calea
Latest
FBI tried and failed to unlock 7,000 encrypted devices
In an 11-month period, the FBI failed to gain access to around 7,000 encrypted mobile devices, BBC News reports, which is about half of those targeted by the agency according to FBI Director Christopher Wray. In a speech given at the Association of Chiefs of Police conference yesterday, he said that device encryption was "a huge, huge problem," for the agency.
Congress won't pass a law letting the FBI access your encrypted data
Just because FBI director James Comey believes his agency has a right to see your phone's encrypted data doesn't mean he'll get his way. Members of Congress from both major parties, including House Representatives Darrell Issa and Zoe Lofgren as well as Senator Ron Wyden, are saying that there's "zero chance" they'll pass a bill requiring that device encryption includes backdoor access for federal investigators. They argue that law enforcement has blown whatever chance it had at public support -- accountability problems at multiple agencies (especially the NSA) have led many to distrust the government's data requests. As it stands, the FBI is battling some fierce legal headwinds. The House recently passed a bill banning the NSA from using backdoor searches, and it's doubtful that these politicians will heed Comey's calls for more access.
DEA says it can't intercept iMessage chats
Apple mentioned back in 2011 that iMessage used encryption to safeguard conversations, but we've never had an exact understanding of how deep the security layer goes. It's deep enough to stymie interception attempts at the DEA, according to an intelligence note gleaned by CNET. The agency warns its staff that it's "impossible" to tap the messages through usual methods -- great for privacy, but a worry for law enforcers. There isn't much that officials can do, either, short of discovering a clever in-the-middle attack or enacting proposed changes to the law that would mandate backdoor access. And before you ask: BlackBerry Messenger isn't necessarily as secure. While BES-based BBM chats are largely locked down, there's a common encryption key for all BlackBerrys that makes it relatively easy to crack regular BBM discussions. We wouldn't assume that any digital communication is completely private, but iMessage may have come closer to the target than most.
Silent Circle to offer secure, private iPhone operation
Two former Navy SEALs have teamed up with cryptographers including PGP developer Phil Zimmermann to develop an iPhone app to provide military-level encryption for unlimited VoIP phone calls, texts, email and video for US$20 per month. Silent Circle debuts on the App Store next week, filled with a bag of tricks that make it virtually impossible for identity thieves -- or governments -- to tap into your conversations. In a post about the app on Buzzfeed, blogger Russell Brandom notes that warrantless domestic wiretapping is a "matter of record by now," and that last year "1.3 million cell records were pulled by law enforcement, covering anything from stored text messages to location-tracking data." Silent Circle uses a "portable code room" model that performs all encryption on the iPhone. The keys to unscramble the data are deleted at the completion of each call, so the call can't be decoded after the fact. Silent Circle also stores use logs with minimal user data in Canada and Switzerland, where privacy laws make it difficult for even that info -- which does not include any of the encrypted conversations -- to be released to law enforcement officials. A feature called Burn Notice allows users to send self-destructing texts and photos to friends. Send a potentially embarrassing image or text to a pal during a drunken party, and it's erased in five minutes. Politicians and celebrities are sure to find this feature to be very helpful. While such powerful encryption technology could be used by drug cartels or terrorists, Silent Circle is primarily targeted to individuals or companies concerned about identity or intellectual property theft. At present, the US law that allows wiretapping -- the 1994 Communications Assistance for Law Enforcement Act -- does not cover VoIP communications. Law enforcement agencies have been pushing for an update to the law, and any change could eventually outlaw Silent Circle. For the time being, the app will provide highly secure communications to anyone with the need.
FBI reportedly pressing for backdoor access to Facebook, Google
Investigators at the FBI supposedly aren't happy that social networks like Facebook or Google+ don't have the same kind of facility for wiretaps that phones have had for decades. If claimed industry contacts for CNET are right, senior staff at the bureau have floated a proposed amendment to the 1994-era Communications Assistance for Law Enforcement Act (CALEA) that would require that communication-based websites with large user bases include a backdoor for federal agents to snoop on suspects. It would still include the same requirement for a court order as for phone calls, even if US carriers currently enjoy immunity for cooperating with any warrantless wiretapping. As might be expected, technology firms and civil liberties advocates like the Electronic Frontier Foundation object to deepening CALEA's reach any further, and Apple is thought to be preemptively lobbying against another definition of the law that might require a government back channel for audiovisual chat services like FaceTime or Skype. The FBI didn't explicitly confirm the proposal when asked, but it did say it was worried it might be "going dark" and couldn't enforce wiretaps. [Image credit: David Drexler, Flickr]
