FBI Officials Were Angry That An iPhone Hack Blocked Them From Getting Court To Force Apple To Break Encryption

(Mis)Uses of Technology

from the agency-actually-doesn't-care-much-about-the-public-or-safety dept

As you probably recall, last year the FBI tried to force a court to effectively create a backdoor for encrypted iPhones, using the high profile San Bernardino shootings as the wedge. It seemed quite obvious with how the whole thing played out that the FBI didn’t really need to get into Syed Farook’s work iPhone, but that it hoped leverage the high profile nature of the case and the “fear, uncertainty and doubt” around a “terrorist” attack to finally get a court to force Apple to do this. A new report reveals that the FBI was very much focused on using this case to force the issue to the point that top officials were angry that a vendor figured out another way into the iPhone, and stopped the court proceedings.

Again: if the real goal (as stated publicly by the FBI at the time) was to find a way into this phone for important reasons, then you’d think the FBI would be excited when they found a way in, rather than pissed that a court wasn’t needed to force a backdoor. But that’s not what happened.

A recently-released Inspector General’s report [PDF] shows the FBI jumped the gun in the San Bernardino case. The FBI insisted it had no other options when it asked a judge to grant its All Writs Act request to compel Apple to break into the shooter’s recovered iPhone. But this report shows these claims — one repeated by the DOJ in its legal filings and by James Comey in testimony to Congress — weren’t actually true.

The ROU [Remote Operations Unit] Chief told us that, at a monthly OTD managers’ meeting on February 11, 2016, the Chief of DFAS (of which CEAU [Cryptographic and Electronics Analysis Unit] is a part but ROU is not), indicated that CEAU was having problems accessing the data on the Farook iPhone and was preparing for court. The ROU Chief, who told the OIG that his unit did not have a technique for accessing the iPhone at the time, said that it was only after this meeting that he started contacting vendors and that ROU “got the word out” that it was looking for a solution. As discussed further below, at that time, he was aware that one of the vendors that he worked closely with was almost 90 percent of the way toward a solution that the vendor had been working on for many months, and he asked the vendor to prioritize completion of the solution.

There was a another option available at the time the DOJ filed its All Writs Request (February 16). It may not have been complete yet, but the FBI had reason to believe it would be soon. Instead of giving this option a shot, the FBI tried to secure a favorable ruling compelling Apple to crack the shooter’s iPhone. This wasn’t what was presented to the judge in the DOJ’s filing.

Comey testified before Congress on February 9th. If there had been better communication between the FBI’s Operational Technology Division (OTD) and the Cryptographic and Electronic Analysis Unit (CEAU), Comey may have been apprised of this fact before his first testimonial appearance. Given the national attention being paid to this case, there’s no reason Comey should have been out of the operational loop, even at this early date.

But Comey repeated the same claim nearly a month later (March 1st): the FBI could not get into the iPhone without Apple’s assistance. (And again three weeks later in an angry letter to the editor published by the Wall Street Journal.) There’s no way Comey could not have been aware of these developments, not with the DOJ engaged in a high-profile courtroom battle with Apple over compelled assistance.

The Inspector General finds Comey’s claims to be technically true: the breakthrough offered by the still-undisclosed vendor was not passed on to the FBI until March 16th and successfully demonstrated for agents on March 20th. The following day, the US Attorney’s Office informed the court of this development and withdrew its All Writs request.

Comey’s statements were technically true but not the parts where he insisted the only way to access the iPhone’s contents was with Apple’s assistance. If he was not being informed of ongoing developments on the tech side, that’s inexplicable behavior by FBI entities directly tasked with cracking the shooter’s iPhone. Given the high-profile status of this case, it’s not just inexplicable. It’s literally unbelievable.

But that’s not the only concerning aspect of this report. The head of the FBI’s Remote Operations Unit (ROU) — the person who reached out to the vendor about the progress of its iPhone crack — was never contacted or consulted by the other offices working on the same problem. As the ROU Chief stated, the ROU walled itself off to prevent national security tools from being used in normal criminal cases.

This would seem to be good news — the FBI drawing internal lines in the sand between natsec and normal criminal investigations — but it actually isn’t. The CEAU head believed no line existed and it could bring tools over from the natsec side any time it wanted to. But that’s not the worst of it. The CEAU actually did not want a solution found.

According to the ROU Chief, his only conversation with the CEAU Chief was well after the fact, during which the CEAU Chief “was definitely not happy” that the legal proceeding against Apple could no longer go forward.

This is further backed up by statements made to the IG by FBI Executive Assistant Director (EAD) Amy Hess.

After the outside vendor successfully demonstrated its technique to the FBI in late March, EAD Hess learned of an alleged disagreement between the CEAU and ROU Chiefs over the use of this technique to exploit the Farook iPhone – the ROU Chief wanted to use capabilities available to national security programs, and the CEAU Chief did not. She became concerned that the CEAU Chief did not seem to want to find a technical solution, and that perhaps he knew of a solution but remained silent in order to pursue his own agenda of obtaining a favorable court ruling against Apple. According to EAD Hess, the problem with the Farook iPhone encryption was the “poster child” case for the Going Dark challenge.

This was also admitted by the CEAU Chief in his interview with the Inspector General.

The CEAU Chief told the OIG that, after the outside vendor came forward, he became frustrated that the case against Apple could no longer go forward, and he vented his frustration to the ROU Chief. He acknowledged that during this conversation between the two, he expressed disappointment that the ROU Chief had engaged an outside vendor to assist with the Farook iPhone, asking the ROU Chief, “Why did you do that for?”

The report makes it clear those steering the iPhone-cracking efforts were less interested in an outside vendor cracking the phone than obtaining a precedential decision. In doing so, the DOJ ended up filing false statements as sworn assertions, claiming it had exhausted every option before approaching the court with an All Writs Request. This report may sort of clear Comey and the DOJ, but it exposes something much uglier: FBI officials are not making good faith efforts to find outside solutions to the FBI’s supposed “going dark” problem. They’d much rather have favorable court decisions and legislative mandates than work with the tools others are crafting for them. This all but guarantees the number of uncracked phones in the FBI’s possession will continue to grow. But they should never be viewed as investigative dead ends. They should be seen for what they are: rhetorical devices.

Update: Sen. Ron Wyden sees the report for what it is. Here’s his statement on the matter:

“The FBI’s leadership went straight to the nuclear option — attempting to force Apple to circumvent its encryption — before attempting to see if their in-house hackers or trusted outside suppliers had the technical capability to break into the San Bernardino terrorist’s iPhone,” Wyden said. “It’s clear now that the FBI was far more interested in using this horrific terrorist attack to establish a powerful legal precedent than they were in promptly gaining access to the terrorist’s phone.”

Filed Under: all writs act, encryption, fbi, going dark, iphone, syed farook
Companies: apple