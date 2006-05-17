from the cheap-at-twice-the-price dept.
Here's an extra story related to FBI Director Comey's questioning on Wednesday. It's a piece of "classified information":
Sen. Dianne Feinstein, the top Democrat on the Senate committee that oversees the FBI, said publicly this week that the government paid $900,000 to break into the locked iPhone of a gunman in the San Bernardino, California, shootings, even though the FBI considers the figure to be classified information.
The FBI also has protected the identity of the vendor it paid to do the work. Both pieces of information are the subject of a federal lawsuit by The Associated Press and other news organizations that have sued to force the FBI to reveal them.
California's Feinstein cited the amount while questioning FBI Director James Comey at a Senate Judiciary Committee oversight hearing Wednesday.
Previously on SoylentNews: Apple Ordered by Judge to Help Decrypt San Bernadino Shooter's phone
Former NSA Director Claims Many Top Gov't Officials Side With Apple
Choice quotes from an interview with Gen. Michael Hayden (archive.is) on Wednesday:
"The issue here is end-to-end, unbreakable encryption—should American firms be allowed to create such a thing?" he told the Wall Street Journal editor John Bussey. "You've got [FBI director] Jim Comey on one side saying, I am really going to suffer if I can't read Tony Soprano's email. Or, if I've got to ask Tony for the PIN number before I get to read Tony's emails. Jim Comey makes that complaint, and I get it. That is right. There is an unarguable downside to unbreakable encryption."
"I think Jim Comey is wrong...Jim's logic is based on the belief that he remains the main body. That you should accommodate your movements to him, which is the main body. And I'm telling you, with regard to the cyber domain, he's not. You are."
And by the way? If I were in Jim Comey's job, I'd have Jim Comey's point of view. I understand. But I've never been in Jim Comey's job...my view on encryption is the same as [former Secretary of Homeland Security] Mike Chertoff's, it's the same as [former Deputy Secretary of Defense] Bill Lynn's, and it's the same as [former NSA director] Mike McConnell, who is one of my predecessors."
It's interesting for this opinion to be coming from this source.
[Continues.]
John McAfee offers to unlock killer's iPhone
McAfee says that he and his team can break into the phone within three weeks. McAfee states his motive for the offer is because "he didn't want Apple to be forced to implement a 'back door'".
Bill Gates Takes Middle Road in FBI iPhone Unlock Dispute
Bill Gates has apparently sided with the FBI in the dispute over the unlocking of a "specific" iPhone, breaking with other technology industry leaders:
Apple should comply with the FBI's request to unlock an iPhone as part of a terrorism case, Microsoft founder Bill Gates says, staking out a position that's markedly different from many of his peers in the tech industry, including Facebook founder Mark Zuckerberg. The two titans aired their views on what's become a public debate over whether Apple should be compelled to unlock an iPhone used by San Bernardino shooter Syed Rizwan Farook. "This is a specific case where the government is asking for access to information. They are not asking for some general thing, they are asking for a particular case," Gates told the Financial Times.
However, in a follow-up interview with Bloomberg, Gates said he was disappointed by reports (such as my original submission #2 below) that he had sided with the FBI in its legal dispute with Apple:
In an interview with Bloomberg, Bill Gates says he was "disappointed" by reports that he supported the FBI in its legal battle with Apple, saying "that doesn't state my view on this." Still, Gates took a more moderate stance than some of his counterparts in the tech industry, not fully backing either the FBI or Apple but calling for a broader "discussion" on the issues. "I do believe that with the right safeguards, there are cases where the government, on our behalf — like stopping terrorism, which could get worse in the future — that that is valuable." But he called for "striking [a] balance" between safeguards against government power and security.
[Continues.]
The Washington Post reports that the FBI did not require the services of Israeli firm Cellebrite to hack a San Bernardino terrorist's iPhone. Instead, it paid a one-time fee to a group of hackers and security researchers, at least one of whom the paper labels a "gray hat". It's also reported that the U.S. government has not decided whether or not to disclose to Apple the previously unknown vulnerability (or vulnerabilities) used to unlock the iPhone (specifically an iPhone 5C running iOS 9):
The FBI cracked a San Bernardino terrorist's phone with the help of professional hackers who discovered and brought to the bureau at least one previously unknown software flaw, according to people familiar with the matter. The new information was then used to create a piece of hardware that helped the FBI to crack the iPhone's four-digit personal identification number without triggering a security feature that would have erased all the data, the individuals said.
The researchers, who typically keep a low profile, specialize in hunting for vulnerabilities in software and then in some cases selling them to the U.S. government. They were paid a one-time flat fee for the solution.
[...] The bureau in this case did not need the services of the Israeli firm Cellebrite, as some earlier reports had suggested, people familiar with the matter said. The U.S. government now has to weigh whether to disclose the flaws to Apple, a decision that probably will be made by a White House-led group.
FBI Director James Comey told students at Catholic University's Columbus School of Law that "Apple is not a demon," and "I hope people don't perceive the FBI as a demon." What a saint.
The Guardian is reporting that...
On Wednesday, the FBI confirmed it wouldn't tell Apple about the security flaw it exploited to break inside the iPhone 5C of San Bernardino gunman Syed Farook in part, because the bureau says it didn't buy the rights to the technical details of the hacking tool.
"Currently we do not have enough technical information about any vulnerability that would permit any meaningful review," said Amy Hess, the FBI's executive assistant director for science and technology.
$1.3m and no source code?
Security researcher Sergei Skorobogatov has bypassed the iPhone 5c's firmware using NAND mirroring. The achievement comes too late for the FBI to save some money:
The FBI told Congress it couldn't hack the San Bernardino shooter's phone without Apple's aid, but a researcher has proved that claim was inaccurate. "The process does not require any expensive and sophisticated equipment," wrote University of Cambridge researcher Sergei Skorobogatov. "All needed parts are low cost and were obtained from local electronics distributors."
Security firm Trail of Bits argued earlier this year that it would be possible to replace the iPhone firmware with a chip that doesn't block multiple password attempts. You could then try every single one until you're in, a process that would take less than a day with a four-digit code, and a few weeks with a six-digit one.
[...] "Despite government comments about feasibility of the NAND mirroring for iPhone 5c it was now proved to be fully working," the paper says. That again lends credence to FBI critics who said that the FBI was only pushing for Apple's assistance to create a precedent in court. A magistrate judge ruled against Apple, so law enforcement could use that decision to make other companies cooperate in encryption cases.
Update: The Associated Press, Vice Media and Gannett, the parent company of USA Today, have sued the FBI for information about how the agency accessed the locked iPhone 5c.
Federal Bureau of Investigation (FBI) Director James Comey appeared before a U.S. Senate panel on May 3rd to defend his agency's conduct under his leadership during the 2016 elections:
Comey acknowledged that the realization the bureau could have affected the election's outcome left him feeling "mildly nauseous." But, he added, "honestly, it wouldn't change the decision." Comey has been transformed into an unusual kind of political celebrity over the past year, his decisions coming in for sharp criticism from almost every point of the political spectrum.
News reports have cited anonymous sources within the intelligence community casting him as too fond of the spotlight, despite his repeated insistence to the contrary. Whether he sought it or not, Wednesday's Senate Judiciary Committee oversight hearing was yet another center-stage moment for the FBI director. Cable networks carried virtually uninterrupted coverage of his testimony from the moment he took his seat before a scrum of news photographers.
Comey explained his reasoning behind the decision to inform Congress about Clinton emails discovered during an investigation into Anthony Weiner, and said that he had made the right choice. One event that factored into the decision and his earlier July 2016 announcement about the Hillary Clinton investigation was Bill Clinton's meeting with former Attorney General Loretta Lynch. At Wednesday's hearing, Comey faced criticism from Democrats and Republicans alike on topics including the FBI's delay in disclosing an investigation into the Trump campaign and the decision to not charge Huma Abedin for mishandling classified information. On the day before the hearing, Hillary Clinton blamed the FBI Director for her loss, while President Trump tweeted that "FBI Director Comey was the best thing that ever happened to Hillary Clinton in that he gave her a free pass for many bad deeds!"
Comey appeared to confirm that the FBI is investigating whether its agents leaked information to Rudy Giuliani, a Trump ally. He also took the time to denigrate WikiLeaks by calling it "intelligence porn", and alleging that WikiLeaks acted as a "conduit for the Russian intelligence services or some other adversary of the United States just to push out information to damage the United States". Here's what Julian Assange had to say in response. Comey did not confirm whether or not the government is planning to charge Julian Assange with crimes related to his organization's recent activities. CNN reported in April that the U.S. is preparing to charge Assange with... something, and CIA Director Mike Pompeo recently called WikiLeaks a "non-state hostile intelligence service".
Also at The Washington Post, CNN, and The New York Times (editorial).
(Score: -1, Troll) by Anonymous Coward on Sunday May 07, @03:36AM (1 child)
A Republican must be President! Leading Democrats are suddenly very concerned about government spending!
(Score: 2) by takyon on Sunday May 07, @03:39AM
One millie!
One millie!
One millie!
This seems to be in the ballpark of what we knew seeing as one of the earlier articles mentions $1.3 million. But it is cute that the FBI kept this info secret. Fuck em.
[SIG] 04/14/2017: Soylent Upgrade v13 [soylentnews.org]
(Score: 2) by kaszz on Sunday May 07, @04:18AM
Surely this is something Apple can fix? last time a read more in depth how it was done there surely are ways to thwart it even if the opponent can disassembly it all and do the electron microscope and e-beam thing (and others).
