Government Hackers Inc
Philip Giraldi, AmConMag, Apr 6 2016
The FBI court battle with Apple over the security system in place on iPhones appears to be over. But some experts in the communications security community are expressing concern because of the Bureau’s unwillingness to reveal what exactly occurred to end the stand-off. According to government sources speaking both on and off the record, the FBI succeeded in breaking through the Apple security measures with the assistance of an unidentified third party. The technique used was apparently not a one-off and is transferable as the Bureau has now indicated that it will be accessing data on a second phone involved in a murder investigation in Arkansas and is even considering allowing local police forces to share the technology. That means that the FBI and whatever other security and police agencies both in Pindostan and abroad it provides the information to will have the same capability, potentially compromising the security of all iPhones worldwide. The breakthrough in the case leads inevitably to questions about the identity of the company or individual that assisted the Bureau. It means that someone outside government circles would also have the ability to unlock the phones, information that could eventually wind up in the hands of criminals or those seeking to disrupt or sabotage existing telecommunications systems.
No security system is unbreakable if a sophisticated hacker is willing to put enough time, money and resources into the effort. If the hacker is a government with virtually unlimited resources the task is somewhat simpler as vast computer power will permit millions of attempts to compromise a phone’s operating system. In this case, the problem consisted of defeating an “Erase Data” feature linked to a passcode that had been placed on the target phone by Syed Farook, one of the shooters in December’s San Bernardino terrorist attack. Apple had designed the system so that 10 failures to enter the correct passcode would lock the phone and erase all the data on it. This frustrated FBI efforts to come up with the passcode by what is referred to as a “brute force” attack where every possible combination of numbers and letters is entered until the right code is revealed. Apple’s security software also was able to detect multiple attempts after entry of an incorrect passcode and slow down the process, meaning that in theory it would take five and a half years for a computer to try all possible combinations of a six-character alphanumeric passcode using numbers and lowercase letters even if it could disable the “Erase Data” feature. Speculation is that the FBI and its third party associate were able to break the security by circumventing the measure that monitors the number of unsuccessful passcode entries, possibly to include generating new copies of the phone’s NAND storage chip to negate the 10-try limit. The computer generated passcodes could then be entered again and again until the correct code was discovered. And, of course, once the method of corrupting the Erase Data security feature is determined it can be used on any iPhone by anyone with the necessary computer capability, precisely the danger that Apple had warned about when it refused to cooperate with the FBI in the first place.
Most of the Pindo mainstream media has been reluctant to speculate on who the third party that aided the FBI might be but the Israeli press has not been so reticent. They have identified a company called Cellebrite, a digital forensics company located in Israel. It is reported that the company’s executive vice president for mobile forensics Leeor (sic, but really I hate this idiot phoneticism, Lior would have been fine – RB) Ben-Peretz was recently in Faschingstein consulting with clients. Ben-Peretz is Cellebrite’s marketing chief, fully capable of demonstrating the company’s forensics capabilities. Cellebrite reportedly has worked with the FBI before, having had a contract arrangement entered into in 2013 to provide decryption services. Cellebrite was purchased by Japanese cellular telephone giant Sun Corp in 2007 but it is still headquartered and managed from Petach Tikva, Israel with a north American office in Parsippany NJ, and branches in Germany, Singapore and Brazil. It works closely with the Israeli police and intelligence services and is reported to have ties to both Mossad and Shin Bet. Many of its employees are former Israeli government employees who had worked in cyber-security and telecommunications. If Cellebrite is indeed the “third party” responsible for the breakthrough on the Apple problem, it must lead to speculation that the key to circumventing iPhone security is already out there in the small world of top level telecommunications forensic experts. It might reasonably be assumed that the Israeli government has access to the necessary technology, as well as Cellebrite’s Japanese owners. From there, the possibilities inevitably multiply.
Most countries obtain much of their high grade intelligence from communications intercepts. Countries like Israel, China, and France conduct much of their high-tech spying through exploitation of their corporate presence in the United States. Israel, in particular, is heavily embedded in the telecommunications industry, which permits direct access to confidential exchanges of information. Israel has in fact a somewhat shady reputation in Pindostan when it comes to telecommunications spying. Two companies in particular, Amdocs and Comverse Infosys, have at times dominated their market niches in Pindostan. Amdocs, which has contracts with many of the largest telephone companies in Pindostan that together handle 90% of all calls made, logs all calls that go out and come in on the system. It does not retain the conversations themselves, but the records provide patterns, referred to as “traffic analysis,” that can provide intelligence leads. In 1999, the NSA warned that records of calls made in Pindostan were winding up in Israel. Comverse Infosys, which dissolved in 2013 after charges of conspiracy, fraud, money laundering and making false filings, provided wiretapping equipment to law enforcement throughout Pindostan. Because equipment used to tap phones for law enforcement is integrated into the networks that phone companies operate, it cannot be detected. Phone calls were intercepted, recorded, stored, and transmitted to investigators by Comverse, which claimed that it had to be hands-on with its equipment to maintain the system. Many experts believe that it is relatively easy to create an internal cross-switch that permits the recording to be sent to a second party, unknown to the authorized law-enforcement recipient. Comverse was also believed to be involved with NSA on a program of illegal spying directed against Pindostanis at large..
Comverse equipment was never inspected by FBI or NSA experts to determine whether the information it collected could be leaked, reportedly because senior government managers blocked such inquiries. According to a Fox News investigative report, which was later deleted from Fox’s website under pressure from various pro-Israel groups, DEA and FBI sources said post-9/11 that even to suggest that Israel might have been spying using Comverse was “considered career suicide.” Some might argue that collecting intelligence is a function of government and that espionage, even between friends, will always take place. When it comes to smartphones, technical advances in phone security will provide a silver bullet for a time but the hackers, and governments, will inevitably catch up. One might assume that the recent revelations about the FBI’s capabilities vis-à-vis the iPhone indicate that the horse is already out of the stable. If Israel was party to the breaking of the security and has the technology it will use it. If the FBI has it, it will share it with other government agencies and even with foreign intelligence and security services. Absent from the discussion regarding Apple are the more than 80% of smartphones used worldwide that employ Android, the Google-developed operating system that has its own distinct security features designed to block government intrusion. The FBI is clearly driven by the assumption that all smartphones should be accessible to law enforcement. The next big telecommunications security court case might well be directed against Google.
Comey is attempting to minimize the damage:
FBI director says unlocking method won’t work on newer iPhones
Narottam Medhora, Dustin Volz, Reuters, Apr 7 2016
BENGALURU/ FASCHINGSTEIN – The FBI’s secret method for unlocking the iPhone 5c used by one of the San Bernardino shooters will not work on newer models, FBI Director James Comey said. “We have a tool that works on a narrow slice of phones,” Comey said at a conference on encryption and surveillance at Kenyon College in Ohio late on Wednesday. Apple’s shares were down 1.3% at midday. Comey added that the technique would not work on the iPhone 5s and the later models iPhone 6 and 6s. The iPhone 5c model was introduced in 2013 and has since been discontinued by Apple as newer models have become available. The Justice Dept said in March it had unlocked the San Bernardino shooter’s iPhone with the help of an unidentified third party and dropped its case against Apple, ending a high-stakes legal clash but leaving the broader fight over encryption unresolved. As the technique cannot be used to break into newer models, law enforcement authorities will likely have to lean on Apple to help them access the devices involved in other cases. The Justice Dept has asked a New York court to force Apple to unlock an iPhone 5s related to a drug investigation. Prosecutors in that case said they would update the court by Apr 11 on whether it would “modify” its request for Apple’s assistance. If the government continues to pursue that case, the technology company could potentially use legal discovery to force the FBI to reveal what technique it used, a source familiar with the situation told Reuters. Apple and the FBI were not immediately available for comment. The FBI began briefing selected Congress critturs this week about the method used to unlock the San Bernardino iPhone. Up to Wednesday’s close of $110.96, Apple’s shares had risen more than 5% this year.