questions the legislators want answered -- questions we've been asking for months:

Have you consulted with relevant third-party vendors to understand what tools are available to help the FBI access device content?

Do you agree that there are solutions available to help unlock or nearly every device on the market? If not, why are these solutions, particularly the ones discussed above, insufficient?

Why can't the FBI unlock the 7,800 devices? Have you attempted to use tools developed by third-parties to unlock these devices?

Of these locked phones, how many are equipped with biometrics or how many have data available through a cloud service, which would provide additional means to access data or unlock phones?

For each device that you have not used a third-party tool to unlock, what is the rationale for not doing so?

These are all reasonable questions. But the FBI has been anything but reasonable when it comes to device encryption. Its director continues to insist -- despite zero tech expert support -- that safe and secure encryption backdoors are possible and that it's willing to sacrifice the public's security for "public safety." The FBI's disingenuous actions show it can't be trusted to handle the encryption debate honestly. Hopefully, this letter will reset the "conversation" by giving stakeholders insight into the fight the FBI appears to be throwing in hopes of being bailed out by legislators or federal judges.


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • identicon
    Anonymous Coward, 23 Apr 2018 @ 6:41am

    It's almost like they want to be able to get at the contents of any phone when it connects to Stingray device. Hmm, maybe they do, as it avoids problems like warrants when they want to go fishing because an agent just knows someone is a criminal.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 23 Apr 2018 @ 7:10am

      Re:

      Of course then there would be nothing keeping them from driving or flying around with stingrays while secretly scanning every device in range. From there it's easy to use evidence laundering to build cases without revealing the true source.

      reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 23 Apr 2018 @ 8:14am

      Re:

      Nothing personal .. just business

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 23 Apr 2018 @ 7:11am

    "the FBI's general disinterest in using outside contractors"

    More like "selective disinterest" when it came to not bothering to examine the Clinton Campaign's email server hacked by the Russian government and spilled to Wikileaks, preferring to allow outside contractors to handle everything.

    That decision helped spawn a rash of conspiracy theories about why John Podesta would not want to let his server get into the hands of the nation's chief law enforcement agency, and, hardly a surprise, suspicions of child pornography jumped to the top of the list among the Hillary haters.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 23 Apr 2018 @ 8:09am

      Re: "the FBI's general disinterest in using outside contractors"

      Forget about the security aspects of her email server. Instead the mere existence of the email server is de facto attempt by Hillary to bypass 5 U.S.C. § 552 (Freedom of Information Act). So exactly what aspect of her job did she want to conceal from public scrutiny and why?

      reply to this | link to this | view in chronology ]

      • icon
        Talmyr (profile), 23 Apr 2018 @ 8:35am

        Re: Re: "the FBI's general disinterest in using outside contractors"

        The same as the many many many senior Republican officials doing exactly the same thing for at least the same reasons. But Hillary!

        reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 23 Apr 2018 @ 12:48pm

        Re: Re: "the FBI's general disinterest in using outside contractors"

        The fact that State Dept. IT was an absolute morass? (If anything, that is what the whole "but her emails!" thing indicts, considering how many previous SecStates had maintained "side" email accounts...)

        reply to this | link to this | view in chronology ]

        • identicon
          Anonymous Coward, 23 Apr 2018 @ 3:23pm

          Re: Re: Re: "the FBI's general disinterest in using outside contractors"

          Side ones that they insisted be allowed on the secret network without whitelisting? Nice apples to antimatter comparison there.

          reply to this | link to this | view in chronology ]

          • identicon
            Anonymous Coward, 23 Apr 2018 @ 3:47pm

            Re: Re: Re: Re: "the FBI's general disinterest in using outside contractors"

            Yes. Antimatter apples to antimatter apples?

            reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 23 Apr 2018 @ 8:15am

      Re: "the FBI's general disinterest in using outside contractors"

      Look - over there - emails!!!!

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 23 Apr 2018 @ 7:16am

    Nice that Congress is coming down on the skeptical side on all this, but frankly, Christopher Wray doesn't work for Congress. He works for the president. Congress's direct actions on the FBI narrative without A Law are limited. The FBI director isn't an investigator, he's a politician. He's there to be the president's mouthpiece and policy enforcement hatchet man.

    Are there enough Congressmen gullible enough to legally weaken or circumvent encryption technologies more than the NSA already does? I hope not. Reports that Congressmen have been using Telegram and other OTR protocols for communications have me hopeful that there's enough support for strong encryption communications to overcome the more brain dead ones like Diane Feinstein and Richard Burr.

    Seriously... I'd assume it's gray and cloudy if Feinstein said the sky is blue she's wrong so often. The Democrat's Donald Trump.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 23 Apr 2018 @ 8:55am

      Re:

      You are correct about one thing in this post and one thing only. The FBI director works for the president -- he also works for the citizens of the US. As such it is Congress' job to ensure that he works professionally and without dissembling to his ultimate bosses -- us. The leverage Congress can bring to bear on the FBI is quite considerable which is why 10 Senators sending a letter requesting information from the Director is news. That they then publicized the letter lets the voters know that the Director is being called to account for the false narrative that he is pushing.


      Your narrative about the NSA weakening encryption is also false. There have been numerous instances when NSA has suggested changes to cryptographic protocols... the debate at the time is always "NSA is trying to create a backdoor!!11!!" Eventually it comes out that the changes the NSA suggests protect against a form of attack not yet known to the general public. I assume that NSA knows about the attack and is trying to ensure that protocols aren't created that will fall to them.

      reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 23 Apr 2018 @ 9:12am

        Re: Re:

        That they then publicized the letter lets the voters know that the Director is being called to account for the false narrative that he is pushing.

        The calling to account will only happen if Congress takes further action when the director ignores the letter, or replies to different questions as a response.

        reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 23 Apr 2018 @ 9:59am

        Re: Re:

        The FBI director works for…

        Above all else, the FBI director works for the institutional interests of the FBI.

        reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 23 Apr 2018 @ 12:02pm

        Re: Re:

        I agree with most of this, but...Some Spook agency, i think it was the CIA, insisted on a particular protocol in an RSA standard, which was much later shown to have a bad randomization component making cracking easy. It was only one of 5 options, and it wasn't the preferred option, if i remember correctly. But its not all roses.

        reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 23 Apr 2018 @ 7:51am

    hold up...

    "Nice that Congress is coming down on the skeptical side on all this,"

    They are not coming down on anything, as usual, this is going to be more bluster to get people to think they care. They are still going to pass all the bills necessary to spy on you like you are under investigation 24/7.

    Until something "Actually Happens" don't count on congress caring about anything other than playing games that either make them look good in the public eye or get them campaign donations for them and theirs!

    reply to this | link to this | view in chronology ]

    • identicon
      Guy, 23 Apr 2018 @ 8:56am

      10 of 435 = bluster

      Yup, "letters" from Congressmen are as cheap as toilet paper, but much less useful. Very naive to think such letters mean anything.

      These 10 timid Congressmen are not serious -- or they would be vigorously working within their very own, extremely powerful organization (Congress) to really change things.

      truth is that all 3 current branches of the Federal government like the American surveillance state, find it extremely useful for practical rule, and are never going to seriously reduce it.

      ... your votes on Election Days are a huge joke (on you)

      reply to this | link to this | view in chronology ]

  • icon
    TheResidentSkeptic (profile), 23 Apr 2018 @ 8:14am

    The more important statistic

    of these 7,800 phones, after cracking and analysis...

    how many actually had ANY useful intel on them???

    I think we'll be able to count that on ONE finger... the same one they give our rights every day...

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 23 Apr 2018 @ 10:11am

      Re: The more important statistic

      The more phones they open,
      the worse the statistics get.

      So unopened phones enable more whining than opened, no-useful-information phones.

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 23 Apr 2018 @ 9:11am

    obviously because it is known that there isn't any info on any of them relating to anything that is related to terrorism or any other crime or 'bad' thing. those that seized the phones have so many now they cant make up their minds which ones to keep for themselves but have been quick enough to tell the owners to 'go swivel, you're not getting them back!'

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 23 Apr 2018 @ 9:22am

    The FBI isn't interested in mere crime anymore

    Remember, they just rebranded themselves as a counter terrorism agency.

    Criminals have those pesky Miranda rights & due process rights.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 23 Apr 2018 @ 3:25pm

      Re: The FBI isn't interested in mere crime anymore

      Indeed they do. They retain those same rights even when given labels like terrorist or enemy of the state. Anyone who claims otherwise is attacking the constitution and the foundation for the government in the first place.

      reply to this | link to this | view in chronology ]

  • icon
    That Anonymous Coward (profile), 23 Apr 2018 @ 10:35am

    Because the more items we can add to the McGuffin Box pile increases the growing fear that something important was missed & it will be the fault of not giving us more power.

    reply to this | link to this | view in chronology ]

  • icon
    Uriel-238 (profile), 23 Apr 2018 @ 12:31pm

    Reminder: The FBI's mission is no longer "Law Enforcement"

    But rather National Security. That was on Comey's watch, so think about it every time he talks about his love for and loyalty to the mission. (Comey may be Trump's enemy, but that doesn't make him a friend to the public.)

    The FBI's interest is in preserving the current hierarchy of institutions, mostly preserving the FBI's position in the current hierarchy of institutions.

    So any new and additional tools the FBI might accumulate will be used for that purpose. Lately, the FBI likes gas-lighting and entrapping disabled people for aiding and abetting imaginary terrorists doing imaginary terrorist plots, with the minor consequence of sending innocent people to prison for lengthy sentences.

    While I can't speak for the FBI's other programs (recommending to other Law Enforcement regarding Juggalos as a street gang?) I tend to want to assume at this point those programs would serve the public interest about as well.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 23 Apr 2018 @ 3:27pm

      Re: Reminder: The FBI's mission is no longer "Law Enforcement"

      Imaginary crimes are the best ones. Ask the DEA. Mandatory minimum sentencing on imaginary drugs, weapons, money, and locations. Isn't America great!

      reply to this | link to this | view in chronology ]

  • icon
    Peter (profile), 24 Apr 2018 @ 1:33am

    Same Problem as with terrorists and Russian election meddling

    Once the problem is solved, how will the FBI justify demands for more resources?

    Worse, once the FBI has nothing more to ask for, they will be asked questions about topics they'd rather not talk about. Their less-than-stellar performance on general crime will only be tolerated as long as they can push high-profile topics.

    reply to this | link to this | view in chronology ]

  • identicon
    RS, 27 Apr 2018 @ 9:22am

    First they came for smartphones, and I did not speak out—

    Because I was not a smartphone user.

    Then they came for 'pirated' operating systems, and I did not speak out—

    Because I was not a 'pirate'.

    Then they came for social network users, and I did not speak out—

    Because I was not a social network user.

    Then they came for anonymity, encryption, and free software—and there was no one left to speak for me.

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Use markdown for basic formatting. HTML is no longer supported.
  Save me a cookie
Follow Techdirt
Techdirt Gear
Shop Now: Copying Is Not Theft
Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.