Slashdot Mirror
How the FBI Hacks Around Encryption
Advocatus Diaboli writes with this story at The Intercept about how little encryption slows down law enforcement despite claims to the contrary. To hear FBI Director James Comey tell it, strong encryption stops law enforcement dead in its tracks by letting terrorists, kidnappers and rapists communicate in complete secrecy. But that's just not true. In the rare cases in which an investigation may initially appear to be blocked by encryption — and so far, the FBI has yet to identify a single one — the government has a Plan B: it's called hacking.
Hacking — just like kicking down a door and looking through someone's stuff — is a perfectly legal tactic for law enforcement officers, provided they have a warrant. And law enforcement officials have, over the years, learned many ways to install viruses, Trojan horses, and other forms of malicious code onto suspects' devices. Doing so gives them the same access the suspects have to communications — before they've been encrypted, or after they've been unencrypted.
Hacking — just like kicking down a door and looking through someone's stuff — is a perfectly legal tactic for law enforcement officers, provided they have a warrant. And law enforcement officials have, over the years, learned many ways to install viruses, Trojan horses, and other forms of malicious code onto suspects' devices. Doing so gives them the same access the suspects have to communications — before they've been encrypted, or after they've been unencrypted.
It does not give the FBI bulk surveillance capabilities unless they work with bulk tools, namely botnets and worms trying to infect everything they can get. And that looks pretty bad when discovered.
So widespread use of end-to-end encryption would mean that the FBI would be mostly restricted to operating within the confines of the Constitution. We can't really have that.
"they should be able to get a warrant to try to break that encryption"
RTFA, That's his point too. The trouble is he only finds 9 examples of judges giving opinions or court orders:
"Mayer analyzed the few public examples of law enforcement hacking he was able to find, most of them from the FBI and DEA: five public court orders and four judicial opinions."
He found discussions where the FBI expressed the belief that it is legal without a warrant and alluded to previous times they'd done it warrantless.
"He also looked through declassified FBI documents and found that officials there have “theorized that the Fourth Amendment does not apply” when investigators “algorithmically constrain the information that they retrieve from a hacked device"
"Mayer said that in internal emails, federal investigators argued that targeted hacking might not constitute a search, and hinted at past times when officials may have hacked without getting a warrant first."
So if you believe the FBI has only done this 9 times then perhaps Libertarians are crackpots. On the other hand it seems likely the FBI has done this hundreds of thousands of times, and thus 9 examples of judicial opinions on cases suggests they're not telling the courts.
The FBI of course won't even reveal the total number of targets its used malware against, be it 9 or 9 million.
For that, they must first have a suspect.
. . . So the FBI just declares everyone in the US to be suspects . . . so they can spy on everyone . . . that's more or less how it works these days.
Schroedinger's Brexit: The UK is both in and out of the EU at the same time!
... so can everybody. Chinese, Russians, Bulgarians, Ukranians, Germans....
sed -e 's/Chuck Norris/Rajnikant/g' joke > fact
FISA courts aren't courts. There is no defense council. It is one sided, and the government can do whatever it wants and get a warrant for anything, so long as the courts can find some ridiculous, contrived view that 'limits' the search. For example, "every email ever sent, except the one last tuesday about carl's lunch" why, that clearly narrows it down! Warrant approved!