Documents Show FBI Deployed Software Exploits To Break Encryption Back In 2003
from the and-privacy-and-security-for-none... dept
Documents FOIA'ed by Ryan Shapiro and shared with the New York Times shed some new light on previous FBI efforts to break encryption. Back in 2003, the FBI was investigating an animal rights group for possibly sabotaging companies that used animals for testing. The FBI's Department of Cutesy Investigation Names dubbed this "Operation Trail Mix," which I'm sure endeared it to the agents on the case. At the center of the investigation were emails the FBI couldn't read. But it found a way.
They persuaded a judge to let them remotely, and secretly, install software on the group’s computers to help get around the encryption.The documents don't detail what the exploit was, but it targeted PGP -- the encryption method used to keep the group's communications private. The FBI was able to obtain a "full access" warrant to grab every communication, but that did nothing to decode the scrambled emails. The documents don't specify what the FBI used, but language suggests it either copied the decryption keys or deployed a keylogger to snag passwords.
That effort, revealed in newly declassified and released records, shows in new detail how F.B.I. hackers worked to defeat encryption more than a decade before the agency’s recent fight with Apple over access to a locked iPhone.
Either way, it apparently was the first time the FBI had deployed its own malware.
“This was the first time that the Department of Justice had ever approved such an intercept of this type,” an F.B.I. agent wrote in a 2005 document summing up the case.The secrecy surrounding the FBI's tactics was nearly absolute. The wiretap order was disclosed to the defense but not the use of an exploit/keylogger. On top of that, the DOJ never mentioned the FBI's efforts in its 2002 and 2003 annual reports, despite being required to report any instance where it runs across encryption during a wiretap investigation.
Not that the DOJ and FBI's lack of transparency harmed their case. It resulted in six convictions, and a higher court basically said the use of encryption was suspicious in and of itself.
An appeals court upheld the convictions in 2009, and said that the use of encryption, among other things, was “circumstantial evidence of their agreement to participate in illegal activity.”What the documents do show is that the FBI has been in the fight against encryption for a long time and in the business of deploying malware and exploits without judicial oversight for about as long. What has changed is that it's now openly fighting encryption by trying to force compliance throught the use of All Writs Acts. It's also deploying a variety of exploits that can -- with a single warrant -- access info about any computer/device visiting a website.
It may be more open about its intents and tool usage now, but that's not because it's gained new respect for things like due process and accurate warrant applications. It's doing this now because it needs an upper-level court ruling in its favor to basically excuse the things it's been doing in secret for years, as well as give it the permission it needs to continue to undermine encryption in the future.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: animal rights, cracking, encryption, fbi, hacking
Reader Comments
Subscribe: RSS
View by: Time | Thread
[ link to this | view in thread ]
[ link to this | view in thread ]
american fuckwits cunts holes
[ link to this | view in thread ]
I'm so sick of our Government. Partisan politics aside, who in their right mind believes that MORE government is better? That more regulation is better? Look at what they do when we give them power... LOOK AT IT! You think checks and balances are working? They Judge shop until they find one that will sign off on their bullshit. It's a complete joke. They are completely out of control.
We need a new party. One that promotes less Government, more over-sight (and over-sight with real teeth). One that even with less Government and regulation, is still able to maintain some type of social responsibility that promotes employment and growth, instead of status quo promoting subsidies and entitlements.
[ link to this | view in thread ]
Welcome, fellow criminals.
If you're reading this on Techdirt, guess what, you're now a criminal. The page is encrypted.
[ link to this | view in thread ]
We can't see what you're doing so you must be up to no good
Holy. Fucking. Shitballs.
[ link to this | view in thread ]
Beyond weak. It's also evidence of a thousand other things, none of which is illegal.
[ link to this | view in thread ]
Re: We can't see what you're doing so you must be up to no good
[ link to this | view in thread ]
http://motherboard.vice.com/read/rcmp-blackberry-project-clemenza-global-encryption-key-canada
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
Re:
I don't like touchscreens - don't know if there's something wrong with my fingers, but they never seem to work very well - and I would prefer a phone with a physical keyboard and trackpad. But the lack of security on BB devices is a big problem.
[ link to this | view in thread ]
[ link to this | view in thread ]
Zebra Tactics
[ link to this | view in thread ]
Magic Lantern?
Sounds a bit like Magic Lantern, the FBI-built trojan that reportedly got activated when a suspect uses PGP encryption?
https://en.wikipedia.org/wiki/Magic_Lantern_%28software%29
[ link to this | view in thread ]
Laws are for the affluent.
If you don't have those, or your resources are successfully seized, then there's nothing for you but plea-bargains and bullets.
[ link to this | view in thread ]
Re:
There are loads of new parties. Pick one and vote for it instead of wetting your pants over the possibility that either Bad or Worse will get in. Is there a Pirate Party in your state?
One that promotes less Government, more over-sight (and over-sight with real teeth).
Erm, a government is required to do all that; private enterprise won't. Besides, "government" is usually dog whistle for "social programs." Decide on what "government" actually means before declaring that you want less of it.
One that even with less Government and regulation, is still able to maintain some type of social responsibility that promotes employment and growth
In many of the Red states on your side of the Pond they're leaving it to private enterprise to do all of that. Surprise, surprise! It seems that there are strings attached to receiving assistance, from private enterprise, particularly religious groups.
instead of status quo promoting subsidies and entitlements.
There will always be subsidies and entitlements of one kind or another. Please bear in mind that "entitlement" is dog whistle for "welfare" when it actually means "earned benefits," i.e. it's been paid for by the individual's taxes.
And you can't live without government of some kind or another unless you are willing to live completely off the grid.
http://capx.co/private-cities-a-disruptive-technology-for-the-state-market/
[ link to this | view in thread ]
Re: Re:
So step 1 has to be to change those laws, but changing those laws is something that both the Rs and Ds would join hands and fight with everything they have.
[ link to this | view in thread ]