Clueless Press Being Played To Suggest Encryption Played A Role In San Bernardino Attacks

from the gotta-try dept

Mon, Dec 14th 2015 8:29am — Mike Masnick

As law enforcement and their friendly politicians have used the attacks in San Bernardino to renew a call to undermine and break encryption, the mainstream press has been an easy target for politicians looking to get out whatever message they want. Take, for example, the following set of stories that popped up for me in a simple Google News search:

Note that the first story -- the one claiming the San Bernardino attackers had encryption actually came out before the second story saying they did not. Incredibly, if you read the full text of both stories, neither fully agrees with its own headline. The ABC story is ridiculously vague:

The couple who launched the terrorist attack in San Bernardino, California, last week had devices with some form of encryption, making it difficult for authorities to access all potential information on phones and perhaps other devices, two senior U.S. officials told ABC News.

"Some of their digital media we have been able to exploit. Some of it we have not,” one official said.

The story at The Hill that claims there's "no evidence" instead has lots of quotes from people suggesting that they just haven't found it yet, and Senator Richard Burr saying it doesn't matter because "we've still got a big problem out there that we're going to have to deal with and it's called encryption." This is the same Richard Burr who, just a couple of months ago, was warning about the dangers of "cyber" attacks in pushing CISA. Does he not realize that encryption helps protect against those attacks significantly more than the ridiculous CISA bill he supported?

Anyway, it appears the same anonymous "senior US officials" who were whispering in ABC's ear were doing the same to CBS, which posted a ridiculously vague tweet, without any followup story (that I can find):

Others have since run with it. The International Business Times wrote an entire story about the encryption the attackers used, with CBS's tweet as its sole source. And a local Fox affiliate ran a similar story that also is ridiculously vague, with a title breathlessly declaring "ISIS Encryption Used By San Bernardino Shooters." Even that headline goes beyond anything else I've seen, since no one had specifically claimed "ISIS encryption." But then you read the full article and it doesn't either. Here's the entire discussion of the San Bernardino attackers in the first paragraph:

Lawmakers say the San Bernardino shooters may have used encrypted communications in an attempt to hide their activities. This type of encryption has been seen before, however.

The rest of the article deals with the FBI's new claims that one of the Garland, Texas, shooters used encryption, not the San Bernardino attackers. And then it just mentions that ISIS has its own form of encryption at the end of the article, never tying it back to the San Bernardino attackers. A headline like that seems like journalistic malpractice.

Thankfully, Joshua Koopstein at Vice's Motherboard throws some cold water on this kind of idiocy, noting that every phone these days has some "built-in encryption" and that the press running with this story are being ridiculous.

As many in the security world quickly pointed out, the claim is both vague and nonsensical: Every phone and computing device currently sold in the US has “levels of built-in encryption.” If they didn't, criminals would still be able to easily intercept your calls when your phone connects to a cell tower, and a common thief who steals your device would get access to your bank account info, login details, pictures, and any other sensitive data you stored on it.

In other words, saying you found “built-in encryption” in a modern cellphone is about as meaningful as saying you found a battery and a touchscreen.

And, even more on point, Marcy Wheeler points out that "encryption" has just become law enforcement and the intelligence community's buzzword of choice for "failing to achieve omniscience."

But this is the second attack in a row, with Paris, where Burr and others have suggested that their lack of foreknowledge of the attack makes it probable the planners used encryption. Burr doesn’t even seem to be considering a number of other things, such as good operational security, languages, and metadata failures might lead the IC to miss warning signs, even assuming they’re collecting everything (there should have been no legal limits to their ability to collect on Malik).

We’re not having a debate about encryption anymore. We’re debating making the Internet less secure to excuse the IC’s less-than-perfect-omniscience.

Indeed, that's why we pointed out that the Paris attacks were an intelligence failure, not an encryption problem. And it explains why the law enforcement and intelligence communities are so quick to blame encryption. They don't want people looking back at their own failures, so they might as well blame the technology.

But, really, none of that really matters in the long run. There certainly will be attacks where encryption is used for planning -- why wouldn't there be? But the debate shouldn't be about that so much as looking at the overall setup of the world and computer security. And the simple fact is that more people are made safer by the widespread adoption of encryption than are made safer by undermining that encryption to let the FBI peek in on your communications.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: encryption, journalism, san bernardino attacks

33 Comments

If you liked this post, you may also be interested in...

Reader Comments

Subscribe: RSS

View by: Time | Thread

That One Guy (profile), 14 Dec 2015 @ 7:24am

Feds Challenged by Private Conversations of San Bernardino Attackers
Across the nation government and police forces are warning the public that they may not be safe, citing a dangerous emerging new trend in criminal activity: Private, in-person communications.

"It makes it extremely difficult to gather useful intel," one anonymous government official explained. "These people, these criminals, have taken to having in-person, private conversations, away from any form of recording device, making it all but impossible for us to gather intelligence as to their actions and plans."

An anonymous police official mirrored the government official's sentiment, adding that it was even worse than that. "Not only are they using methods of communication that we don't have access to and can't intercept, some of them have even taken to talking in code."

"Where before you might have a criminal say over the phone, 'Hey, that bank we were going to rob, with the one shotgun and two semi-automatic pistols spread out among the three of us, that was going to happen on the 23rd of this month, 6:15 pm, at the NorthWest Bank, right?', now they won't even mention any criminal activity at all, making it incredibly difficult to tell the difference between people planning a crime, and ones having a completely innocent conversation."

Officials are warning the public that unless drastic steps are taken, and soon, a massive wave of crime and terrorist activity is likely to sweep the nation.

"Across the US you've got criminals, you've got terrorist, you've even got communists, planning crimes in the privacy of their own homes, or in other out of the way places without any cameras or microphones," an anonymous police spokesman noted. "Unless we can do something about this 'privacy' thing, unless we can ensure that no conversation goes unrecorded, no act unwitnessed by the proper authorities, they are going to continue to slip past our carefully crafted surveillance systems, and continue to commit crimes."

However, even in the face of such a threat, there are those that oppose the simple steps that the police and government are calling for.

"I've lost track of how many 'civil rights' groups have sent in protests, whining about how you can't forbid people from using private forms of communication, or mandate that any conversation or planning of any sort must be recorded and sent to the proper authorities. Groups who claim that what we're proposing is somehow a 'violation of basic privacy', and 'incredibly intrusive'." An anonymous government official was quoted as saying.

"What it comes down to is that they value liberty, privacy, and freedom more than the lives and safety of the public. We're trying to make sure that no-one is allowed or able to have a private conversation ever again, to make it so that anything someone says or does or writes is recorded and accessible by the proper authorities so that they can prevent crimes, and solve the ones that they can't prevent for reasons that are completely not their fault, and yet they object to that."

"They would rather people live a life free from all encompassing surveillance and a complete and utter lack of privacy, even if it means that bad things might happen, that people might be injured or even killed, rather than the safer life we're offering them, safe from crime, safe from terrorism, and safe from freedom and privacy."

It's hard to argue that it's a difficult time for the safety of the nation, and one can only hope that the public comes to it's senses, and hands over the keys to their privacy and liberty to the trustworthy guardians of the public before it's too late.
[ link to this | view in chronology ]
- Anonymous Coward, 14 Dec 2015 @ 9:16am
  
  Re: Feds Challenged by Private Conversations of San Bernardino Attackers
  Sir/Madam, You are offically declared permission to grab a beer or three.
  Finding sanity is so rare these days.
  [ link to this | view in chronology ]
- Seegras (profile), 14 Dec 2015 @ 3:07pm
  
  Re: Feds Challenged by Private Conversations of San Bernardino Attackers
  I really love that use of "An anonymous police official"..
  [ link to this | view in chronology ]
agalvan (profile), 14 Dec 2015 @ 8:55am

Perhaps we should start the following rumor:

San Bernardino attackers able to ascertain they were not being followed thanks to golden-key-enabled encryption scheme used by cops.

Perhaps then they will stop trying to break encryption; though I'm not holding my breath.
[ link to this | view in chronology ]
Anonymous Coward, 14 Dec 2015 @ 9:10am

They also used another form of encrypted communication that law enforcement can't easily crack...the Arabic language.
[ link to this | view in chronology ]
Anonymous Coward, 14 Dec 2015 @ 9:16am

Criminals hide their plans from the government
Criminals hide their plans from the government, News at 11!
[ link to this | view in chronology ]
Anonymous Coward, 14 Dec 2015 @ 9:28am

Here is what is really going on...
The Feds have failed to stop a single, legitimate terrorist attack even when they had full scale, mass snooping in place. So to hide their ineptitude they are blaming encryption as a smokescreen.
[ link to this | view in chronology ]
- Anonymous Coward, 14 Dec 2015 @ 9:34am
  
  Re: Here is what is really going on...
  The cynics among us might be asking if they knew about attacks like this and allow them to happen. In order to benefit from the fear and panic they cause, to pass more restrictive laws
  [ link to this | view in chronology ]
  - Anonymous Anonymous Coward, 14 Dec 2015 @ 10:19am
    
    Re: Re: Here is what is really going on...
    I don't know if they did, or if they didn't, but this certainly fits with their ever more apparent agenda. I would not put it past the drooling, self-aggrandizing, power hungry, almost rabid lot we have in positions they should never have attained (and will find really difficult to get rid of).
    [ link to this | view in chronology ]
Anonymous Coward, 14 Dec 2015 @ 9:31am

5 years later.
After another year of the government's successful implementation of golden key decryption, officials say this still isn't enough and are now requiring all citizens wear body cameras at all times. One insightful official quoted "Well it is easy to tell who the criminals are, just have everyone equipped with a body camera. If you are not wearing one, you must be a criminal."
In other news, hackers continue to wreak havoc. Government officials are baffled as they continue to break into secured communication all over the US.
[ link to this | view in chronology ]
- TasMot (profile), 14 Dec 2015 @ 10:07am
  
  Re:
  However; Law Enforcement Officials are reminding everyone that they are not allowed to point their personal body cams at Law Enforcement Officers while they are being paid by tax dollars just in case they were to get caught on video doing something they are not supposed to be doing, that would be bad.
  
  Otherwise, please feel free to film everybody else and send the video of them doing something bad with complete identifying information so that we can go pick them up without having to work very hard. That would be great.
  [ link to this | view in chronology ]
Anonymous Coward, 14 Dec 2015 @ 9:31am

Evidence don't matter they will say what they want and let their propaganda services do the rest. We should be thankful they haven't said it's the fault of some random country that is creating encryption based WMD's
[ link to this | view in chronology ]
Adam (profile), 14 Dec 2015 @ 9:34am

We can EASILY solve this encryption debate...
Why does no one see how to end this encryption debacle?

Here's a VERY simple solution...

Let the government pass the damned law.. In 30 days time after the first "backdoor" and "hacker proof" algorithm is completely destroyed by pretty much everyone who wants to try then we can put this issue to bed that NO BACKDOOR IS SAFE. Period.
[ link to this | view in chronology ]
- crade (profile), 14 Dec 2015 @ 9:45am
  
  Re: We can EASILY solve this encryption debate...
  Isn't that how we handled the DMCA?
  [ link to this | view in chronology ]
- David, 14 Dec 2015 @ 11:26am
  
  Re: We can EASILY solve this encryption debate...
  And after the US tech industry takes a massive hit, due to no other country in the world will buy US products with US mandated backdoor encryption.
  
  It will be ITAR in reverse, it will be illegal to import encryption, as it is assumed to be a weapon of mass destruction.
  [ link to this | view in chronology ]
- Anonymous Coward, 14 Dec 2015 @ 12:35pm
  
  Re: We can EASILY solve this encryption debate...
  How many laws get rescind? Rarely happens unless forced by DoJ.
  [ link to this | view in chronology ]
John85851 (profile), 14 Dec 2015 @ 9:36am

This simple solution will restore your faith in humanity and change everything
Put simply, most of these headlines are simply clickbait:
they get people excited about the story so they can form an an opinion without having to read the story. Come on, who writes an entire story about a tweet from CBS??

We should treat clickbait headlines like spam: the less we click on it, and the quicker the companies see it's not working, the sooner it'll go away.
[ link to this | view in chronology ]
- Anonymous Coward, 16 Dec 2015 @ 1:48pm
  
  Re: This simple solution will restore your faith in humanity and change everything
  Ah, yeah. That will work as soon as they stop creating clickbait on topics people want to see. Like boobies.
  [ link to this | view in chronology ]
crade (profile), 14 Dec 2015 @ 9:41am

Encryption: Something magic that we only know a few things about, but we know everything that matters.. We don't know what it is or what it's for, but we know it's not important enough to keep around and we know it's somehow the key to stopping terrorism and we know the techies could just make the problem go away if they weren't so obstinate.
[ link to this | view in chronology ]
Anonymous Coward, 14 Dec 2015 @ 9:46am

speculative prevention
Much of the pro-encryption cheerleading that suggests authorities would have been able to save lives if only they'd been able to break encryption, might have another intended target: after-the-fact documentation. With the intent of the NSA being the ability to harvest, store, cross-reference, and read every digital and analog communication on the planet, that immense database could then be better mined for information on past events whenever desired. Reports could be written up, profiling studies created, psychological assessments, predictions, models, trends, etc. Leading to a mountain of paperwork and endless speculations produced by the government agencies.

Although having a 'paper trail' to sort through would not have prevented the crime, it would have certainly given the security-industrial complex something to feed on to help justify their very existence.
[ link to this | view in chronology ]
- Adam (profile), 14 Dec 2015 @ 9:59am
  
  Re: speculative prevention
  The point isn't what it gives "them". The point is that it gives it to others as well...
  [ link to this | view in chronology ]
  - Anonymous Coward, 14 Dec 2015 @ 10:58am
    
    Re: Re: speculative prevention
    "The point isn't what it gives "them"."
    
    Ah, but it is indeed a primary point.
    
    It is the inherent nature of government to grow and expand -- in both budget and personnel as well as scope and power. Therefore, it becomes an unending quest for the citizenry to try to limit the size and power of 'their' government.
    
    Giving the government backdoors to encryption will virtually guarantee an endless "mission creep" and even more growth of government agencies. And possible more prisons to house all the people who commit thought-crimes and petty offenses that might never have been discovered if not for the government's increasingly expansive reach into everyone's private life.
    
    It should worry even the people who are not privacy advocates in the slightest, because the "war against privacy" -- and the army to fight this war -- will be paid for by an already over-taxed public.
    [ link to this | view in chronology ]
Anonymous Coward, 14 Dec 2015 @ 10:00am

I'm sure that those terrorists in the Middle East will be the first to drop their homemade encryption programs in favor of the newest ones with a back door just as soon as they come out. /s
[ link to this | view in chronology ]
Ryunosuke, 14 Dec 2015 @ 10:14am

You would think.....
You would think that an industry that thrives... no... SURVIVES based on encryption would have some idea what encryption actually MEANS. And I am not just talking about reporters to information sources, I am also talking about basic broadcasting, which.. surprise! uses encryption to transmit.

So I want to know WHY they are talking out their asses when they say encryption is bad and should be banned.
[ link to this | view in chronology ]
- Anonymous Coward, 14 Dec 2015 @ 11:30am
  
  Re: You would think.....
  Governments will exempt themselves from using compromised encryption. As ever it will be one rule for those in power, and a different rule for the masses.
  [ link to this | view in chronology ]
  - Seegras (profile), 14 Dec 2015 @ 3:16pm
    
    Re: Re: You would think.....
    Governments will exempt themselves from using compromised encryption.
    
    They won't. Because the NSA or the CIA will sure as hell not provide somebody else with it, surely not the DOT, not the DOL, and probably not even the DEA.
    
    And besides, all the millions of people within these departments will still use their Galaxy or MacBook for work, and thus create the necessary proliferation of backdoors for the CIA, the FSB, the MSS and maybe some terrorists to exploit.
    [ link to this | view in chronology ]
Anonymous Coward, 14 Dec 2015 @ 11:02am

We all know these "elected officials" are going to pass some measure of legislation in support of compromising encryption for "security" reasons, against terrorism or to "protect the children" by any means necessary. They already did with the recent surveillance bill.

What we could be observing is the pattern of demonizing encryption (or whatever is a perceived threat) is currently under. Officials coming out against the issue? Check. Conflicting media reports based off of "US officials" reports? Check. Pushing "blue-ribbon committees"? Check. At least this way, we expose this lazy strategy in view of what it is.

I hit my quoting quota "just now"
[ link to this | view in chronology ]
Personanongrata, 14 Dec 2015 @ 12:14pm

Five O'Clock Follies Redux Stenographers Transcribe Verbatim
Clueless Press Being Played To Suggest Encryption Played A Role In San Bernardino Attacks

Weakening encryption standards and allowing the use of US government "backdoors" to de-encrypt electronic communications will never end the (over hyped) threat of terrorism.

If FBI director James Comey was truly interested in lessening the threat of potential terror attacks in the US he would simply apply the rule of war and arrest those responsible for the US governments 15 years plus of criminal wholly elective wars based upon lies, kidnapping, indefinite/incognito/incommunicado detention without charge, torture and the theft of trillions of US dollars.

Instead James Comey (etal) actively seeks new ways to circumvent and or subvert the US Constitution in direct contravention of his oath of office.

Quite telling indeed.

A government that wants to surveil it's citizens every action is totalitarian in nature. The US government jettisoned the US Constitution long ago in the name of political expediency.
[ link to this | view in chronology ]
Anonymous Coward, 14 Dec 2015 @ 1:03pm

They're not clueless.
They're deceitful.
[ link to this | view in chronology ]
Blackfiredragon13 (profile), 14 Dec 2015 @ 2:14pm

Talked about this sort of thing recently on Twitter. Here's a longer version
If you're going to try and use a tragedy to further your own personal political views/agenda, please go fuck yourselves. You are truly scum and are a disgrace and embarrassment to the human race if you talk about events like the attacks on Paris and misrepresent or outright lie in face of factual information to push your political narratives.

I'm not just talking about the major media outlets when I say this. And if by some miracle you happen to be reading this Jonathan McIntosh, here's special shoutout to you. Exactly why he earns this shoutout: http://m.imgur.com/TtEXwCo

Tried to use html tags to make post slightly prettier, but tags hate me, so fuck it.
[ link to this | view in chronology ]
Pixelation, 14 Dec 2015 @ 6:20pm

"Clueless Press" Enough said.
[ link to this | view in chronology ]
Justme, 14 Dec 2015 @ 6:57pm

Simple truth. .
They can backdoor any encryption and gather every communication they can possible process.

But the simple truth is, someone that is determined to communicate privately will find a way to keep their communications private. And there is nothing they can do to prevent it.

So the only result will be to undermine the security and privacy of innocent citizens.
[ link to this | view in chronology ]
Anonymous Coward, 15 Dec 2015 @ 2:04pm

It doesn't matter if they used encryption or not. This is the same as questioning if they used cars, roads, guns, etc.
[ link to this | view in chronology ]