Another Word For It Patrick Durusau on Topic Maps and Semantic Diversity

April 1, 2016

FBI Adds New Meaning to “Safe Sex”

Filed under: FBI,Government — Patrick Durusau @ 8:41 pm

FBI Honeypot Ensnares Michagan Man by Trevor Aaronson.

From the post:

KHALIL ABU RAYYAN was a lonely young man in Detroit, eager to find a wife. Jannah Bride claimed she was a 19-year-old Sunni Muslim whose husband was killed in an airstrike in Syria. The two struck up a romantic connection through online communications.

Now, Rayyan, a 21-year-old Michigan man, is accused by federal prosecutors of supporting the Islamic State.

Documents released Tuesday show, however, that Rayyan was motivated not by religious radicalism but by the desire to impress Bride, who said she wanted to be a martyr.

Jannah Bride, not a real name, was in fact an FBI informant hired to communicate with Rayyan, who first came to the FBI’s attention when he retweeted a video from the Islamic State of people being thrown from buildings. He wrote later on Twitter: “Thanks, brother, that made my day.”

If you are shy, socially awkward and a woman is throwing herself at you, that’s a warning sign.

Either you have Ben Franklins leaking from your pockets or it is an FBI sting operation.

Check your pockets.

I don’t know of any reliable test for FBI informants but if people:

  1. Volunteer money for illegal purchases
  2. Urge you to say or plan illegal acts
  3. Provide you with plans for illegal objects or substances
  4. Initiate/maintain contact with you for 1, 2, or 3

The question you have to ask yourself:

If they are so hot for action, why are they pestering you?

Unless you think a long stretch in a U.S. prison looks good on your resume, avoid people who want to facilitate you committing illegal acts.

They have an agenda and it isn’t to benefit you. Only themselves.

March 30, 2016

FBI Hacked San Bernardino IPhone – Why Do You Believe That?

Filed under: FBI,Government,Law — Patrick Durusau @ 3:22 pm

The claim of the FBI to have hacked the San Bernardino IPhone without help from Apple has flooded social and mainstream media.

What I haven’t heard in all that clamor is any reason to credit that claim.

This is the same FBI mentioned in:

Report: ‘Nearly Every’ FBI Forensics Expert Gave Flawed Testimony In ‘Almost All Trials’ Over A 20-Year Period

Official confirmation the FBI lied? (Boston Marathon Bombing)

The Judi Bari Website FBI conspiracy (civil court verdict)

FBI Sanctioned for Lying About Existence of Surveillance Records

Admittedly, it isn’t easy to catch the FBI lying, but these few cases illustrate that lying is a way of life at the FBI.

Or as the 9th Circuit is quoted as saying in FBI Sanctioned for Lying About Existence of Surveillance Records:


The Government argues that there are times when the interests of national security require the Government to mislead the Court. The Court strongly disagrees. The Government’s duty of honesty to the Court can never be excused, no matter what the circumstance. The Court is charged with the humbling task of defending the Constitution and ensuring that the Government does not falsely accuse people, needlessly invade their privacy or wrongfully deprive them of their liberty. The Court simply cannot perform this important task if the Government lies to it. Deception perverts justice. Truth always promotes it.

When you are dealing with a party that has a policy of misleading courts to further “national security,” why would you credit any unsubstantiated claim from that source?

More than a policy, a history of lying to both the public and the courts.

Is it sufficient that the FBI declare it’s not lying today? This time? Or did any media representative even ask that question?

Until an independent expert “hacks” an identical iPhone using the FBI’s “method,” the FBI “hack” of the San Bernardino IPhone ranks with photos of presidents with aliens:

Bush_alien1211681503

And for equal time purposes:

obamaxmas

A skeptical public press would not parrot the unsubstantiated claims of known liars, even when those liars are federal agencies.

But then, we don’t have a skeptical public press.

Yes?

March 21, 2016

A Middle Ground on Slavery? Chesney & Vladeck on All-Writs Act

Filed under: Cybersecurity,FBI,Government — Patrick Durusau @ 4:01 pm

I am deeply puzzled by commentators who find the analysis by Bobby Chesney and Steve Vladeck in A Coherent Middle Ground in the Apple-FBI All Writs Act Dispute? praise worthy.

Their position is captured by:


To cut to the chase, our view is that, properly understood, the All Writs Act should be read to authorize the kind of order the government has sought in these cases only when the recipient is compelled to help the government utilize existing vulnerabilities in its software, and not when the order instead directs the recipient to devote its resources to creating material new software vulnerabilities which can then be exploited by the government. (emphasis in original)

Chesney and Vladeck’s analysis, like some treatments of this issue, ignore the deciding of United States v. New York Telephone Company, 434 U.S. 159 (98 S.Ct. 364, 54 L.Ed.2d 376) by 5 to 4, with four justices dissenting on the issue of the district court’s authority to order the telephone company to provide “assistance” to the government.

The dissent by Justice Stevens that focuses on the All-Writs Act:

Even if I were to assume that the pen register order in this case was valid, I could not accept the Court’s conclusion that the District Court had the power under the All Writs Act, 28 U.S.C. 1651(a), to require the New York Telephone Company to assist in its installation. This conclusion is unsupported by the history, the language, or previous judicial interpretations of the Act.

The All Writs Act was originally enacted, in part, as § 14 of the Judiciary Act of 1789, 1 Stat. 81.15 The Act was, and is, necessary because federal courts are courts of limited jurisdiction having only those powers expressly granted by Congress,16 and the statute provides these courts with the procedural tools—the various historic common-law writs—necessary for them to exercise their limited jurisdiction.17 The statute does not contain, and has never before been interpreted as containing, the open-ended grant of authority to federal courts that today’s decision purports to uncover. Instead, in the language of the statute itself, there are two fundamental limitations on its scope. The purpose of any order authorized by the Act must be to aid the court in the exercise of its jurisdiction;18 and the means selected must be analogous to a common-law writ. The Court’s opinion ignores both limitations.

The Court starts from the premise that a district court may issue a writ under the Act “to effectuate and prevent the frustration of orders it has previously issued in its exercise of jurisdiction otherwise obtained.” Ante, at 172. As stated, this premise is neither objectionable nor remarkable and conforms to the principle that the Act was intended to aid the court in the exercise of its jurisdiction. Clearly, if parties were free to ignore a court judgment or order, the court’s ability to perform its duties would be undermined. And the court’s power to issue an order requiring a party to carry out the terms of the original judgment is well settled. See Root v. Woolworth, 150 U.S. 401, 410-413, 14 S.Ct. 136, 138, 37 L.Ed. 1123. The courts have also recognized, however, that this power is subject to certain restraints. For instance, the relief granted by the writ may not be “of a different kind” or “on a different principle” from that accorded by the underlying order or judgment. See id., at 411-412, 14 S.Ct., at 138-139.19

More significantly, the courts have consistently recognized and applied the limitation that whatever action the court takes must be in aid of its duties and its jurisdiction.20 The fact that a party may be better able to effectuate its rights or duties if a writ is issued never has been, and under the language of the statute cannot be, a sufficient basis for issuance of the writ. See Sampson v. Murray, 415 U.S. 61, 94 S.Ct. 1028, 39 L.Ed.2d 123; Commercial Security Bank v. Walker Bank & Trust Co., 456 F.2d 1352 (C.A.10, 1972); J. Moore, B. Ward, & J. Lucas, 9 Moore’s Federal Practice ¶ 110.29 (1975).

Nowhere in the Court’s decision or in the decisions of the lower courts is there the slightest indication of why a writ is necessary or appropriate in this case to aid the District Court’s jurisdiction. According to the Court, the writ is necessary because the Company’s refusal “threatened obstruction of an investigation . . ..” Ante, at 174. Concededly, citizen cooperation is always a desired element in any government investigation, and lack of cooperation may thwart such an investigation, even though it is legitimate and judicially sanctioned.21 But unless the Court is of the opinion that the District Court’s interest in its jurisdiction was coextensive with the Government’s interest in a successful investigation there is simply no basis for concluding that the inability of the Government to achieve the purposes for which it obtained the pen register order in any way detracted from or threatened the District Court’s jurisdiction. Plainly, the District Court’s jurisdiction does not ride on the Government’s shoulders until successful completion of an electronic surveillance.

If the All Writs Act confers authority to order persons to aid the Government in the performance of its duties, and is no longer to be confined to orders which must be entered to enable the court to carry out its functions, it provides a sweeping grant of authority entirely without precedent in our Nation’s history. Of course, there is precedent for such authority in the common law the writ of assistance. The use of that writ by the judges appointed by King George III was one British practice that the Revolution was specifically intended to terminate. See n. 3, supra. I can understand why the Court today does not seek to support its holding by reference to that writ, but I cannot understand its disregard of the statutory requirement that the writ be “agreeable to the usages and principles of law.”

The order directed against the Company in this case is not particularly offensive. Indeed, the Company probably welcomes its defeat since it will make a normal profit out of compliance with orders of this kind in the future. Nevertheless, the order is deeply troubling as a portent of the powers that future courts may find lurking in the arcane language of Rule 41 and the All Writs Act.

I would affirm the judgment of the Court of Appeals.

….

15

The statute was also derived from § 13 of the Judiciary Act, which concerned writs of mandamus and prohibition, 1 Stat. 80, and a statute dealing with writs of ne exeat, 1 Stat. 334. The All Writs Act now reads:

“(a) The Supreme Court and all courts established by Act of Congress may issue all writs necessary or appropriate in aid of their respective jurisdictions and agreeable to the usages and principles of law.”

16

This proposition was so well settled by 1807 that Mr. Chief Justice Marshall needed no citation to support the following statement:

“As preliminary to any investigation of the merits of this motion, this court deems it proper to declare that it disclaims all jurisdiction not given by the constitution, or by the laws of the United States.

“Courts which originate in the common law possess a jurisdiction which must be regulated by their common law, until some statute shall change their established principles; but courts which are created by written law, and whose jurisdiction is defined by written law, cannot transcend that jurisdiction. It is unnecessary to state the reasoning on which this opinion is founded, because it has been repeatedly given by this court; and with the decisions heretofore rendered on this point, no member of the bench has, even for an instant, been dissatisfied.” Ex parte Bollman, 4 Cranch 75, 93, 2 L.Ed. 554.

17

See Harris v. Nelson, 394 U.S. 286, 299.

18

This Court has frequently considered this requirement in the context of orders necessary or appropriate in the exercise of appellate jurisdiction. See J. Moore, B. Ward, & J. Lucas, 9 Moore’s Federal Practice &Par; 110.27-110.28 (1975). Here, we are faced with an order that must be necessary or appropriate in the exercise of a district court’s original jurisdiction.

19

These restraints are necessary concomitants of the undisputed fact that the All Writs Act does not provide federal courts with an independent grant of jurisdiction. McIntire v. Wood, 7 Cranch 504, 3 L.Ed. 420; Rosenbaum v. Bauer, 120 U.S. 450, 7 S.Ct. 633, 30 L.Ed. 743. The factors mentioned above may be relevant in determining whether the court has ancillary jurisdiction over the dispute. See Dugas v. American Surety Co., 300 U.S. 414, 57 S.Ct. 515, 81 L.Ed. 720; Labette County Comm’rs v. Moulton, 112 U.S. 217, 5 S.Ct. 108, 28 L.Ed. 698; Morrow v. District of Columbia, 135 U.S.App.D.C. 160, 417 F.2d 728 (1969). In this case, the District Court’s order was entered against a third party—the Telephone Company. The Court never explains on what basis the District Court had jurisdiction to enter this order. Possibly, the District Court believed that it had ancillary jurisdiction over the controversy, or that the failure of the Company to aid the Government posed a federal question under 28 U.S.C. 1331. See Board of Education v. York, 429 F.2d 66 (C.A.10 1970), cert. denied, 401 U.S. 954, 91 S.Ct. 968, 28 L.Ed.2d 237. Since I believe that the District Court could not enter its order in any event since it was not in aid of its jurisdiction, I do not find it necessary to reach the question where there was jurisdiction, apart from the All Writs Act, over the “dispute” between the Government and the Telephone Company. However, the Court’s failure to indicate the basis of jurisdiction is inexplicable.

20

The Court’s failure to explain why the District Court’s order was in aid of its jurisdiction is particularly notable when compared to the rationale of the prior Court cases on which it relies. See, e. g., Harris v. Nelson, 394 U.S. 286, 299, 89 S.Ct. 1082, 1090, 22 L.Ed.2d 281 (“the habeas corpus jurisdiction and the duty to exercise it being present, the courts may fashion appropriate modes of procedure . . . . Where their duties require it, this is the inescapable obligation of the courts”) (emphasis added); FTC v. Dean Foods Co., 384 U.S. 597, 604, 86 S.Ct. 1738, 1742, 16 L.Ed.2d 802 (injunction issued under All Writs Act upheld because it was necessary “to preserve the status quo while administrative proceedings are in progress and prevent impairment of the effective exercise of appellate jurisdiction “) (emphasis added).

The Court apparently concludes that there is no functional distinction between orders designed to enable a party to effectuate its rights and orders necessary to aid a court in the exercise of its jurisdiction. Ante, at 175 n. 23. The Court reaches this conclusion by pointing out that the orders in cases such as Harris v. Nelson, supra, protected a party’s rights. This is, of course, true. Orders in aid of a court’s jurisdiction will usually be beneficial to one of the parties before the court. The converse, however, is clearly not true. Not all orders that may enable a party to effectuate its rights aid the court in its exercise of jurisdiction. Compare Sampson v. Murray, 415 U.S. 61, 94 S.Ct. 937, 39 L.Ed.2d 166, with FTC v. Dean Foods Co., supra.

21

A citizen is not, however, free to forcibly prevent the execution of a search warrant. Title 18 U.S.C. 2231 imposes criminal penalties on any person who “forcibly assaults, resists, opposes, prevents, impedes, intimidates, or interferes with any person authorized to serve or execute search warrants . . . .” This section was originally enacted as part of the Espionage Act of 1917, see n. 6, supra, and is the only statutory provision imposing any duty on the general citizenry to “assist” in the execution of a warrant.

….

As Justice Stevens points out:


If the All Writs Act confers authority to order persons to aid the Government in the performance of its duties, and is no longer to be confined to orders which must be entered to enable the court to carry out its functions, it provides a sweeping grant of authority entirely without precedent in our Nation’s history. Of course, there is precedent for such authority in the common law the writ of assistance. The use of that writ by the judges appointed by King George III was one British practice that the Revolution was specifically intended to terminate. See n. 3, supra. I can understand why the Court today does not seek to support its holding by reference to that writ, but I cannot understand its disregard of the statutory requirement that the writ be “agreeable to the usages and principles of law.”

the construction urged by Chesney & Vladeck and the slim majority in United States v. New York Telephone Company, 434 U.S. 159 (98 S.Ct. 364, 54 L.Ed.2d 376), is a parallel to one of the reasons for the American Revolution.

The writ to compel Apple to assist the FBI is the

…portent of the powers that future courts may find lurking in the arcane language of Rule 41 and the All Writs Act.

that Justice Stevens foresaw in his dissent.

Rather than scrambling for some tortured “middle ground” with the FBI, legal scholars should be lining up to urge correction of the mistake made in United States v. New York Telephone Company, 434 U.S. 159 (98 S.Ct. 364, 54 L.Ed.2d 376).

The time has come to end the threat of slavery for both corporations and individuals under the All-Writs Act.


The portions of the opinions quoted above are from the Legal Information Institute (LII) at Cornell University Law School. Supporting the LII fosters public access to legal resources.

New La Résistance Forming At Apple – How You Can Help

Filed under: Cybersecurity,FBI,Free Speech,Government — Patrick Durusau @ 7:49 am

The New York Times reports that a new La Résistance may be forming at Apple in anticipation of a potential order conscripting Apple to create a new OS that breaks existing iPhone security. Apple Encryption Engineers, if Ordered to Unlock iPhone, Might Resist.

High level architects are the focus of the article but software projects aren’t composed solely of high level architects.

The architects will readily find new positions but what of lower level resistance fighters? The software/hardware community needs to prepare now to aid and shelter lower level resistance fighters from Apple.

They will be defending our rights and should know ahead of time that they don’t stand alone. Against the U.S. or any other coercive government.

Ask your management to earmark and advertise Apple La Résistance positions so that potential resistance fighters know they aren’t in this fight alone.

Support Apple now and resistance fighters online, offline, in any manner available to you.

Conscription, let’s be honest, enslavement at government demand, is wrong. (full stop)

What are you doing to stop it?

March 14, 2016

You Can Help Increase Frustration at the FBI, Yes! You!

Filed under: Cryptography,Cybersecurity,FBI,Government,Security — Patrick Durusau @ 1:17 pm

Skype co-founder launches ultra-private messaging, with video by Eric Auchard.

From the post:

A group of former Skype technologists, backed by the co-founder of the messaging platform, has introduced a new version of its own messaging service that promises end-to-end encryption for all conversations, including by video.

Wire, a 50-person start-up mostly made up of engineers, is stepping into a global political debate over encryption that pits privacy against security advocates, epitomized by the standoff between the U.S. government and Apple.

The company said on Thursday it was adding video calling to a package of private communications services that go beyond existing messaging providers.

See the post and/or check out new service: https://wire.com/privacy/

From the homepage of Wire:

Our personal and professional data is at the center of a new economy. The information we share on social networks, via email, and messaging services is being used to build profiles. These profiles are in turn used to sell us products and services through targeted advertising and suggestion. The data collected is vast, detailed, and often very personal. Vast resources are being spent to refine the profiles, all without transparency, policy or oversight.

Our personal and professional online communications should not be part of this economy. In the physical world we talk with each other directly. We can lower our voices or close a door to share private thoughts. In the online world we should be able to communicate directly without passing our private communications through these corporate data mines.

Wire is different.

You will also find this FBI heartburn product comparison matrix, suitable for framing, to let everyone know you are serious about security (select for larger image):

wire-matrix

There’s a web version of the service so I don’t have to buy a phone just to use it and/or annoy the FBI.

I’m signed up.

What about you?

FAQ: Why the emphasis on annoying the FBI?

Good question!

During my lifetime the FBI has illegally spied on civil rights leaders and organizations, the same for anti-war movements and virtually every other departure from the “norm.”

The more ordinary folks annoy the FBI, the less time and resources it has to conduct illegal operations against other citizens.

It won’t stop the FBI any more than being covered with 10,000 fleas would prevent you from driving. It would make driving, however, a very unpleasant experience.

March 11, 2016

Some Department of “Justice” – Beg, Borrow, or Steal

Filed under: Cybersecurity,FBI,Government — Patrick Durusau @ 8:39 pm

Government hints it may demand iOS source code, signing key by Gregg Keizer.

Gregg points out that the latest brief by the DOJ in the San Bernardino case, at footnote 9, page 22, the government says:

9 For the reasons discussed above, the FBI cannot itself modify the software on Farook’s iPhone without access to the source code and Apple’s private electronic signature. The government did not seek to compel Apple to turn those over because it believed such a request would be less palatable to Apple. If Apple would prefer that course, however, that may provide an alternative that requires less labor by Apple programmers. See In re Under Seal, 749 F.3d 276, 281-83 (4th Cir. 2014) (affirming contempt sanctions imposed for failure to comply with order requiring the company to assist law enforcement with effecting a pen register on encrypted e-mail content which included producing private SSL encryption key).

The DOJ hints that it will enlist the courts to assist it in the theft of Apple’s property and as Gregg further points out, may still want to force Apple to assist it:

Even if the Court ordered Apple to provide the government with Apple’s cryptographic keys and source code, Apple itself has implied that the government could not disable the requisite features because it “would have insufficient knowledge of Apple’s software and design protocols to be effective.” (Neuenschwander Decl. ¶ 23.) (at page 28 of the latest government brief)

Powerful briefs have been filed in support of Apple but its time to take the factual gloves off.

The expansive claims of the government are based solely on the entirely fictional notion that it is in hot pursuit of a terrorist threat.

If there were any terrorist threat to speak of, one would expect the TSA to have found a terrorist, at least one, this many years after 9/11. Some fifteen years this next September 11th. But it hasn’t.

Yes, fourteen people died during the San Bernardino attack, which the government has yet to show was anything more than a work place related dispute that erupted at a holiday party.

No government, not even the United States government, is entitled to declare facts not in evidence and expect others, especially fact finders such as courts, to meekly accept them as true.

The DOJ keeps posturing about the government’s interest. Apple and others should put that interest to a factual test.

Government agents are engaging in budget justifying behavior is a far less compelling reason to violate Apple’s constitutional rights than an actual terrorist threat.

But the so-called terrorist threat doesn’t exist. One suspects that is why the DOJ has omitted any factual basis for its claims. It could easily whistle up all the FBI arrests for terrorism, but that would expose the recruitment of the mentally ill people who are then supplied by the FBI to make those arrests.

I’m guessing that would diminish the government’s case in the eyes of the fact finder.

In some cases the government has a compelling interest, but fictional compelling interests don’t count.

The DOJ should be challenged at every step of the process, building a factual record that consists of everyone who had any part in the San Bernardino investigation, conversations with Apple, staff of the various DOJ offices, along with office notes, records, and phone logs.

If the interest of the government is so compelling, then it should not be reluctant to make a factual demonstration for the record.

Will the DOJ build a factual record? Will Apple demand it?

March 10, 2016

FOIA Confirms Lawless Nature of FBI Sky Spies [Dark Art/Dark Clouds]

Filed under: Cybersecurity,FBI,Government,Privacy — Patrick Durusau @ 5:32 pm

FOIA Confirms Lawless Nature of FBI Sky Spies

From the post:

The Electronic Frontier Foundation (EFF) released documents received in response to a Freedom of Information Act lawsuit that confirm the use of cell-site simulators in surveillance aircraft and the shocking disregard for oversight or regulatory policy what-so-ever. The federal government is flying spy-planes over US soil as the EFF put it, “without any policies or legal guidance.” North Star Post has been reporting on these activities since our founding following the independent disclosure of FBI operated domestic aerial surveillance on May 26th, 2015.

The EFF reports: the FBI’s “first successful airborne geolocation mission involving cellular technology” apparently occurred sometime in 2009, even as late as April 2014 lawyers from the FBI’s Office of General Counsel were discussing the need to develop a “coordinated policy” and “determine any legal concerns.”

NSP most prominently reported on the FBI evasion of established policy in regards to warrants for the use of cell-site simulator deployment in October of last year.

Aircraft have been identified as part of the FBI, DEA, DHS and other fleets, with many aircraft flying on a daily basis. The fleet is predominantly single-engine Cessna aircraft, with most flying 4-5 hours in looped patterns and circles with a radius of 2-2.5 miles. The 2+ mile figure is most likely the range of the DRT box although this has yet to be substantiated by government documents.

More details at the post will help you with tracking these planes and other details.

Security Syllogism:

All software/hardware have vulnerabilities.

DRT boxes are hardware and software.

Therefore, DRT boxes have vulnerabilities.

Yes? It’s been a while but I think that works.

While tracking airplanes and complaining about illegal law enforcement activity is useful, how much more useful would be vulnerabilities in DRT boxes?

DRT boxes promiscuously accept input, always a bad starting point for any hardware/software.

It could be as simple as building a directional “fake” cellphone that overloads the DRT box with noise.

Experts who have access to or who liberate DRT boxes can no doubt provide better advice than I can.

But on the whole, I’m not included to trust law breakers who later plead having been caught, they can now be trusted to follow the rules, but without any oversight.

That just strikes me as wholly implausible if not idiotic. The best defense is a good offense.

North Star Post has started a series on aerial surveillance: Part 1.

If you don’t know North Star Post (I didn’t), you should check them out. Follow @NStarPost.

I have no connections with North Star Post but consider it a public service to recommend you follow useful accounts, even ones that aren’t mine.

PS: If you do run across hacking information for DRT boxes, please post and/or re-post prominently. It’s not so much a matter that I become aware of it but that the public at large is enabled to defend itself.

March 8, 2016

If You Are Going To Lie… [iPhone Case]

Filed under: Cybersecurity,FBI,Government — Patrick Durusau @ 8:03 pm

A recent post about the FBI claims in the iPhone case reminded me of this Dilbert cartoon, where Dogbert advises Dilbert:

Maybe for your first crime you shouldn’t put your name and address on it and distribute ti to ten thousand strangers.

There is a similar rule for lying to judges, the first rule being never to lie to a judge, its just bad practice but especially never lie when it can be proven that you are lying.

Representatives of law enforcement broke that second rule and compounded the error by lying in written pleadings.

In the iPhone case, Daniel Kahn Gillmor makes an air-tight case for the FBI having lied to the court both in its initial application and in subsequent pleadings about the “auto-erase” feature of the iPhone in question. One of the FBI’s Major Claims in the iPhone Case is Fraudulent.

In a nutshell, the FBI has attempted to mis-lead the court into thinking the “auto-erase” feature dooms the FBI to ten tries at guessing the password. A lay person might think so but with just a little thought, you make a backup of the NAND flash memory where the encrypted data is stored. Try to your heart’s content, but only ten attempts before you have to restore the memory.

In addition to lying to the court, the FBI gambled on the court possibly lacking the technical background to realize the falseness of the FBI’s claims.

That’s more rank than outright lying to the court. All parties to litigation have an affirmative obligation to see that the court is fully and accurately informed of the facts before it.

After denying the government’s claims in the iPhone case, the court should refer the attorneys for the government to the Califoria Bar association for disciplinary hearings.

FBI Has More Privacy Than Average US Citizen

Filed under: FBI,Government,Privacy — Patrick Durusau @ 4:20 pm

FBI quietly changes its privacy rules for accessing NSA data on Americans by Spencer Ackerman.

From the post:

The FBI has quietly revised its privacy rules for searching data involving Americans’ international communications that was collected by the National Security Agency, US officials have confirmed to the Guardian.

The classified revisions were accepted by the secret US court that governs surveillance, during its annual recertification of the agencies’ broad surveillance powers. The new rules affect a set of powers colloquially known as Section 702, the portion of the law that authorizes the NSA’s sweeping “Prism” program to collect internet data. Section 702 falls under the Foreign Intelligence Surveillance Act (Fisa), and is a provision set to expire later this year.

Spender’s report is marred by what it can’t state:


But the PCLOB’s new compliance report, released on Saturday, found that the administration has submitted “revised FBI minimization procedures” that address at least some of the group’s concerns about “many” FBI agents who use NSA-gathered data.

“Changes have been implemented based on PCLOB recommendations, but we cannot comment further due to classification,” said Christopher Allen, a spokesman for the FBI.

Sharon Bradford Franklin, a spokesperson for the PCLOB, said the classification prevented her from describing the rule changes in detail, but she said they move to enhance privacy. She could not say when the rules actually changed – that, too, is classified.

“They do apply additional limits” to the FBI, Franklin said.

Timothy Barrett, a spokesman for the office of the director of national intelligence, also confirmed the change to FBI minimization rules.

We know how trustworthy government has proven itself to be, Pentagon Papers, Watergate, Iran-Contra, the Afghan War Diaries, the Snowden leaks, just to hit the highlights.

Here is what Snowden said was being collected:

PRISM_Collection_Details

By National Security Agencyoriginal image | source, Public Domain, https://commons.wikimedia.org/w/index.php?curid=26526602

So where is the danger of the FBI being limited (picking one at random) from monitoring all chats from New York state to overseas locations? That only means it has to have some cause to invade the privacy of a given individual.

Doesn’t say what cause, don’t say which individual.

What privacy for the FBI does do is conceal incompetence, waste of resources and perpetuate a lack of effective outside oversight over the FBI.

Otherwise the FBI would not have to recruiting the mentally ill to carry out terrorist preparations at the behest of the FBI. They would have real, non-FBI sponsored terrorists to arrest.

Now there’s a category for terrorists: non-FBI sponsored terrorists.

Is anyone doing data mining on FBI “terrorist” arrests?

February 29, 2016

Another Brick in the Wall (Between You and the FBI)

Filed under: Cybersecurity,FBI,Government — Patrick Durusau @ 7:49 pm

Orenstein Denial of Government Motion

Posted at the Electronic Freedom Foundation site, Judge Orenstein (Eastern District, New York), denied the FBI’s request using the All Writs Act to access an iPhone.

The opinion runs 50 pages so I have only skimmed the beginning but wanted to pass it on for your consideration.

More to follow after a reasonable time to read and digest its contents.

One for the good guys!

Toking Weed vs. Evidence on Going Dark

Filed under: Cybersecurity,FBI,Government,Security — Patrick Durusau @ 7:24 pm

Going Dark? Federal Wiretap Data Show Scant Encryption Problems by Andrea Castillo.

From the post:


These charts use data from the annual Wiretap Reports published by the Administrative Office of the US Courts to display the portion of total reported wiretap orders that have been undermined by encryption technologies from 2001 to 2014. (This dataset only examines domestic wiretap requests. Information relating to wiretap requests regulated by the Foreign Intelligence Surveillance Act of 1978 is not available.) The charts show that, contrary to popular assumption, encryption technologies have only complicated a minuscule percentage of reported wiretap investigations in recent years.

going-dark-chart

Of the 147 wiretaps that encountered encrypted calls, 0.45% of 32,539 calls, 132 were deciphered so only 15 or 0.046% went undeciphered by the government.

For the sake of 15 wiretaps, the FBI and friends would strip over 300 million people of their privacy.

Did someone say that marijuana is no longer illegal in Washington, D.C.?

That’s the only explanation I can imagine for 15 wiretap cases being more important that 300+ million citizens.

Other explanations?

February 28, 2016

The Government Revolving Door and Apple

Filed under: Cybersecurity,FBI,Government,Security — Patrick Durusau @ 7:31 pm

Deposing Tim Cook by Stewart Baker.

I’m not going to quote any of Stewart’s post because I want to test your powers of deduction on his likely position.

Here is the one clue I will give you:

Stewart A. Baker is a partner in the Washington office of Steptoe & Johnson LLP. He returned to the firm following 3½ years at the Department of Homeland Security as its first Assistant Secretary for Policy. He earlier served as general counsel of the National Security Agency.

That blurb appears next to the post itself. I have no way to verify that information but accept it as true for the purposes of my question:

Does Stewart Baker support or oppose Apple’s objection?

Your answer goes here: ______

Now go read Stewart’s post.

How did you do?

You may want to set an auto-search to alert on Stewart’s next trip through the government revolving door.

February 25, 2016

Apple Fires At The Death Star!

Filed under: Cybersecurity,FBI,Government,Security — Patrick Durusau @ 8:40 pm

Well, almost.

More accurate to say Apple filed: APPLE INC’S MOTION TO VACATE ORDER COMPELLING APPLE, INC. TO ASSIST AGENTS IN SEARCH, AND OPPOSITION TO GOVERNMENT’S MOTION TO COMPEL ASSISTANCE.

Caveat: Don’t be confused by the errant page numbering in the table of contents (TOC). I have checked (and you can too) the authorities against the pages where cited. I’m not sure why the TOC is wrong but it is. Total length is sixty-five (65) pages.

To entice you to read the document in full, here is the first paragraph:

This is not a case about one isolated iPhone. Rather, this case is about the Department of Justice and the FBI seeking through the courts a dangerous power that Congress and the American people have withheld: the ability to force companies like Apple to undermine the basic security and privacy interests of hundreds of millions of individuals around the globe. The government demands that Apple create a back door to defeat the encryption on the iPhone, making its users’ most confidential and personal information vulnerable to hackers, identity thieves, hostile foreign agents, and unwarranted government surveillance. The All Writs Act, first enacted in 1789 and on which the government bases its entire case, “does not give the district court a roving commission” to conscript and commandeer Apple in this manner. Plum Creek Lumber Co. v. Hutton, 608 F.2d 1283, 1289 (9th Cir. 1979). In fact, no court has ever authorized what the government now seeks, no law supports such unlimited and sweeping use of the judicial process, and the Constitution forbids it. (emphasis in original)

Now that’s an opening paragraph!

I especially like the “…to conscript and commandeer Apple in this manner” language.

Even if you have to go “blah, blah,” over the case citations, do read this memorandum.

It will leave you with no doubt the FBI has abandoned even lip service to the Constitution and our system of government.

February 24, 2016

Apple Response to Attempted FBI Mugging

Filed under: Cybersecurity,FBI,Government,Security — Patrick Durusau @ 6:02 pm

Apple is politer than I would be after an attempted FBI mugging.

The new webpage by Apple reads in part:

Why is Apple objecting to the government’s order?

The government asked a court to order Apple to create a unique version of iOS that would bypass security protections on the iPhone Lock screen. It would also add a completely new capability so that passcode tries could be entered electronically.

This has two important and dangerous implications:

First, the government would have us write an entirely new operating system for their use. They are asking Apple to remove security features and add a new ability to the operating system to attack iPhone encryption, allowing a passcode to be input electronically. This would make it easier to unlock an iPhone by “brute force,” trying thousands or millions of combinations with the speed of a modern computer.

We built strong security into the iPhone because people carry so much personal information on our phones today, and there are new data breaches every week affecting individuals, companies and governments. The passcode lock and requirement for manual entry of the passcode are at the heart of the safeguards we have built in to iOS. It would be wrong to intentionally weaken our products with a government-ordered backdoor. If we lose control of our data, we put both our privacy and our safety at risk.

Second, the order would set a legal precedent that would expand the powers of the government and we simply don’t know where that would lead us. Should the government be allowed to order us to create other capabilities for surveillance purposes, such as recording conversations or location tracking? This would set a very dangerous precedent.

The first sentence captures all that need to said for me:

The government asked a court to order Apple to create a unique version of iOS that would bypass security protections on the iPhone Lock screen.

Suddenly, the “land of the free,” becomes “land of the free, so long as you don’t cross the FBI…”

The government can certainly ask Apple to undertake such a project but Apple (and you) have an absolute right to decline. For any reason.

The FBI wants your freedom to choose to be at the sufferance of the FBI.

That doesn’t fit with my notion of liberty under the U.S. Constitution.

Does it fit with yours?

February 23, 2016

Apple Refuses to “Unlock” – False Meme – FBI Attempts To Press Gang Apple

Filed under: Cybersecurity,FBI,Government,Security — Patrick Durusau @ 9:43 pm

The meme that Apple has refused to “unlock” an iPhone in the San Bernardino shooting case is demonstrably false.

There is no magic key which Apple has refused to release to the FBI. (full stop)

Every media outlet or person describing the request to Apple as to “unlock:”

  1. Is ignorant of the facts of the FBI request,
  2. Is deliberating spreading disinformation for the FBI,
  3. Or both.

The falseness of the “unlock” meme isn’t hard to demonstrate.

The original court order reads in part:

1. Apple shall assist in enabling the search of a cellular telephone, Apple make: iPhone 5C, Model: A1532, P/N:MGF2LL/A, S/N:FFMNQ3MTG2DJ, IMEI:358820052301412, on the Verizon Network, (the “SUBJECT DEVICE”) pursuant to a warrant of this Court by providing reasonable technical assistance to assist law enforcement agents in obtaining access to the data on the SUBJECT DEVICE.

2. Apple’s reasonable technical assistance shall accomplish the following three important functions: (1) it will bypass or disable the auto-erase function whether or not it has been enabled; (2) it will enable the FBI to submit passcodes to the SUBJECT DEVICE for testing electronically via the physical device port, Bluetooth, Wi-Fi, or other protocol available on the SUBJECT DEVICE; and (3) it will ensure that when the FBI submits passcodes to the SUBJECT DEVICE, software running on the device will not purposefully introduce any additional delay between passcode attempts beyond what is incurred by Apple hardware.

3. Apple’s reasonable technical assistance may include, but is not limited to: providing the FBI with a signed IPhone Software file, recovery bundle, or other Software Image File (“SIF”) that can be loaded onto the SUBJECT DEVICE. The SIF will load and run from Random Access Memory (“RAM”) and will not modify the iOS on the actual phone, the user data partition or system partition on the device’s flash memory. The SIF will be coded by Apple with a unique identifier of the phone so that the SIF would only load and execute on the SUBJECT DEVICE. The SIF will be loaded via Device Firmware Upgrade (“DFU”) mode, recovery mode, or other applicable mode available to the FBI. Once active on the SUBJECT DEVICE, the SIF will accomplish the three functions specified in paragraph 2. The SIF will be loaded on the SUBJECT DEVICE at either a government facility, or alternatively, at an Apple facility; if the latter, Apple shall provide the government with remote access to the SUBJECT DEVICE through a computer allowing the government to conduct passcode recovery analysis.

4. If Apple determines that it can achieve the three functions stated above in paragraph 2, as well as the functionality set forth in paragraph 3, using alternative technological means from that recommended by the government, and the government concurs, Apple may comply with this Order in that way.

Does that sound like “unlock” to you?

Yet, media outlets as diverse as NPR, the New York Times and the Pew Foundation, have all repeated the false “unlock” meme, along with many others.

The court order is an attempt to force Apple to undertake a custom programming project at the behest of the government.

Do you think the government can whistle up Apple, IBM or Microsoft, or even you, for a custom programming job?

Whether you want to participate or not?

That’s what FBI Director Comey and his media allies want to hide under the false “unlock” meme.

Spread the true meme – this is slavery on the software seas and should be denounced as such.

The freedom you save may well be your own.

February 19, 2016

Motion Forcing Apple to comply with FBI [How Does Baby Blue’s Make Law More Accessible?]

Filed under: Cybersecurity,FBI,Government,Privacy,Security — Patrick Durusau @ 5:24 pm

The DoJ is trying to force Apple to comply with FBI by Nicole Lee.

I mention this because Nicole includes a link to: Case 5:16-cm-00010-SP Document 1 Filed 02/19/16 Page 1 of 35 Page ID #:1, which is the GOVERNMENT’S MOTION TO COMPEL APPLE INC. TO COMPLY WITH THIS COURT’S FEBRUARY 16, 2016 ORDER COMPELLING ASSISTANCE IN SEARCH; EXHIBIT.

Whatever the Justice Department wants to contend to the contrary, a hearing date of March 22, 2016 on this motion is ample evidence that the government has no “urgent need” for information, if any, on the cell phone in question. The government’s desire to waste more hours and resources on dead suspects is quixotic at best.

Now that Baby Blue’s Manual of Legal Citation (Baby Blue’s) is online and legal citations are no long captives of the Bluebook® gang, tell me again how Baby Blue’s has increased public access to the law?

This is, after all, a very important public issue and the public should be able to avail itself of the primary resources.

You will find Baby Blue’s doesn’t help much in that regard.

Contrast Baby Blue’s citation style advice with adding hyperlinks to the authorities cited in the Department of Justice’s “memorandum of points and authorities:”

Federal Cases

Central Bank of Denver v. First Interstate Bank of Denver, 551 U.S. 164 (1994).

General Construction Company v. Castro, 401 F.3d 963 (9th Cir. 2005)

In re Application of the United States for an Order Directing a Provider of Communication Services to Provide Technical Assistance to the DEA, 2015 WL 5233551, at *4-5 (D.P.R. Aug. 27, 2015)

In re Application of the United States for an Order Authorizing In-Progress Trace o Wire Commc’ns over Tel. Facilities (Mountain Bell), 616 F.2d 1122 (9th Cir. 1980)

In re Application of the United States for an Order Directing X to Provide Access to Videotapes (Access to Videotapes), 2003 WL 22053105, at *3 (D. Md. Aug. 22, 2003) (unpublished)

In re Order Requiring [XXX], Inc., to Assist in the Execution of a Search Warrant Issued by This Court by Unlocking a Cellphone (In re XXX) 2014 WL 5510865, at #2 (S.D.N.Y. Oct. 31, 2014)

Konop v. Hawaiian Airlines, Inc., 302 F.3d 868 (9th Cir. 2002)

Pennsylvania Bureau of Correction v. United States Marshals Service, 474 U.S. 34 (1985)

Plum Creek Lumber Co. v. Hutton, 608 F.2d 1283 (9th Cir. 1979)

Riley v. California, 134 S. Ct. 2473 (2014) [For some unknown reason, local rules must allow varying citation styles for U.S. Supreme Courts decisions.]

United States v. Catoggio, 698 F.3d 64 (2nd Cir. 2012)

United States v. Craft, 535 U.S. 274 (2002)

United States v. Fricosu, 841 F.Supp.2d 1232 (D. Co. 2012)

United States v. Hall, 583 F. Supp. 717 (E.D. Va. 1984)

United States v. Li, 55 F.3d 325, 329 (7th Cir. 1995)

United States v. Navarro, No. 13-CR-5525, ECF No. 39 (W.D. Wa. Nov. 13, 2013)

United States v. New York Telephone Co., 434 U.S. 159 (1977)

Federal Statutes

18 U.S.C. 2510

18 U.S.C. 3103

28 U.S.C. 1651

47 U.S.C. 1001

47 U.S.C. 1002

First, I didn’t format a one of these citations. I copied them “as is” into a search engine so Baby Blue’s played no role in those searches.

Second, I added hyperlinks to a variety of sources for both the case law and statutes to make the point that one citation can resolve to a multitude of places.

Some places are commercial and have extra features while others are non-commercial and may have fewer features.

If instead of individual hyperlinks, I had a nexus for each case, perhaps using its citation as its public name, then I could attach pointers to a multitude of resources that all offer the same case or statute.

If you have WestLaw, LexisNexis or some other commercial vendor, you could choose to find the citation there. If you prefer non-commercial access to the same material, you could choose one of those access methods.

That nexus is what we call a topic in topic maps (“proxy” in the TMRM) and it would save every user, commercial or non-commercial, the sifting of search results that I performed this afternoon.

The hyperlinks I used above make some of the law more accessible but not as accessible as it could be.

Creating a nexus/topic/proxy for each of these citations would enable users to pick pre-formatted citations (good-bye to formatting manuals for most of us) and the law material most accessible to them.

That sounds like greater public access to the law to me.

You?


Read the government’s “Memorandum of Points and Authorities” with a great deal of care.

For example:

The government is also aware of multiple other unpublished orders in this district and across the country compelling Apple to assist in the execution of a search warrant by accessing the data on devices running earlier versions of iOS, orders with which Apple complied.5

Be careful! Footnote 5 refers to a proceeding in the Eastern District of New York where the court sua sponte raised the issue of its authority under the All Writs Act. Footnote 5 recites no sources or evidence for the prosecutor’s claim of “…multiple other unpublished orders in this district and across the country….” None.

My impression is the government’s argument is mostly bluster and speculation. Plus repeating that Apple has betrayed its customers in the past and the government doesn’t understand its reluctance now. Business choices are not subject to government approval, or at least they weren’t the last time I read the U.S. Constitution.

Yes?

February 18, 2016

Anti-Terrorism By Quota?

Filed under: FBI,Government — Patrick Durusau @ 8:08 pm

U.S. Department of Justice, Office of the Attorney General, FY 2015 Annual Performance Report and FY 2017 Annual Performance Plan

Did you know that the FBI has terrorist plots quotas?

fbi-terrorism-quota

That may help explain why so many mentally ill people are duped into terrorist-like activities, assisted by the FBI. Have to make those quotas.

You may want to crib some of the definition of “disruption” for your next performance review:

A disruption is defined as interrupting or inhibiting a threat actor from engaging in criminal or national security related activity. A disruption is the result of direct actions and may include, but is not limited to, the arrest; seizure of assets; or impairing the operational capabilities of key threat actors.

That’s so, ah, vague. Anything could qualify as “impairing the operational capabilities….”

It does occur to me that if there were 440 “disruptions” up to September 30, 2015, then there should be some roughly equivalent number of arrests, indictments, etc. Yes?

Anyone have a quick handle on a source for such records?

Thanks!

June 11, 2014

Exploring FBI Crime Statistics…

Filed under: Data Mining,FBI,Python,Statistics — Patrick Durusau @ 2:30 pm

Exploring FBI Crime Statistics with Glue and plotly by Chris Beaumont.

From the post:

Glue is a project I’ve been working on to interactively visualize multidimensional datasets in Python. The goal of Glue is to make trivially easy to identify features and trends in data, to inform followup analysis.

This notebook shows an example of using Glue to explore crime statistics collected by the FBI (see this notebook for the scraping code). Because Glue is an interactive tool, I’ve included a screencast showing the analysis in action. All of the plots in this notebook were made with Glue, and then exported to plotly (see the bottom of this page for details).
….

FBI crime statistics are used for demonstration purposes but Glue should be generally useful for exploring multidimensional datasets.

It isn’t possible to tell how “clean” or “consistent” the FBI reported crime data may or may not be. And as the FBI itself points out, comparison between locales is fraught with peril.

February 24, 2012

Social Media & the FBI

Filed under: FBI,RFI-RFP — Patrick Durusau @ 5:02 pm

I pointed to the FBI RFI on Social Media mining innocently enough. Before the privacy advocates got into full voice.

Your privacy isn’t in any danger from this proposal from the FBI.

Yes, it talks about mining social media but it also says its objectives are:

  • Provide a user defined operations pictures (UDOP) that are flexible to support a myriad of functional FBI missions. Examples include but are not limited to: Reconnaissance & Surveillance, NSSE Planning, NSSE Operations, SIOC Operations, Counter Intelligence, Terrorism, Cybercrime, etc.
  • To improve the FBI SIOC’s open source intelligence collection capabilities by establishing a robust open source platform that has the flexibility to change search parameters and geo-locate the search based on breaking events or emerging threats.
  • Improve and accelerate the speed by which the FBI SIOC is alerted, vetted and notified of breaking events and emerging threats to more effectively notify the appropriate FO. LEGAT or OGA. (push vs. pull)
  • Provide FBI Executive Management with enhanced strategic, operational and tactical information for improved decision making
  • Empower the FBI SIOC with rapid self-service application to quickly adjust open source “search” parameters to a breaking event, crisis, and emerging threats.

Do you wonder what they mean by “open source?” Or do they intend to contract for “open source” in the Apache sense for do-it-yourself spyware?

The “…include but are not limited to: Reconnaissance & Surveillance, NSSE Planning, NSSE Operations, SIOC Operations, Counter Intelligence, Terrorism, Cybercrime, etc.” reminds me of the > 700,000 lines of code from the Virtual Case File project at the FBI.

The objective that makes me feel safe is: “Provide FBI Executive Management with enhanced strategic, operational and tactical information for improved decision making”

Does that help you realize this set of “objectives” was written by some FBI executive leafing through Wired magazine and just jotting down words and phrases?

I am sure there are some cutting edge applications that could be developed for the FBI. That would further its legitimate mission(s).

But unless and until the requirements for those applications are developed by, for and with the FBI personnel actively performing those missions, prior to seeking input from vendors, this is just another $170 Million rat-hole.

To be very clear, requirements should be developed by parties who have no interest in the final contract or services.

« Newer Posts

Powered by WordPress