Encryption

Justice Department Attempts To Blame Encryption for Terrorist Attack Feds Failed To See Coming

The FBI and attorney general want to ruin everybody's data security and draft Apple into compromising your safety.

|

When a Saudi Arabian man named Mohammed Saeed Alshamrani opened fire at the Naval Air Station in Pensacola, Florida, in December 2019, killing three and injuring eight, the FBI assumed (correctly) it was an act of terrorism.

Alshamrani, who was 21 and a lieutenant in the Royal Saudi Air Force, was at a training program sponsored by the Pentagon in an agreement with Saudi Arabia. A subsequent investigation by both the United States and Saudi Arabia would show that Alshamrani may have been radicalized by Al Qaeda as far back as 2015 and had been tweeting out angry comments against the United States and Israel prior to the attack. That information started coming to light less than a week after the attack, raising questions about whether the American government had done a bad job vetting Alshamrani before letting him into the United States to train.

But Alshamrani also had two iPhones that were locked (which the FBI couldn't get access to upon his death), so instead of focusing on what intelligence failures allowed for Alshamrani to enter the United States, the Justice Department is instead continuing its attack on encryption. Immediately after the attack, FBI got a warrant to search Alshamrani's phones and they approached Apple, asking for help breaking into them. Apple reportedly gave the FBI access to data that the man had stored on his iCloud, but as has been their practice for years now, their encryption system doesn't give Apple the ability to bypass it and the company would not assist in breaking into the phones.

This has been a sticking point between Apple (and other tech companies) and the Justice Department for years now. Strong encryption is vital to protecting everybody's data privacy from criminals and any other bad actors with malicious intent (like authoritarian governments and spies). Criminals and terrorists, of course, can also use encryption to prevent their conversations and plans from being detected by police who might stop them. Any tool can be used for good and bad purposes.

This fight is back in the news this week because the Justice Department revealed on Monday that it had finally managed to break into Alshamrani's phone without Apple's help. This should be good news, but it's clear that the FBI and Department of Justice have decided that they're going to continue using this case to try to attack end-to-end encryption and attempt to force tech companies to install virtual backdoors that allow government officials to bypass security protections.

On Monday, Attorney General William Barr briefly summarized what they've learned from Alshamrani's phone:

  • Alshamrani and his Al Qaeda in the Arabian Peninsula (AQAP) associates communicated using end-to-end encrypted apps, with warrant-proof encryption, deliberately in order to evade law enforcement.
  • Alshamrani's preparations began years ago. He had been radicalized by 2015, and having connected and associated with AQAP operatives, joined the Royal Saudi Air Force in order to carry out a "special operation."
  • In the months before the 2019 attack, while in the United States, Alshamrani had specific conversations with overseas AQAP associates about plans and tactics. In fact, he even conferred with his AQAP associates up until the night before the attack.

Note that the first item is obvious, and the second item was actually uncovered early on in the investigation. The third item, intended to serve as a justification for attacking encryption, is more of an indication of an intelligence failure. The press release from the Justice Department makes it clear that Alshamrani was not on the FBI's radar prior to the attack and there's no sign they had been trying to get access to his phone data until after the attack. The Justice Department observes in the release, "The phones contained important, previously-unknown information that definitively established Alshamrani's significant ties to Al Qaeda in the Arabian Peninsula (AQAP), not only before the attack, but before he even arrived in the United States. The FBI now has a clearer understanding of Alshamrani's associations and activities in the years, months, and days leading up to the attack."

So even though the federal government was unsuccessful in noticing Alshamrani's radicalization that happened four years ago, before he ever came to America, the problem is now that they couldn't get into his phone after the deed was done.

Both Barr and FBI Director Chris Wray continue to use these edge cases to demand that Congress force companies like Apple to cooperate with the feds and let them bypass encryption.

"If not for our FBI's ingenuity, some luck, and hours upon hours of time and resources, this information would have remained undiscovered," Barr said in the statement. "The bottom line: our national security cannot remain in the hands of big corporations who put dollars over lawful access and public safety. The time has come for a legislative solution."

It has been a long-running strategy for the Justice Department to treat Apple's extremely valuable and important encryption tools as just some marketing gimmick to win over customers.

In a speech yesterday, Barr and Wray continued the assault. Barr said:

Apple's desire to provide privacy for its customers is understandable, but not at all costs. Under our nation's long-established constitutional principles, where a court authorizes a search for evidence of a crime, an individual's privacy interests must yield to the broader needs of public safety. There is no reason why companies like Apple cannot design their consumer products and apps to allow for court-authorized access by law enforcement while maintaining very high standards of data security. Striking this balance should not be left to corporate boardrooms. It is a decision to be made by the American people through their representatives.

Let's circle back to my observation above that a tool can be used for either good purposes or bad. That's the Justice Department's own argument, right? People are using encryption to hide crimes. Except, suddenly, when the Justice Department wants a key to bypass the encryption, suddenly it's possible to create a tool that can only be used by the "right" people.

That's not how encryption backdoors work. And as it has reminded us all every time this stupid argument rears its head, Apple responded yesterday with the same message. End-to-end encryption protects us because there aren't backdoors. Apple responded (via The Verge):

It is because we take our responsibility to national security so seriously that we do not believe in the creation of a backdoor—one which will make every device vulnerable to bad actors who threaten our national security and the data security of our customers. There is no such thing as a backdoor just for the good guys, and the American people do not have to choose between weakening encryption and effective investigations.

Customers count on Apple to keep their information secure and one of the ways in which we do so is by using strong encryption across our devices and servers. We sell the same iPhone everywhere, we don't store customers' passcodes and we don't have the capacity to unlock passcode-protected devices. In data centers, we deploy strong hardware and software security protections to keep information safe and to ensure there are no backdoors into our systems. All of these practices apply equally to our operations in every country in the world.

That's the reason why Wray and Barr keep appealing directly to lawmakers (some of whom are sadly too amenable) and aren't really trying to win over the public. They know full well that encryption backdoors and other security vulnerabilities can and are already used for malicious purposes by criminals and oppressive governments. They don't care, as long as they get access, too.

NEXT: Feminists Who Now Claim They Never Meant 'Believe All Women' Are Gaslighting Us

Editor's Note: We invite comments and request that they be civil and on-topic. We do not moderate or assume any responsibility for comments, which are owned by the readers who post them. Comments do not represent the views of Reason.com or Reason Foundation. We reserve the right to delete any comment for any reason at any time. Report abuses.

  1. A far better question would be, as it was with the 9/11 hijackers, why the Saudi ministry in charge of issuing exit visas to its citizens, gave this guy a clean bill of health when they had to know he was a jihadi shithead. He was 21 when he did the shootings. But 4 years ago, he was getting radicalized? That would be when he was still within the Kingdom. Which royal family member was he tied to that: 1) got him into a plum job like F-15 jockey to begin with, and 2) faded any government scrutiny into this shithead’s background?

    I thought Trump’s visit, and pushing MBS to take the reins, was supposed to stop anymore issues of the Gulf States exporting their problem children instead of kicking their asses at home?

    1. What is really bizarre is that he was radicalized and has been planning for 5 years and all he can do is shoot up a base?

      This fucking guy was going to be flying F15s! How is it possible that this masterful conspiracy enabled by encryption ended with him going on a gun rampage. That is the act of a crazy person, not some conspiracy.

      I guarantee that the FBI is lying here. And by the way, if they had no idea who this guy is, they’d never have gotten a warrant to break his encryption and look at what he was doing. The only way encryption back doors would have helped (if indeed he was part of some conspiracy) is if they were doing dragnet decryption of all messages from everyone.

      1. Bro you can stop talking to yourself, we know those are both you.

        1. Change Your Life Right Now! Work From Comfort Of Your Home And Receive Your First Paycheck Within A Week. No Experience Needed, No Boss Over Your Shoulder.cxc.. Say Goodbye To Your Old Job! Limited Number Of Spots Open…
          Find out how HERE……More here

          1. Weren’t you already told to stop talking to yourself?

        2. Sarah Paul Walker, Six months ago I lost my job and after that I was fortunate enough to stumble upon a great website which literally saved me• TGf I started working for them online and in a short time after I’ve started averaging 15k a month••• The best thing was that cause I am not that computer savvy all I needed was some basic typing skills and internet access to start•••

          This is where to start… For More Detail

  2. A. You’ve got to be awful damn stupid to think that Saudis aren’t radicalized from birth.

    B. You’ve got to be awful damned stupid to not understand end-to-end encryption and why Apple cannot just “break it” if they only wanted to.

    C. You’ve got to be awful damned stupid, as an al Qaeda fan, to break cover and shoot up a classroom instead of persevere, finish flight school, get access to real warplanes with real ammo, and do your damage then. Someone suggested he was about to be washed out and took what chance he had. Maybe the mainstream press just ignore that because it doesn’t fit the narrative.

    All speaks to intentional FUD instead of ignorance. But that doesn’t mean they aren’t also stupid and incompetent.

    1. yeah dude seems like mission-fail for sure.

      1. I Make Money At H0me.Let’s start work offered by Google!!Yes,this is definitely the most financially rewarding Job I’ve had . Last Monday I bought a great Lotus Elan after I been earning $9534 this-last/5 weeks and-a little over, $10k last month . . I started this four months/ago and immediately started to bring home minimum $97 per/hr

        Heres what I do…… Online Earn

    2. He’d have to be really bad for him to get washed out. From talking to people in the USAF, I thought the flight instructors had much different standards for students from things like the Royal Saudi Air Force vs. a USAF pilot candidate? I dunno if that holds true for people like NATO allies that come to the US for flight instruction.

      Not every Saudi is an Al Qaeda sympathizer. Doubt it’s even most of them. Doesn’t mean they won’t stand by and watch while the radical saws the infidel’s head off, but it does mean he’s not likely to be holding the saw.

      The really funny part of the tragic story was that he supposedly got really pissed off at one of the instructors bestowing the nickname “Porn Stache” upon him. A nickname (callsign if they’re dreaming) that most fighter pilots would kill kittens to get. Probably apocryphal though, or an attempt by the media to claim that American insensitivity helped drive the guy to AQ.

    3. You’ve got to be awful damned stupid to think we don’t know you said you eat your own shit SQLSRY.

      1. Says Chuck Buscuits, who likes to barbeque dead babies in her yeast-infected pussy juices, and isn’t too proud to tell us all about it!

  3. WTF good is bypassing (or crippling) encryption when one can easily communicate in code (spoken or otherwise) anyway? Example: I call you and say that “The blue bird has landed in the yellow tree, next to the black umbrella”, and in our gang, that means I ***DO*** have your qty 5 black-market cheap plastic, un-prescribed lung flutes ready to deliver to you now?

    NOT to suggest to ANYONE that is would be a good thing to traffic in said black-market cheap plastic, un-prescribed lung flutes!!! Mind you!!!

    To STAY YE SAFE from the lung flute police, in these here hazardous days, please read http://www.churchofsqrls.com/DONT_DO_THIS/ !!!!

    1. Het look you posted in the same thread as your sock and only 4 minutes apart shiteater.

      1. “Dear Abby” is a personal friend of mine. She gets some VERY strange letters! For my amusement, she forwards some of them to me from time to time. Here is a relevant one:

        Dear Abby, Dear Abby,
        My life is a mess,
        Even Bill Clinton won’t stain my dress,
        I whinny seductively for the horses,
        They tell me my picnic is short a few courses,
        My real name is Mary Stack,
        NO ONE wants my hairy crack!
        On disability, I live all alone,
        Spend desperate nights by the phone,
        I found a man named Richard Decker,
        But he won’t give me his hairy pecker!
        Decker’s pecker is reserved for farm beasts,
        I am beastly, yes! But my crack’s full of yeasts!

        So Dear Abby, that’s just a poetic summary… You can read about the Love of my Life, Richard Decker, here:
        https://www.washingtonpost.com/nation/2019/10/11/farmers-kept-refusing-let-him-have-sex-with-their-animals-so-he-sought-revenge-authorities-say/#comments-wrapper
        Farmers kept refusing to let him have sex with their animals. So he sought revenge, authorities say.
        Decker the hairy pecker told me a summary of his story as below:
        Decker: “Can I have sex with your horse?”
        Farmer: “Lemme go ask the horse.”
        Pause…
        Farmer: “My horse says ‘neigh’!”
        And THAT was straight from the horse’s mouth! I’m not horsin’ around, here, no mare!

        So Decker the hairy pecker told me that, apparently never even realizing just HOW DEEPLY it hurt me, that he was all interested in farm beasts, while totally ignoring MEEE!!

        So I thought maybe I could at least liven up my lonely-heart social life, by refining my common interests that I share with Richard Decker… I, too, like to have sex with horses!

        But Dear Abby, the horses ALL keep on saying “neigh” to my whinnying sexual advances!
        Some tell me that my whinnying is too whiny… Abby, I don’t know how to fix it!

        Dear Abby, please don’t tell me “get therapy”… I can’t afford it on my disability check!

        Now, along with my crack full of yeasts… I am developing anorexia! Some are calling me a “quarter pounder with cheese”, but they are NOT interested at ALL, in eating me!!! They will NOT snack on my crack!

        What will I DO, Dear Abby?!?!?

        -Desperately Seeking Horses, Men, or ANYTHING, in Fort Worth,
        Yours Truly,
        Mary Stack / Tulpa / Mary’s Period / “.” / Satan

  4. I have to assume that Barr supports more secretive powers for the people who tried, and failed, in their coup attempt against Trump because he thinks he can ensure that next time they won’t fail. Given the long and uninterrupted history of our “intelligence” agencies failures, I have to conclude that Barr is just as retarded as everybody else who insists government can drive down any nail of a problem if they just use a big enough hammer.

  5. Just tell Apple we need access to protect the transgender community from additional brutal attacks. They’ll fall all over themselves to comply.

  6. This has been a sticking point between Apple (and other tech companies) and the Justice Department for years now.

    Just out of curiosity: How many DOJ employees use Apple products?

    1. A lot. Plus a lot of other federal employees as well as some defense contractors. Many of them company issued so there’s potentially proprietary and other sensitive data on those phones that would suddenly be at risk if Billy boy Barr gets his wish.

      I’m really glad I didn’t vote for that cockstain back in 2008 when he was the LP presidential nominee.

      1. Are you confusing Bob Barr with William Barr? Bob Barr is a former Congressman from Georgia who was on the board of Directors for the NRA. William Barr was in the CIA before joining the DoJ back in the 90s and has been a part of the institution ever since.

  7. Two things, first I no longer think Barr might be a good guy and second Apple encryption must not be that great if they cracked it.

    1. I doubt they cracked the encryption itself. Apple probably just lifted the limit on the number of times they could enter a random passcode before the phone locked permanently. In other words, they basically succeeded at committing a social-engineering attack on a willing victim.

      1. “”The contentious immigration enforcement agency has expanded its work with Cellebrite, an Israeli data extraction company best known for offering to crack the San Bernardino shooter’s iPhone at the behest of the FBI in 2016. Cellebrite reportedly broke into the device for the Bureau, though the FBI disputed that story. The company’s technology can bypass most smartphones’ locks and download data from all their apps for law enforcement.””

        https://www.thedailybeast.com/ice-has-a-new-dollar30m-contract-with-israeli-phone-cracking-company-cellebrite

    2. Barr is fine for the shitty department he works in given their terrible history. The encryption is standard but implementation can be broken. It’s a cat and mouse game. Nobody has invented a perfect system that cannot be hacked. If they possess your device they can eventually find a way in.

    3. They of course had access to the physical device, at which point all bets are off when it comes to security given an actor with the time, money, and will to break in. They didn’t break any encryption.

  8. Who says the FBI are the Good Guys?

    1. Depends, who’s getting investigated?

      If it’s a D, the Rs think they are good credible guys. The Ds will disagree.
      If it’s a R, the Ds think they are good credible guys. The Rs will disagree.

    2. they do. What’s new?

  9. It’s funny that people like Barr expect me to believe that the “backdoor” wouldn’t end up in the wrong hands. Shit, every swinging dick in Washington D.C. would insist on having it, plus every other cop at every other level of government. That information wouldn’t stay secure for five fucking minutes.

    1. Well the FISA court will make sure procedures are followed. And the unmasking processes is only reserved for a select few investigators who are on a need to know basis. So I think the master encryption key is sure to be safely kept perhaps in the impenetrable Social Security lock box.

  10. After 9/11, it’s astonishing that we let any Saudi nationals loose in the country, let alone Saudis learning to fly airplanes.

    iPhones aren’t the problem, alliances with countries full of murderous religious head cases is the problem here.

  11. The Bureau has been whining about encryption (they like to call it “going dark”) since, at least, 2007. (I think I remember a debate about encryption during the Clinton Administration, as well.) They’ve gotten so used to being able to listen to phone calls and read email, they’ve forgotten how to conduct an investigation.

    Any back door into an encryption protocol is exploitable by any bad actor with the time, resources, and patience to try. It’s bad enough when the vulnerability is inadvertent. When it’s deliberate, you’re painting a big sign on your product that reads, “Exploit Me.” It’s like a bank posting a sign reading, “No alarms, no security. Rob us.”

  12. It could be possible with remote control android phones. It is a huge and real danger!

Please to post comments

Comments are closed.