ICE Leads The Nation In Encryption-Cracking Expenditures
from the [not-pictured:-the-Federal-Bureau-of-Sucking-At-Counting-Phones] dept
We don’t hear much from anyone other than FBI officials about the “going dark” theory. The DOJ pitches in from time to time, but it’s the FBI’s baby. And it’s an ugly baby. Earlier this year, the FBI admitted it couldn’t count physical devices. The software it used to track uncrackable devices spat out inflated numbers, possibly tripling the number of phones the FBI claimed stood between it and justice. FBI officials like James Comey and Chris Wray said “7,800.” The real number — should it ever be delivered — is expected to be less than 2,000.
The FBI also hasn’t been honest about its efforts to crack these supposedly-uncrackable phones. Internal communications showed the agency slow-walked its search for a solution to the San Bernardino shooter’s locked iPhone, hoping instead for a precedential federal court decision forcing device manufacturers to break encryption whenever presented with a warrant.
The FBI appears to have ignored multiple vendors offering solutions for its overstated “going dark” problem. At this point, it’s public knowledge that at least two vendors have the ability to crack any iPhone. Israel’s Cellebrite — the company presumed to have broken into the San Bernardino phone for the FBI — is one of them. The other is GrayShift, which sells a device called GrayKey, which allows law enforcement to bypass built-in protections to engage in brute force password cracking.
We don’t know how often the FBI avails itself of these services. A pile of locked phones numbering in the thousands (but which thousands?!) suggests it is allowing the serviceable (vendor services) to be the enemy of the perfect (favorable court rulings and/or legislation).
Other federal agencies aren’t waiting around for the next horrifying terrorist attack to nudge Congress towards mandating encryption backdoors. They’re spending tax dollars now to take advantage of vulnerabilities that may be patched out of existence in the near future, if they haven’t been addressed already. Thomas Brewster of Forbes has spent some time sifting through government records to see who’s buying and how much they’re spending. The FBI isn’t on the list. The DEA is. But the Daddy Warbucks of federal law enforcement agencies is none other than the one voted Most In Need Of Immediate Abolishment.
According to government contract records on FPDS.gov, ICE acquired the services of GrayShift earlier this month. And it’s spent more than any other government department on GrayShift tech, with a single order of $384,000. Other branches of the Trump government, from the Drug Enforcement Administration to the Food and Drug Administration, have splashed between $15,000 and $30,000 on different models of the GrayKey, which requires physical access to an Apple device before it can break through the passcode.
ICE wants everything on the menu. In addition to spending big on cellphone-cracking devices, the agency has also thrown money at forensic tools from Cellebrite, social media tracking software, “intercept software” from a Nebraska-based vendor, and “computer support equipment” from foreign companies (one of them Russian) known for their ability to extract data from encrypted messaging services.
It would seem the agency involved in investigating the widest variety of crimes would be joining ICE in its encryption-breaking spending spree. But there’s no trace of FBI expenditures to be found in these records. It may be the FBI has exempted itself from reporting this information under the theory that naming dollar amounts and/or vendors would allow wily criminals to escape its grasp. If so, it seems unlikely this refusal has a legal basis. The DEA and ICE have both allowed these records to be published and both agencies routinely engage in investigations that theoretically could be compromised by making spending data public. (The key is “theoretically.” In reality, it’s unlikely publishing contract data has any noticeable effect on criminal behavior.)
Moving past the FBI, there’s reason to be concerned ICE is making purchases like these. Given its main concern is the speedy removal of undocumented immigrants, this tech seems to be more of a “want” than a “need.” Most of the cases ICE deals with don’t need to involve cracked phones and forensic searches. But because it has the tools on hand, it will make sure it gets our money’s worth.
Filed Under: backdoors, encryption, ice, phones
Comments on “ICE Leads The Nation In Encryption-Cracking Expenditures”
Why do I get the impression that read everything on you phone, laptop and tablet, and in your social media accounts is the new papers please that law enforcement dreams of.
Re: Re:
What if I have no papers?
Re: Re: Re:
Then you must be a criminal, as not recording everything you do means you have something to hide.
Re: Re: Re: Re:
Does my Obama phone count?
I
Crack
Encryption
Happy Independence Day Text
it,s very easy to that it,s great and help full for every one.
The FBI also hasn't been honest
I’m shocked! Shocked, I tell you that the FIB isn’t honest.
SharePoint
Thanks for sharing this useful information
“ICE Leads The Nation In Encryption-Cracking Expenditures”
But are they now able to decrypt things they were not able to decrypt in the past or are they buying snake oil?
Re: Re:
Both. That’s the danger of buying everything available. Some of it works as advertised, some of it works but is redundant, and the rest is snake oil.
Who, me?
A family or other group sharing cars and devices, none of which requiring a password or anything else to use, operate, etc.
Various agencies tracking vehicles and devices, but not people.
from all the headlines, it is hard to make out – is this being raised because LE is cracking phones (well, duh) or because ICE spent $384,000 to gain the technology to crack phones?
…if it is the latter, um, yeah. these days $384,000 is a drop in the bucket in enterprise level software world.
i’m rather interested in what the heck the DEA and FDA got for $15K to $30K.
ICE is no-one's first choice when they go into Law Enforcement
I’m pretty sure ICE pulls from a… different… pool of recruits than does the NSA or FBI.
I wonder if the latter two only spent money on the stuff they figured worked, whereas ICE couldn’t tell the Shinola. Given that ICE is currently one of Trump’s favorite investments, they might also be able to afford frivolous expenses.