Slashdot Mirror
FBI Has Sights On Larger Battle Over Encryption After Apple Feud (bloomberg.com)
An anonymous reader writes from a report via Bloomberg: FBI Director James Comey said the FBI is exploring how to make broader use of the hack, used to access a San Bernardino terrorist's encrypted iPhone, while bracing for a larger battle involving encrypted text messages, e-mails and other data. The tool could "in theory be used in any case where there's a court order" to access data on an iPhone 5c running Apple's iOS 9 OS, Comey told reporters in Washington on Wednesday. However, accessing content on a phone, known as "data at rest," is only part of the challenge that encryption poses for U.S. investigators. Software applications and other services that encrypts texts, e-mails and other information in transit over the Internet, known as "data in motion," are "hugely significant," especially for national security investigations, Comey said. He said criminals are increasingly using services that encrypt data in motion, and he didn't rule out litigation against companies such as WhatsApp. "WhatsApp has over a billion customers, overwhelmingly good people," Comey said. "But in that billion customers are terrorists and criminals, and so that now ubiquitous feature of all WhatsApp products will affect both sides of the house." As for whether or not there will be litigation against WhatsApp down the road, Comey says, "I don't know." The FBI is trying to figure out how to allow "law enforcement around the country with court orders to be able to use our tool," Comey said. It's "tricky," he said, because using the tool to help state and local criminal investigations could mean that it would have to be revealed in a court preceding if there isn't a procedure in place to prohibit testimony about how it works.
...yet they're just itching to let local law enforcement use their tool for what plainly is not a matter of national security. I really hope that Americans aren't quite as dumb as I perceive and can see things for the way they are. Also, the more I hear Comey speaking, the more I wish somebody would just put a sock in him. The 1990's called and wants its Clipper chip back.
I can walk down the street with a friend and have a conversation that is not recorded, is never discoverable in the future. Although millions of us are honest people, terrorists could have these types of conversations as well. I just don't know how we can let that happen. It seems that the government should require us to record conversations so that if there is a warrant in the future we can get that data. Why it is just unfathomable that there could be information that the government cannot discover! How could we have let this happen for so long?! It's just SO GREAT that the FBI is trying to protect us...
If the prosecution's case relies on evidence gathered by secret means then the data cannot be verified and it does not meet the standard of beyond reasonable doubt.
"We have evidence that proves his guilt but we can't tell you about it" -- then you don't have evidence.
"Grab them by the pussy" -- President of the United States of America
"FISA court" is an oxymoron. In a court of law, an issue is contested by opposing sides before a neutral judge (and jury, if there's felony liability at stake, or funds in excess of twenty dollars in controversy).
A rubber-stamp procedure where one government employee pretends to be an advocate for the government's target while another one pretends to be a neutral magistrate, and a third pretends to be a legitimate officer of the court asking for a legal warrant, is not a court of law at all, and everyone participating in such a farce is complicit in a conspiracy to deny civil rights under color of authority.
If we ever have a functioning justice system in this country again, a hell of a lot of apparatchiki will be in deep shit.
-jcr
The only title of honor that a tyrant can grant is "Enemy of the State."
Secret investigations are often necessary for a time to allow law enforcement investigations to proceed.
Right up until the moment when you take someone to court. If you don't disclose how evidence was obtained, then there is nothing to prevent en masse violation of the Constitution--no matter how good your intentions or how bad the people you are going after.
Real lawyers write in C++
FBI Director James Comey needs to resign because he's made it very clear he does not have the American public's best interests in mind.
Anons need not reply. Questions end with a question mark.
They're bad because any old file can be presented as coming from the encrypted device. It would be very easy for the fuzz to "plant evidence", so to speak. As in:
"Did you find this photo of the defendant wielding an ISIS flag on the defendant's phone Officer?"
"Yes your honor."
"How did you recover it?"
"I can't say your honor."
Good luck proving the phone only had lolcats on it.
The FBI director openly discussing how to subvert the justice system is yet another sign that the US is now a fully fledged totalitarian state.
"A door is what a dog is perpetually on the wrong side of" - Ogden Nash
Before WhatsApp and the iPhone, there weren't any real obstacles. Given time and equipment, any physical safe can be opened.
It *can* be, but it won't be. John DOE, Petitioner v. UNITED STATES. 487 U.S. 201 (108 S.Ct. 2341, 101 L.Ed.2d 184).
"A defendant can be compelled to produce material evidence that is incriminating. Fingerprints, blood samples, voice exemplars, handwriting specimens, or other items of physical evidence may be extracted from a defendant against his will. But can he be compelled to use his mind to assist the prosecution in convicting him of a crime? I think not. He may in some cases be forced to surrender a key to a strongbox containing incriminating documents, but I do not believe he can be compelled to reveal the combination to his wall safe —- by word or deed."
The police did not subsequently obtain a warrant to break open the safe, because they could not produce probable cause that the safe contained the bank records which the police were seeking.
So no: there is no difference between encryption and a combination lock.
What's interesting, however, is that there is, likewise, no difference between a lockbox key and a fingerprint to unlock a phone. So if you are stupid enough to use a fingerprint lock, they can compel you to put your finger on the sensor.
The only difference here is that an iPhone is treated differently than a safe, because the iPhone isn't (yet) as secure as a safe, and the iPhone isn't (yet) treated as a container for data, rather than personal property. Obviously, the first time someone is smart enough to raise that precedent in an evidentiary hearing and get an iPhone hack in as an illegal search, things will go to hell for the police, and then for the FBI.
So for right now, I think they will use it only where they've used it so far: where the perp doesn't own the device, and the actual owner gives permission.
Of course, this means that, for most of the U.S., which buys their iPhone over time as part of agreeing to a service contract, until they go off contract, it's actually the telephone company which owns the iPhone, not the person in whose possession it happens to currently reside.
That should make a nice court case, as well: when the police go to the telephone company and obtain permission. Expect if e.g. AT&T actually grants permission, that the week following, there's going to be a LOT of new T-Mobile, Verizon, and Sprint customers.
I don't think that WhatsApp really understands what this means.
I think they do. I think they have a pretty damned good idea, in fact, having talked to a number of executive officers of the company personally about the issue.
Is this really what we want - for evidence of crimes to be unobtainable?
No.
In the "think of the children" argument you are making, this is what we want:
We want the police to arrest the child pornographers at the point of the creation of the pornography, prior to its distribution, and prior to the further abuse of the children in question. If they can't do that, then what good are they to anyone?
Great, you break into an iPhone, and find someone has a picture on it that was illegally created, and is illegal to posses. Big deal. For every copy you find, there are dozens or hundreds still out there. You haven't prevented the social harm by breaking into Guido The Child Perv's iPhone. You haven't even ameliorated it a bit, if Guido is a "leaf node" (i.e. he doesn't distribute the material himself).
Marching in after a crime has been committed and figuratively beating the crap out of the perpetrator, while the victim is still lying in a pool of blood is not a useful operation. It clearly does not prevent future victims, particularly for things like murder, where the penalty takes so freaking long to enact that someone can start by getting their GED and have multiple PhDs before they ever
"WhatsApp has over a billion customers, overwhelmingly good people,"
And they live in 194 countries, 193 of them not giving a shit what the FBI wants.
This is exactly what Apple was saying would happen if they released the patch. This hack is now to be used for all other phones that have some information, which have no bearing to the original case. This is exactly the slippery slope we where warning about would happen.
One of the interesting aspects of the Assault on Freedom being conducted by governments the world over is the incredibly selective, distorting arguments that they make. In this case, one of the FBI's central themes has been that "terrorists, criminals and paedophiles" use encryption to hide behind. The inference is that "general purpose encryption" is being used "to do or hide bad things".
Even assuming that this argument were true, or had been substantiated by the claimant [neither in this case] it seems to be somewhat self-defeating.
If we apply the same logic to, say, the right to private ownership of firearms [and, sorry for all those who wish to retain their Second Amendment rights, because I truly don't mean to come across as a troll] provides a very similar argument and case. The United States has some of the highest personal firearm ownership levels anywhere in the world, and some of the highest levels of firearms related murders and woundings. So if the FBI were to stand up and say, "Well, because so many people with firearms use them for criminal purposes, we'll just outlaw all personal firearm ownership..." Whether or not you consider that argument right or wrong is irrelevant in this case, because I am using it as a good example of the way that law enforcement are so selective when it comes to their arguments.
We have also seen how acts of states that are conducted behind closed doors and without full public scrutiny (Wikileaks, Snowden, Panama Papers, etc) lead to corruption and vast amounts of white-collar crime. So if we apply the same logic that the FBI are using to attack encryption - and in attempting to stamp out bribery, corruption, fraud and tax evasion, obviously the FBI will also be demanding completely transparent government, all key decisions made before public hearings, complete financial transparency, with additional requirements for anyone worth more than say $10 Million and so on?
What's that you say? No? Didn't think so...
Somebody help me out here. Since pgp is, essentially, open-sourced, how do government agencies expect to regulate encryption? Even if they force this company or that company to give them a "back door", what is there to prevent someone from running their own app? Do they not realize that criminal and terrorist organizations are capable of easily building their own encryption applications?
Proverbs 21:19