AP, Vice, USA Today Sue FBI For Info On Phone Hack of San Bernardino Shooter (usatoday.com)

← Back to Stories (view on slashdot.org)

AP, Vice, USA Today Sue FBI For Info On Phone Hack of San Bernardino Shooter (usatoday.com)

Posted by msmash on Friday September 16, 2016 @05:20AM from the right-for-access dept.

Three news organizations filed a lawsuit Friday seeking information about how the FBI was able to break into the locked iPhone of one of the gunmen in the December terrorist attack in San Bernardino. From a USA Today report: The Justice Department spent more than a month this year in a legal battle with Apple over it could force the tech giant to help agents bypass a security feature on Syed Rizwan Farook's iPhone. The dispute roiled the tech industry and prompted a fierce debate about the extent of the government's power to pry into digital communications. It ended when the FBI said an "outside party" had cracked the phone without Apple's help. The news organizations' lawsuit seeks information about the source of the security exploit agents used to unlock the phone, and how much the government paid for it. It was filed in federal court in Washington by USA TODAY's parent company, Gannett, the Associated Press and Vice Media. The FBI refused to provide that information to the organizations under the Freedom of Information Act. The lawsuit charges that "there is no lawful basis" for the FBI to keep the records secret.

49 comments

Min score:

Reason:

Sort:

Why bother? by bev_tech_rob · 2016-09-16 05:23 · Score: 3, Insightful

Yea, they will release the document, but it will be 100% redacted....so total waste of time...

--
You're messin' with my Zen Thing, man.....
1. Re:Why bother? by mewsenews · 2016-09-16 06:17 · Score: 4, Informative
  
  It's the principle of the thing.
  Apple is winning against these requests from the government, but barely. Wikipedia says that a judge ruled in their favour in Brooklyn, but in the most publicized case - the case of the San Bernadino terrorists, the FBI withdrew their request rather than have Apple's objection decided on by the judge.
  Dragging these assholes into the sunlight and making their methods a matter of public record makes things better for everybody.
2. Re:Why bother? by XXongo · 2016-09-16 07:51 · Score: 4, Informative
  
  Well, that's a little unfair. What Apple challenged was the FBI's request for the court to order them to write new software to specifications given to them by the FBI, with the function of cracking their own security.
  The FBI told them "well, after you break your own security, you can erase the software"... but you do know that there was a whole queue of other police departments and other FBI cases lined up to make the same demand, if they acceded to the first one.
3. Re:Why bother? by Anonymous Coward · 2016-09-16 09:53 · Score: 0
  
  They should have charged at a level appropriate to the task... a level which would have bankrupted most of those police departments.
4. Re:Why bother? by Plumpaquatsch · 2016-09-16 11:30 · Score: 1
  
  Yea, they will release the document, but it will be 100% redacted....so total waste of time...
  Well,a single page with one black line across a third of the page's width. That would tell us a lot.
  
  --
  Of course news about a fake are Fake News.
5. Re:Why bother? by armanox · 2016-09-17 09:28 · Score: 1
  
  Which they had no ability to do - the court order would have forced them to do it for free.
  
  --
  I'm starting to think GNU is the problem with "GNU/Linux" these days.
6. Re:Why bother? by Coren22 · 2016-09-20 06:59 · Score: 1
  
  Except no, the court order included reasonable fees, which would have been paid by the FBI.
  http://www.politico.com/f/?id=...
  Section 5 and 7. Did you honestly think no one could look up the court order and call you out on that?
  
  --
  APK likes to ask for responses to the same things over and over. Maybe he just likes the responses?
7. Re:Why bother? by Coren22 · 2016-09-20 06:59 · Score: 1
  
  http://www.politico.com/f/?id=...
  Well, they made a recommendation, but left it open for Apple to counter offer with another method of getting the data.
  
  --
  APK likes to ask for responses to the same things over and over. Maybe he just likes the responses?
San Bernadino murders by Anonymous Coward · 2016-09-16 05:27 · Score: 0

how bout they pick a case which doesn't involve folks who clearly came to the US with the intent of killing Americans? I'm sure that there are cases of over reach by the FBI, so why not pick on those cases? I'm not getting the obsession that the industry, and the press, have with San Bernadino mass murders. Pick on the horror of the cell phone for the whacko of the Sandy Hook slaughter, or something else domestic.
1. Re:San Bernadino murders by Kierthos · 2016-09-16 05:59 · Score: 1
  
  How about you do three seconds worth of research and realize that one of the shooters was born in Chicago?
  
  --
  Mr. Hu is not a ninja.
Regarding cost, FBI already released the figure by JoeyRox · 2016-09-16 05:29 · Score: 1

In a roundabout but easy calculable way - it came to about $1.3M.

"Federal Bureau of Investigation Director James Comey said on Thursday the agency paid more to get into the iPhone of one of the San Bernardino shooters than he will make in the remaining seven years and four months he has in his job. According to figures from the FBI and the U.S. Office of Management and Budget, Comey's annual salary as of January 2015 was $183,300. Without a raise or bonus, Comey will make $1.34 million over the remainder of his job."

Source: http://www.reuters.com/article...
1. Re:Regarding cost, FBI already released the figure by NatasRevol · 2016-09-16 05:36 · Score: 1
  
  Add in a large amount of legal fees. Which are probably MUCH more than $1.3M
  
  --
  There are two types of people in the world: Those who crave closure
2. Re:Regarding cost, FBI already released the figure by cdrudge · 2016-09-16 05:38 · Score: 1
  
  The actual quote was:
  
  "A lot. More than I will make in the remainder of this job, which is seven years and four months for sure," Comey said. "But it was, in my view, worth it."
  $1.3M would be the lower bounds of what would be paid. If the FBI paid $10M or $100M it'd still make his statement correct, but absolutely meaningless.
3. Re:Regarding cost, FBI already released the figure by nomadic · 2016-09-16 06:28 · Score: 1
  
  Seems kind of silly for them to make his pay a metric for the cost of an investigation, particularly a fairly important investigation like this one.
4. Re:Regarding cost, FBI already released the figure by newcastlejon · 2016-09-16 12:40 · Score: 1
  
  So, in other words, it's saying that it's more than his job's worth.
  
  --
  If God forks the Universe every time you roll a die, he'd better have a damned good memory.
jeremy hsu gave me an unrequested cupcheck at lore by Anonymous Coward · 2016-09-16 05:31 · Score: 0

Science journalist in NYC. Writing for Discover Magazine, IEEE Spectrum, Popular Science, Scientific American, and more.
Full disclosure from the police in a police state? by Anonymous Coward · 2016-09-16 05:34 · Score: 0

ha! hahahahahahahaa
DMCA? by Moof123 · 2016-09-16 05:36 · Score: 1, Funny

I thought that intentionally circumventing these things was illegal. Did the FBI arrest the owners of the company after they demonstrated the ability to hack the phone?
1. Re:DMCA? by zlives · 2016-09-16 05:54 · Score: 1
  
  they probably just bought the aperatus to break it so when an fbi employee uses it to !hack! it its not illegal :)
2. Re:DMCA? by Coren22 · 2016-09-20 07:06 · Score: 1
  
  http://www.androidpolice.com/2...
  No. There is an exemption for cell phones.
  
  --
  APK likes to ask for responses to the same things over and over. Maybe he just likes the responses?
fake cell tower and pushed software by Anonymous Coward · 2016-09-16 05:42 · Score: 0

not that complicated.
1. Re:fake cell tower and pushed software by Shatrat · 2016-09-16 05:59 · Score: 1
  
  The software is signed. That's complicated.
  
  --
  09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
Isn't this hypocritical of them? by Frippet · 2016-09-16 05:45 · Score: 1

News organisations are always wanting to protect their sources, so now they want the FBI to give out theirs? So the next time they are asked to give their sources on something are they going to? Not likely. Also, what reason do they need to know who or how it was cracked? As for costs, being tax payers money, that should be disclosed but that's about it.
1. Re:Isn't this hypocritical of them? by Anonymous Coward · 2016-09-16 06:24 · Score: 0
  
  A news organization is not likely to spend $1+ Million of taxpayer money to hack your iPhone. When you tax people at the point of a gun and then refuse to give information on what that money is spent on, you are no longer running a transparent government and may as well be a dictatorship (pretending to be a democracy)
  A news organization spending their own $1+ Million to hack your iPhone does not involve me in the least, unless I am a customer. At that point I can choose to no longer be a customer because I believe the news organization is insane. I can't quit the IRS.
  I have been told by government employees that I have no right to have any say about what taxpayer money is spent on and I also have to right to ask for information on how it was spent. Apparently Comey feels the same way.
2. Re:Isn't this hypocritical of them? by Anonymous Coward · 2016-09-16 06:55 · Score: 0
  
  New organizations protect their sources because otherwise the government will kill their sources. Since the government has a monopoly on murder the same cannot be said.
3. Re:Isn't this hypocritical of them? by WolfgangVL · 2016-09-16 07:01 · Score: 1
  
  News organisations are always wanting to protect their sources, so now they want the FBI to give out theirs? So the next time they are asked to give their sources on something are they going to? Not likely. Also, what reason do they need to know who or how it was cracked? As for costs, being tax payers money, that should be disclosed but that's about it.
  FBI Mission & Prioritiest
  Just a quick glance at this should highlight some answers to your question for you, but in case the chips are still not falling into place, I'll highlight the reasons that most resonate with me personally.
  A constitutional responsibility to protect my privacy
  The FBI is expected to respect my right to privacy, not hide the master-keys away in case we need it later.
  The FBI is expected to Protect the United States against cyber-based attacks and high-technology crimes, not claim monopoly on them.
  The FBIs actions in this regard are at odds with their stated mission on multiple points, and IANAL, but it looks to me like pretty shaky legal ground as well.
  News media's use of confidential sources has been tested and upheld MANY times. We like it that way, protected sources are important. Look to Snowden to see an example of what can happen when sources go on record regarding high profile corruption. It seems to be sometimes forgotten, but the press enjoys certain protections on expectation that it will act as a watchdog, reigning in our government when it over-reaches/misbehaves.
  
  --
  You are being ripped off every second of every day, so that advertisers can help rip you off even more tomorrow.
4. Re:Isn't this hypocritical of them? by XXongo · 2016-09-16 08:15 · Score: 1
  
  News media's use of confidential sources has been tested and upheld MANY times.
  It's been tested many times-- but not always upheld. Most recently, New York Times reporter James Risen faced the threat jail time for refusing to reveal his source for a story: http://www.nytimes.com/2015/01... https://www.thenation.com/arti...
  In the words of Leanne Phillips" "Can a journalist be forced to reveal confidential sources? The answer appears to be no...as long as that journalist is willing to go to jail." https://www.legalzoom.com/arti...
  some others:
  http://usnews.nbcnews.com/_news/2013/04/10/17678244-journalists-watch-as-reporter-faces-jail-time-for-not-revealing-sources?lite
  http://www.forbes.com/sites/rickungar/2013/04/08/fox-news-reporter-facing-jail-for-protecting-source-mainstream-media-yawns-raising-questions-of-liberal-bias/
  http://www.slate.com/articles/news_and_politics/press_box/2005/12/lipservice_journalism.html
  http://www.rcfp.org/jailed-journalists
5. Re:Isn't this hypocritical of them? by Plumpaquatsch · 2016-09-16 11:42 · Score: 1
  
  News organisations are always wanting to protect their sources, so now they want the FBI to give out theirs?
  
  No, they want the evidence, not the source. Not to mention that everybody already knows who the source is, and also that he was dead before he even became the source. Completely ignoring that he was the main perpetrator in the case. Why the hell would this source need protection?
  
  --
  Of course news about a fake are Fake News.
6. Re:Isn't this hypocritical of them? by ChrisMaple · 2016-09-17 04:16 · Score: 1
  
  News organizations protect their sources because if their sources think they can be identified, they will stop being sources in order to not be identified. News organizations care very little about their sources except insofar as the sources provide information which allows the organizations to prosper.
  
  --
  Contribute to civilization: ari.aynrand.org/donate
If President Obama was really committed ... by El+Cubano · 2016-09-16 05:48 · Score: 1

The news organizations' lawsuit seeks information about the source of the security exploit agents used to unlock the phone, and how much the government paid for it. It was filed in federal court in Washington by USA TODAY's parent company, Gannett, the Associated Press and Vice Media. The FBI refused to provide that information to the organizations under the Freedom of Information Act. The lawsuit charges that "there is no lawful basis" for the FBI to keep the records secret.
If President Obama was really committed to running the most transparent administration in US history (remember, this was probably the thing he promised most frequently during his 2008 campaign), then he would order the FBI director to release the information without them having to be taken to court. But, I won't hold my breath. I'm just saying...
1. Re:If President Obama was really committed ... by Sassinak · 2016-09-16 05:58 · Score: 1
  
  You do realize that the single biggest complaint people have about the government is "overreach" and "too much government intrusion". So this would just put another nail in the coffin, not to mention the republicans would use it as a cudgel to complain about "the democrats are against the police and due process". Sadly we have a delicate situation that is best left to the courts because anything else is going to get politicized like mad.
  
  --
  God made the Idiot for practice, and then He made the School Board -- Mark Twain Look for http://Thebar.steelbeachca
2. Re:If President Obama was really committed ... by Ungrounded+Lightning · 2016-09-16 06:31 · Score: 1
  
  Sadly we have a delicate situation that is best left to the courts because anything else is going to get politicized like mad.
  We have a situation where the central issue is the interpretation of the law as applied to a particular situation and determination of whether an executive-branch's actions are in obedience to it. The courts are the appropriate venue for decisions of this nature.
  
  --
  Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
3. Re:If President Obama was really committed ... by El+Cubano · 2016-09-16 06:32 · Score: 1
  
  You do realize that the single biggest complaint people have about the government is "overreach" and "too much government intrusion".
  Hence why being open about something like this is so important. It helps people understand government actions that have the potential affect their privacy.
  
  So this would just put another nail in the coffin, not to mention the republicans would use it as a cudgel to complain about "the democrats are against the police and due process".
  In what coffin? So what if the Republicans will use it to browbeat the Democrats? The Democrats use plenty of real and invented situations to browbeat the Republicans. Welcome to politics. The truth is that many Democrats campaign on platforms relating to civil liberties, then don't come through. Just like lots of Republicans campaign on platforms relating to family values and then get caught having affairs or secret homosexual rendezvous in airport bathrooms. What's new about any of that?
  
  Sadly we have a delicate situation that is best left to the courts because anything else is going to get politicized like mad.
  If you think the courts aren't equally, if not more, politicized, then you are fooling yourself.
  Let me ask you a question: have you ever personally known anyone who had to receive treatment for cancer? It is an ugly and painful thing. Sometimes people say "the cure is worse than the disease". However, you can't just let the disease take over; that would mean certain death. The situation with our government is like a cancer. Treating it will be very painful and not without risks. However, to give some part of the government a pass now because the opposition political party would take advantage of the situation if it were out in the open is disingenuous. Just like refusing to treat a cancer because other people would then know you were sick is patently absurd.
My guess: by jxander · 2016-09-16 06:00 · Score: 1

They won't release the info because the "hack" was silly silly silly. Probably related to shoulder surfing.
Maybe they found a friend/coworker who saw the code being entered on the phone. Or maybe they got some security footage from a bank/store/etc. and could see him type in the code. Whatever the actual case, they didn't actual hack the software, but found a very silly workaround.
Either that, or they didn't hack in at all. Saying that they did was simply a lie to save face.

--
This signature is false.
1. Re:My guess: by networkBoy · 2016-09-16 06:27 · Score: 1
  
  actually it's much much simpler than this, I had a method to do it, but they didn't take me up on it.
  Remember this phone was pre-secure enclave. ;)
  -nb
  
  --
  whois gawk date unzip strip find touch finger mount join nice man top fsck grep eject more yes exit umount sleep dump
2. Re:My guess: by Anonymous Coward · 2016-09-16 23:51 · Score: 0
  
  actually it's much much simpler than this, I had a method to do it, but they didn't take me up on it.
  Remember this phone was pre-secure enclave. ;)
  -nb
  So you say - whereas I actually posted my hack in a Slashdot story at the time. Hack still works too, and it's not complex or secret (I learnt it from an employee of an Apple shop). But we now return to "it must be very tricky" (not just deliberately invalidating the signature on an upgrade applied from a connected Windoze machine so the update fails)
  Demonoid Penguin
Multiple FOIA Exemptions probably apply by HighOrbit · 2016-09-16 06:10 · Score: 2

I don't think they are going to get very far with the lawsuit under FOIA. See https://www.foia.gov/faq.html#...

Exemption 1: Information that is classified to protect national security.

Exemption 4: Trade secrets or commercial or financial information that is confidential or privileged.

Exemption 7(E). Would disclose techniques and procedures for law enforcement investigations or prosecutions

So, beside the national security issue, the technique may be a trade secret of the contractor whom the FBI hired to pull off the hack. Next, the hack was clearly used as a technique for a law enforcement investigation.
1. Re:Multiple FOIA Exemptions probably apply by Anonymous Coward · 2016-09-16 07:31 · Score: 0
  
  This lawsuit is not about disclosure as it is inherently obvious nothing of value would be released, rather the lawsuit is a way for the prosecuting companies to get publicity using some low paid lawyers. This article is just adding gas to the flames.
2. Re:Multiple FOIA Exemptions probably apply by Anonymous Coward · 2016-09-16 07:46 · Score: 0
  
  From the summary; who reads the fine articles these days?
  
  The news organizations' lawsuit seeks information about the source of the security exploit agents used to unlock the phone, and how much the government paid for it.
  I'm not sure if the name of the company they used, or the price they paid, would really fall under those exemptions. We'll see, I guess.
Re:Full disclosure from the police in a police sta by Anonymous Coward · 2016-09-16 06:10 · Score: 0

They will probably disclose it. They are currently redacting all sentences in the document except the date and page number.
My guess.. by Anonymous Coward · 2016-09-16 06:36 · Score: 0

My guess is they did not break into the phone at all, they KNEW there was not going to be anything of value on it and realised that they were probably going to loose the pissing contest with Apple and that would set a bad precedent.
So, easiest thing to do is say "we got someone else to do it, nothing of value found", this makes the public think they are still competent, leave the legal battle for an opportunity they may win, and makes Apple spend a fortune trying to figure out how they did it.
1. Re:My guess.. by sexconker · 2016-09-16 06:47 · Score: 1
  
  Yup.
DMCA does not apply to law enforcement! by Joe_Dragon · 2016-09-16 07:45 · Score: 1

DMCA does not apply to law enforcement!
It wasn't even the right phone by XXongo · 2016-09-16 07:59 · Score: 1

The investigation may have been important, but breaking the iPhone absolutely was not important. They knew right from the start that this wasn't the phone that the shooters used to plan the action with-- they used different phones for that, and a different computer, all of which they thoroughly destroyed beyond the ability of the FBI to recover.
Nobody expected anything to be on it, and nothing was.
A cynical person might think that the point of breaking the iPhone security wasn't to see what was on the phone at all, since they were already mostly sure nothing was there, but was to force Apple to break their security in a case where the FBI could shout "terrorism! National security!".
1. Re:It wasn't even the right phone by Impy+the+Impiuos+Imp · 2016-09-16 10:30 · Score: 1
  
  I recall a case a few years back where they tried to get a guy to give up his pw for something and failed. Shortly thereafter they cracked it anyway "another way", where that probably meant something they preferred not to potentially have to expose.
  
  --
  (-1: Post disagrees with my already-settled worldview) is not a valid mod option.
2. Re:It wasn't even the right phone by Swave+An+deBwoner · 2016-09-16 15:07 · Score: 1
  
  Given that people sometimes make mistakes handling their secrets no matter how careful they intend to be, it seems reasonable that they wanted to check any data storage device that could possibly have held some information relevant to the crime.
  
  Then again, I was a big fan of "Columbo".
Some options by AHuxley · 2016-09-16 15:29 · Score: 1

If the local press is quick a local walk in FOIA request at a state, city, town, parish level for costs related to a federal state task force hardware can be very productive.
Show any needed local "police issued press ID" to be granted your full existing constitutional rights again, access and get reading, ask for a copy while waiting, right to photograph. Offers to post out, collect later in person, need to find the only staff with access will just result in full redactions or nothing been found later.
This will often need to take place during a very small window of time before material is quickly placed under full sealed federal control or the city/state requests full federal cover.
Funding for state task force hardware is often hidden from any and all state, national digital FOIA search attempts by default but a local paper record might just still exist until full federal protection is enacted.
Try the paper trail and use locals as fronts who have the accents, local photo ID's, still needed local police press passes, can quote any state legal findings, know contractor and city bureaucracies.
Be aware of attempts by contractors or local gov efforts to hide local paper access with helpful or "new" rules only supporting a digital search at a distant central city or state/federal level. Ask to see the local requested local paper work.

--
Domestic spying is now "Benign Information Gathering"