Sedition Prosecution Of Oath Keepers Members Shows The FBI Can Still Work Around Encryption
from the it's-so-dark-we-could-only-indict-eleven-defendants-at-the-same-time dept
There is no "going dark." Despite the FBI's protestations otherwise -- mostly embodied by FBI directors with axes to grind and narratives to sell -- investigators aren't finding encryption to be much of an impediment.
The FBI claimed -- using stats irrationally inflated by (according to the FBI) malfunctioning software -- that law enforcement agencies were drowning in devices whose content they couldn't access. That turned out to be a lie. Perhaps it wasn't a deliberate lie but it had certainly proved convenient. Once the FBI recognized its error, it promised to deliver an accurate count. In May 2018, the DOJ and FBI promised to release an updated number. The agencies still have yet to do so.
That brings us to the events of last January, when a bunch of dipshits decided the only way to restore democracy was to destroy it. A raid on the Capitol building in Washington DC -- egged on by lame duck president Donald Trump and a handful of Congressional toadies -- culminated in BlueLivesMatter hashtaggers attacking cops who stood between them and their twisted perception of justice. The effort failed, but the stain on American history -- perpetrated by self-declared "patriots" -- will last forever.
Since then, the FBI and DOJ have engaged in hundreds of investigations and prosecutions. The OPSEC of Capitol raiders was sometimes nearly nonexistent, but more than a few participants knew enough to utilize encrypted services for their communications. The fact that the government has investigated, arrested, and charged hundreds of Capitol raiders shows encryption isn't holding it back.
The blockbuster indictment brought against several members of the Oath Keepers -- one that includes seldom-seen sedition charges -- makes it clear the FBI still has plenty of options when it comes to dealing with encryption.
Federal investigators say they accessed encrypted Signal messages sent before the Jan. 6, 2021, riot on the U.S. Capitol, and used them as evidence to charge the leader of Oath Keepers, an extremist far-right militia group, and other defendants in a seditious plot.
In a legal complaint made public on Thursday, the Department of Justice alleges the defendants conspired to forcefully oppose the transfer of power between then-President Donald Trump to Joe Biden, including by trying to take control of the U.S. Capitol.
The complaint references numerous messages sent on Signal, an end-to-end encrypted messaging app, raising questions about how authorities accessed them and recalling a longstanding point of tension between the law enforcement community and tech industry.
Questions have been raised, but there are no answers coming. The DOJ, FBI, and Signal have refused to comment on the news. But the simplest explanation is likely this: the DOJ and FBI found someone they could flip -- a person who gave them access to their account and any stored messages. Other explanations are more speculative, but it's not outside the realm of possibility that a federal agent infiltrated an Oath Keepers group, which gave them access to encrypted messages as a faux participant in the planned insurrection.
Of course, if it's the latter, more questions will be raised. If the FBI had access during the planning, why didn't it act to stop it? If this prosecution of Oath Keepers members has its basis in undercover work, the FBI and DOJ can expect to be asked difficult questions as the congressional investigation into the January 6th events continues.
According to the complaint [PDF], the defendants began their planning in late December 2020, using "encrypted and private communication applications." Oath Keeper members -- using these applications -- agreed to grab their guns and head to Washington DC to stop the election results from being certified.
But the complaint shows the FBI had access before that. Or, at least, was able to access communications -- possibly via another defendant -- that dated back further than the late December messages where the raid plan coalesced. The complaint notes that members were discussing possibly violent responses to the presidential election as early as two days after it occurred. Again, these communications were taken from an "invitation-only, end-to-end encrypted group chat" on Signal.
These communications -- which discussed reconnaissance of DC areas, weapons training, and what methods could be deployed to prevent election certification -- continued all the way until January 6th, utilizing both Signal and encrypted email service, ProtonMail.
The complaint, obviously, does not explain how FBI investigators had access to these communications. But -- in terms of the "going dark" narrative -- this lack of explanation does not matter. The fact is the FBI obtained access to end-to-end encrypted messages. This alone undercuts its claims that widespread use of encrypted services and device encryption makes it impossible to investigate crimes. It can do this. It may occasionally be more difficult, but even people engaged in trying to overthrow the government aren't able to keep the feds locked out of their discussions.
"Going dark" is still a myth. To be sure, encryption may sometimes keep investigators separated from evidence. But the rise of encryption isn't keeping investigators locked out. They still have plenty of options, ranging from grabbing communications from cooperating defendants or witnesses to pulling massive amounts of useful data from cloud services and third parties. Holding onto this narrative when event after event proves it wrong shows the FBI is more interested in obtaining easy access to everything, rather than utilizing its considerable budget and expertise to mitigate the limitations encryption can pose.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: doj, encryption, fbi, going dark, oath keepers, sedition, stewart rhodes
Companies: signal
Reader Comments
Subscribe: RSS
View by: Time | Thread
Maybe the FBI was compromised in its ability to do that by leaders who sympathized with Old 45 and right-wing extremism instead of American democracy. Just a guess.
[ link to this | view in chronology ]
Re:
Agent 1: 'Hey so this group is talking about how they absolutely will not accept any election result that doesn't keep their guy in power, and they're making not-even-remotely-veiled references that they are more than willing to use deadly force to prevent that outcome, think we should-'
Agent 2: 'Stop looking over the shoulders of those Very Fine People and keep our focus on the scourge of Antifa/BLM who are definitely a much bigger threat to our way of life with their uppity protests and whining? Yes, yes you really should.'
Sadly I could all-too-easily see that as a perfectly viable explanation if they actually did have knowledge ahead of time as to why they didn't actually do anything with it...
[ link to this | view in chronology ]
Re: Re:
"Sadly I could all-too-easily see that as a perfectly viable explanation if they actually did have knowledge ahead of time as to why they didn't actually do anything with it..."
Call me cynical but I think the explanation there is the same as the one where the FBI knew weeks in advance that there were saudi extremists in the country learning to fly passenger airplanes and planning a major operation well before 9/11...and did nothing because the identity of the objects of surveillance were "politically sensitive".
Arguably, that explanation is worse. The FBI even has their back covered here given that they've spent the last decade pounding out one analysis after the next warning that the greatest national threat in their purview is domestic right-wing terrorism. They can conveniently toss their hands in the air and claim that no one in power wanted them to go deeper in that matter.
[ link to this | view in chronology ]
Re:
something something never see clark kent & superman in the same place...
[ link to this | view in chronology ]
Forces, crosses, etc.
[ link to this | view in chronology ]
'You keep using that word...'
Because nothing screams 'patriot' louder than trying to overthrow, violently, an election just because you didn't like the result.
While the FBI getting access to the data does raise the question of 'how', whether flipping one of the insurrectionists, making use of an exploit they've 'forgotten' to tell anyone else about or some other explanation it does certainly bring a smile to my face to hear about these 'patriots' finding themselves on the receiving end of the system they tried to overthrow like this.
As for the 'going dark' angle that's always been a garbage argument and it's just been getting worse. There is more information than ever before available for the grabbing from a myriad of sources, if those in law enforcement are struggling that's probably a 'them' problem more than it's the fault of encryption, and even to the extent that encryption might make their jobs harder it's vastly outweighed by the protection it provides the public, stopping and/or preventing far more crimes than it shields from view.
[ link to this | view in chronology ]
Re: 'You keep using that word...'
"Because nothing screams 'patriot' louder than trying to overthrow, violently, an election just because you didn't like the result."
The fun thing is that it makes perfect sense from their point of view, it's just that their point of view is not rooted in any reality we're familiar with.
They've spend a significant amount of time in an echo chamber that pushes the idea that Trump is some kind of hero battling the "deep state". Quite often their obsession drives away any discussion counter to this idea, both online and IRL. The vote comes around and Trump loses. This surely can't be a valid election - after all, everyone they know voted for Trump. So, the election must have been faked or stolen somehow by the "deep state", and they have sworn to fight enemies of democracy...
To the outside observer, familiar with things like the fact that Trump has only ever been a pathetic con artist and that a lot of people were rightly pissed off at the poor leadership and outright damage done during the Trump administration, it's ridiculous. But, I often pride myself in trying to see things from others' point of view and it seems to me that there is some logic in what they do. You just have to understand that they're not coming from a position rooted in pesky things like verifiable facts and objective reality.
"these 'patriots' finding themselves on the receiving end of the system they tried to overthrow like this"
That's something that actually concerning to me. As I say, they're not dealing with reality, so the current consequences for their actions may just be interpreted as further wrongdoing by the "deep state". We already know they will turn to violence if they don't get their way, and as the Jan 6th investigation are moving from smaller players to the people who organised it, I fear that some of their ranks will do something terrible as retribution. I hope I'm wrong, or that authorities manage to stop any attempt, but even the likes of Alex Jones have recently been heard to be talking down the idea of taking matter into his audience's hands.Which suggests it's something on his audience's minds...
[ link to this | view in chronology ]
Encryption? Piffle!
When the password is MAGA2020 it's not hard to crack.
[ link to this | view in chronology ]
Re: Encryption? Piffle!
You're giving them too much credit. I think a more likely password would be 12345... the same thing an idiot (Sir Cheetoh) has on his luggage.
[ link to this | view in chronology ]
I mean, Oath Keepers have already been found to have infiltrated the police, and other federal and government agencies. What goes around comes around...
[ link to this | view in chronology ]
One does wonder how much of "going dark" is just lazy agents unwilling to work the cases & just wanting it all handed to them on a platter.
They can't even tell us how many phones they have but want us to believe they can't access those phones... that they can't locate... because encryption... that they can't confirm even exists on the phones.
[ link to this | view in chronology ]
It's not necessarily all encrypted
My understanding is if you are using a desktop version of Signal, the data at rest may be encrypted in a sqlite database (it used to be, but no longer is?). The key, however, is stored next to it in the plaintext
~/.config/Signal/config.json.So it wouldn't take any work at all to read the data...
Apparently, this is by design. The devs assert that the data and access should be protected by other means (full disk encryption, etc.).
There have been many calls to password protect the application, but they have been rejected.
So in this case with the seditionists, if the FBI have access to any of their desktops which they used for communication using Signal, they have all of those conversations "for free".
[ link to this | view in chronology ]
So what is the weather like there in LaLaLand?
[ link to this | view in chronology ]