emptywheel

Friday Morning: Some Place Warm

Published April 1, 2016 | By Rayne

Warm, like the Philippines, the home of the Manila sound. It’s Friday once again and today’s jazz genre is the precursor to Pinoy rock (like Freddie Aguilar’s Anak) and Pinoy hip hop (like Andrew E’s Binibirocha).

The Manila sound emerged under Ferdinand Marcos’ regime; wish I knew more about this body of work to identify songs which pushed the envelope politically. You can still hear the ghost-like impact more than 300 years of Spanish colonialism in some riffs, shaped by other Asian and American influences.

Think I’ll try a mix mix cocktail later today with a little more contemporary Filipino jazz.

Coincidentally, “mix mix” is an apt description for this morning’s post. A lot of smallish, unrelated items in my inbox today…

The canary that didn’t chirp
Reddit may have received a National Security Letter, based on the disappearance of a notice in transparency reporting which up to now indicated no NSLs had been received. Was an NSL sent to Reddit in response to an online discussion last year with Edward Snowden, Laura Poitras, and Glenn Greenwald? Or did some other content trigger a possible NSL?

Department of Homeland Security’s Cyber Security Division wants to fix open source software
“Hello, we’re from the government. We’re here to help you.” Uh-huh. Color me skeptical about this initiative intended to reduce vulnerabilities in open source software. when the government finds a way to insert itself into technology, it’s an opportunity for co-option and compromise. Can you say ‘backdoor’?

Fixing a problem with business iPhones may create a new one
A key reason the USDOJ went after Apple to crack the passcode on the San Bernardino shooter’s iPhone: poor or missing mobile device management software. Had the iPhone’s owner and issuer San Bernardino County installed an MDM app that could override the assigned user’s passcode, the FBI would have had immediate access to the iPhone’s contents. Employers are likely moving toward more and better MDM to prevent a future costly #AppleVsFBI situation. However, the new SideStepper malware is spreading and taking advantage of MDM’s ability to push software to enterprise-owned iPhones without the users’ approval.

FCC’s very busy Thursday

FCC approved a $9.25 monthly subsidy for Lifeline-eligible low-income folks to use on high-speed internet service. Now if only high-speed internet was less than $10/month, or available across the U.S. to all low-income citizens…there are still wide swaths of the U.S. where high-speed internet is simply a pipe dream, let alone adequate competition to keep prices within reach of the subsidy.
The subsidy’s approval came amid a lot of political scrambling and maneuvering due to conservatives’ resistance on spending (what a surprise, right?), though the investment should increase the number of users able to access state and federal programs online, reducing costs to operate them over the long run.
The FCC also voted to proceed with rulemaking on the handling of users’ personal information over ISPs. Privacy is currently regulated on telecommunications by the FCC, but not on ISPs. Implementing rules on ISPs substantially similar to telecoms may protect consumers’ privacy, which is otherwise wide open. It would also force more equitable competition between ISPs and telecoms on consumer communications services. Perhaps this makes it easier to understand why NBC and MSNBC — both owned by cable ISP company Comcast — have been completely in the tank for Donald Trump? (Might even explain why Trump was such an ass to Univision’s Jorge Ramos, as Comcast owns competitor Telemundo.)

Today in literacy

Participating in a book club could land you in prison in Angola (QZ) — There’s either more to this story, or Angola is incredibly repressive and ripe for trouble.
Fairy tales, now with more firearms (NPR) — The idiots at NRA think there’s not enough violence in fairy tales, so they’ve rewritten them with weapons added. Distorting the Constitution isn’t enough; why not distort children’s fiction, too?
Lawful Hacking: using Existing Vulnerabilities for Wiretapping on the Internet (Northwestern Journal of Technology and Intellectual Property) — Not a book, but a worthwhile read for infosec literacy.

Public Service Announcement: Backup/Alternate Site
You may have noticed the site’s connectivity going up and down; there’s some tinkering going on under the hood. If the site should go down for long, you can find our more recent content at this alternate site (bookmark for emergency use). If the site needs to stay down for longer periods of time for repairs or redesign, we’ll redirect traffic there. Comments left at the other site will not be ported back to this page, however, and the alternate location is not intended to replace this one though you may find you like the alternate site’s mobile version better.

That’s a wrap, I’m off to find some calamondins, or an approximation for a mix mix cocktail. Have a good weekend!

Posted in Culture, Cybersecurity | Tagged 2016 AM roundup, Angola, Cyber Security Division, DHS, FCC, iPhone, Lifeline, NRA, NSL, reddit, SideStepper | 2 Comments

Thursday Morning: Taboo You

Published March 31, 2016 | By Rayne

Still on spring break around here. If I was legit on a road trip some place warm right now, you’d find me lounging in the sun, sipping fruity cocktails at all hours, listening to some cheesy exotica like this Arthur Lyman piece I’ve shared here.

Though horribly appropriative and colonialist, it’s hard not to like exotica for its in-your-face corniness. I think my favorite remains Martin Denny’s Quiet Village. It brings back memories from the early 1960s, when life was pretty simple.

Let’s have a mai tai for breakfast and get on with our day.

Urgent: Increasing number of hospitals held ransom
Last month it was just one hospital — Hollywood Presbyterian Medical Center paid out bitcoin ransom.

Last week it was three — two Prime Healthcare Management hospitals in California and a Methodist Hospital in Kentucky held hostage.

Now, an entire chain of hospitals has been attacked by ransomware, this time affecting the servers of 10 related facilities in Maryland and Washington DC. The FBI is involved in the case. Is this simple extortion or terrorism? The patients diverted from the facilities to other hospitals’ emergency rooms probably don’t care which it is — this latest attack interfered with getting care as quickly as possible. Let’s hope none of the diverted patients, or those already admitted into the MedStar Union Memorial Hospital chain, have been directly injured by ransomware’s impact on the system.

The MedStar cases spawns many questions:

Was any patient’s physical health care negatively affected by the ransomware attack?
Given the risks to human health, why aren’t hospitals better prepared against ransomware?
Have hospitals across the country treated ransomware as a potential HIPAA violation?
Was MedStar targeted because of its proximity to Washington DC?
Was Hollywood Presbyterian Medical Center targeted because its owner, CHA Medical Center, is South Korean?
Were any patients being treated at MedStar also affected by the OPM data breach, or other health insurance data breaches?
How much will ransomware affect U.S. healthcare costs this year and next?

Bet you can think of a couple more questions, too, maybe more than a couple after reading this:

Hospitals are considered critical infrastructure, but unless patient data is impacted there is no requirement to disclose such hackings even if operations are disrupted.

Computer security of the hospital industry is generally regarded as poor, and the federal Health and Human Services Department regularly publishes a list of health care providers that have been hacked with patient information stolen. The agency said Monday it was aware of the MedStar incident.

Apple iPhone cases emerge
After the San Bernardino #AppleVsFBI case, more law enforcement investigations relying on iPhones are surfacing in the media.

L.A. police crack open iPhone with fingerprints obtained under warrant (Forbes);
FBI will assist county prosecutor in Arkansas with iPhone belonging to alleged teen killer (Los Angeles Times); the method may be the same hack used on the San Bernardino phone, which was supposed to be a one-off (Network World);
ACLU found 63 other cases in which FBI used All Writs Act to obtain iPhone/Android smartphone data from Apple and Google (The Register).

Stupid stuff

In spite of screwing up not once but twice by releasing its racist, obnoxious Tay AI chatbot, Microsoft tripled down on a future full of chatbots you can build yourself with their tools. (Ars Technica) — Ugh. The stupid…
UK’s Ministry of Defense awarded funding to Massive Analytics for work on “Artificial precognition and decision-making support for persistent surveillance-based tactical support” (Gov.UK) — OMG Precog in warfare. Human-free drone attacks. What could go wrong?
Rich white guys queue up outside Tesla dealerships for days waiting to pre-order the new Tesla 3 (Vancity Buzz) — Vancouver, Sydney, probably other places I’m too arsed to bother with, because rich white guys.

That’s quite enough. Back to pretending I’m lying under a cerulean sky, baking my tuchis, cold drink in hand.

Posted in Culture, Cybersecurity, Health Policy | Tagged 2016 AM roundup, AI, Apple, chatbot, health care, iPhone, Microsoft, ransomware | 22 Comments

Bob Litt Spins Sharing NSA-Collected Comms with DEA and FBI as Harmless

Published March 30, 2016 | By emptywheel

ODNI General Counsel Bob Litt has a pretty amusing post attempting to reassure us about the imminent change permitting the NSA to share intelligence it collects under EO 12333 more broadly. As part of it, he suggests that EO 12333 “imposes additional restrictions” (which amount to the procedures he is currently developing in secret) on the sharing of SIGINT.

Executive Order 12333 generally allows intelligence information to be shared within the Intelligence Community, in order to allow agencies to determine whether that information is relevant to their mission, but imposes additional restrictions on the sharing of signals intelligence, requiring that that be done only in accord with procedures established by the Director of National Intelligence in coordination with the Secretary of Defense, and approved by the Attorney General.

What Litt neglects to say is this was actually a change that the Bush Administration implemented in 2008, without fully consulting Congress. It likely wasn’t a change at all but instead a belated effort to change EO 12333 to reflect that the Executive really had secretly been doing since 2002. But it’s not something that even Saint Ronny thought necessary when he first implemented EO 12333.

Litt goes on to insist that we don’t need to worry our pretty little heads about this because the NSA will only [emphasis Litt’s] be sharing with elements of the intelligence community and only for foreign intelligence and CI purposes.

These procedures will thus not authorize any additional collection of anyone’s communications, but will only provide a framework for the sharing of lawfully collected signals intelligence information between elements of the Intelligence Community. Critically, they will authorize sharing only with elements of the Intelligence Community, and only for authorized foreign intelligence and counterintelligence purposes; they willnot authorize sharing for law enforcement purposes. They will require individual elements of the Intelligence Community to establish a justification for access to signals intelligence consistent with the foreign intelligence or counterintelligence mission of the element. And finally, they will require Intelligence Community elements, as a condition of receiving signals intelligence, to apply to signals intelligence information the kind of strong protections for privacy and civil liberties, and the kind of oversight, that the National Security Agency currently has.

As a threshold matter, both FBI and DEA are elements of the intelligence community. Counterterrorism is considered part of FBI’s foreign intelligence function, and cyber investigations can be considered counterintelligence and foreign intelligence (the latter if done by a foreigner). International narcotics investigations have been considered a foreign intelligence purpose since EO 12333 was written.

In other words, this sharing would fall squarely in the area where eliminating the wall between intelligence and law enforcement in 2001-2002 also happened to erode fourth amendment protections for alleged Muslim (but not white supremacist) terrorists, drug dealers, and hackers.

So make no mistake, this will degrade the constitutional protections of a lot of people, who happen to be disproportionately communities of color.

And without more details, you should be very skeptical of Litt’s assurances that the FBI and DEA and other receiving IC elements will have to, “apply to signals intelligence information the kind of strong protections for privacy and civil liberties, and the kind of oversight, that the National Security Agency currently has.” While both CIA and FBI had to adopt minimization procedures before receiving raw 702 data (the equivalent of what is being done here), those minimization procedures are actually more permissive than NSA’s. Significantly, both agencies are permitted to copy the metadata they receive in bulk, basically so they can dump that data into their own metadata databases. And, barring the publication of the newly more restrictive guidelines on FBI’s back door searches, we should assume EO 12333 back door searches, like FBI’s 702 back door searches at least until recently, aren’t even tracked closely, much less noticed to defendants.

I also suspect that Treasury will be a likely recipient of this data; as of February 10, Treasury still did not have written EO 12333 protections that were mandated 35 years ago (and DEA’s were still pending at that point).

All of which is to say Litt’s reassurances shouldn’t reassure you at all.

Posted in EO 12333 | Tagged Bob Litt | 2 Comments

Wednesday Morning: Breaking Spring

Published March 30, 2016 | By Rayne

In the Spring a livelier iris changes on the burnish’d dove;
In the Spring a young man’s fancy lightly turns to thoughts of love.

— excerpt, Locksley Hall by Alfred, Lord Tennyson

Welcome to spring break. And by break, I mean schedules are broken around here. Nothing like waiting up until the wee hours for a young man whose fancy not-so-lightly turned to love, because spring.

~yawn~

While the teenager lies abed yet, mom here will caffeinate and scratch out a post. It may be early afternoon by the time I get over this spring-induced sleep deprivation and hit the publish button.

Apple blossoms — iPhones and iPads, that is
Not much blooming on the #AppleVsFBI front, where Apple now seeks information about the FBI’s method for breaking into the San Bernardino shooter’s iPhone 5C. The chances are slim to none that the FBI will tell Apple anything. Hackday offers a snappy postmortem about this case with an appropriate amount of skepticism.

I wonder what Apple’s disclosure will look like about this entire situation in its next mandatory filing with the SEC? Will iPhone 5C users upgrade to ditch the undisclosed vulnerability?

What if any effect will the iPhone 5C case have on other criminal cases where iPhones are involved — like the drug case Brooklyn? Apple asked for a delay in that case, to assess its position after the iPhone 5C case. We’ll have to wait until April 11 for the next move in this unfolding crypto-chess match.

In the meantime, spring also means baseball, where new business blossoms for Apple. Major League Baseball has now signed with Apple for iPads in the dugout. Did the snafu with Microsoft’s Surface tablets during the NFL’s AFC championship game persuade the MLB to go with Apple?

Volkswagen coasting
It’s downhill all the way for VW, which missed last week its court-imposed 30-day deadline to offer a technical solution on its emissions standards cheating “clean diesel” passenger vehicles. If there was such a thing as “clean diesel,” VW would have met the deadline; as I said before, there’s no such thing as “clean diesel” technology. The judge allowed a 30-day extension to April 24, but my money is on another missed deadline. Too bad there’s not a diesel engine equivalent of Cellebrite, willing to offer a quick fix to VW or the court, huh?

Of note: former FBI director Robert Mueller has been named “special master” on this case by Judge Charles Breyer; Mueller has been meeting with all the parties involved. What the heck is a “special master”? We may not have a ready answer, but at least there’s a special website set up for this case, In re: Volkswagen “Clean Diesel” MDL.

The cherry on top of this merde sundae is the Federal Trade Commission’s lawsuit filed yesterday against VW for false advertising promoting its “clean diesel” passenger cars.

With no bottom yet in sight, some are wondering if VW will simply exit the U.S. market.

Automotive odd lot

Jury says GM’s ignition switch was bad, but not at fault in a 2014 accident in New Orleans (Reuters) — Keep an eye on media representation of this case. Headline on this one focused on the switch, not the jury’s decision.
Car-to-car communications will be road tested soon (MIT Technology Review) — This technology might have prevented Google’s self-driving car from getting crunched by a bus recently.
Dude demonstrates his hack of Alexa + Raspberry Pi + OBDLink to remote start his car (Gizmodo) — What. even.

Did Tennyson write anything about spring spawning naps? Because I feel like I need one. Hope we’re back in the groove soon. See you in the morning.

Posted in automobiles, Culture, Cybersecurity | Tagged #AppleVsFBI, 2016 AM roundup, Amazon Alexa, Apple, FBI, GM, ignition switch, iPad, iPhone, MLB, San Bernardino shooting, Volkswagen, VW | 6 Comments

The Origins of Totalitarianism Part 7: Superfluous People

Published March 29, 2016 | By Ed Walker

The last chapter of Hannah Arendt’s The Origins of Totalitarianism is devoted to discussion of the totalitarian regime, which comes when the totalitarian movement has taken power. Arendt says that totalitarian movements don’t offer a specific program for government. Instead, they propose to operate under a “scientific” program. For the Nazis, this was the law of nature with its eternal progress towards perfection, which Arendt thinks arises from a skewed form of Darwinism. For the Communists it was the laws of history as supposedly discovered by Marx. Once in power, the totalitarian regime becomes an instrument for the will of the leader, who in turn is an instrument for imposing and acting out those laws. It is here that Arendt takes up the issue of concentration camps. She says that they are instruments for studying ways to reduce individuals to oblivion, to being superfluous, which is the goal of totalitarianism.

Men insofar as they are more than animal reaction and fulfillment of functions are entirely superfluous to totalitarian regimes. Totalitarianism strives not toward despotic rule over men, but toward a system in which men are superfluous. Total power can be achieved and safeguarded only in a world of conditioned reflexes, of marionettes without the slightest trace of spontaneity. Precisely because man’s resources are so great, he can be fully dominated only when he becomes a specimen of the animal-species man.

…

The totalitarian attempt to make men superfluous reflects ihe experience of modern masses of their superfluity on an overcrowded earth. The world of the dying, in which men are taught they are superfluous through a way of life in which punishment is meted out without connection with crime, in which exploitation is practiced without profit, and where work is performed without product, is a place where senselessness is daily produced anew. Yet, within the framework of the totalitarian ideology, nothing could be more sensible and logical; if the inmates are vermin, it is logical that they should be killed by poison gas; if they are degenerate, they should not be allowed to contaminate the population; if they have “slave-like souls” (Himmler), no one should waste his time trying to re-educate them. … P. 457.

Why is it necessary that people become superfluous? The answer appears in the final chapter, Ideology and Terror: A Novel Form of Government. Ideologies are “… isms which to the satisfaction of their adherents can explain everything and every occurrence by deducing it from a single premise…”. P.468. They are the scientific programs offered by totalitarian movements as the organizing principles of societies. For Arendt, the Nazi ideology revolves around the idea of the laws of nature, of blood, while the Communist ideology revolves around the historical laws of Marxism. In both cases, human beings are in the way of the historical forces, and must be forcibly denied the ability to interfere with the primal force.

Terror is the realization of the law of movement; its chief aim is to make it possible for the force of nature or of history to race freely through mankind, unhindered by any spontaneous human action. As such, terror seeks to “stabilize” men in order to liberate the forces of nature or history. It is this movement which singles out the foes of mankind against whom terror is let loose, and no free action of either opposition or sympathy can be permitted to interfere with the elimination of the “objective enemy” of History or Nature, of the class or the race. Guilt and innocence become senseless notions; “guilty” is he who stands in the way of the natural or historical process which has passed judgment over “inferior races,”, over individuals “unfit to live,” over “dying classes and decadent peoples.” Terror executes these judgments, and before its court, all concerned are subjectively innocent: the murdered because they did nothing against the system, and the murderers because they do not really murder but execute a death sentence pronounced by some higher tribunal. The rulers themselves do not claim to be just or wise, but only to execute historical or natural laws; they do not apply laws, but execute a movement in accordance with its inherent law. Terror is lawfulness, if law is the law of the movement of some supra-human force, Nature or History. P. 465.

That idea, the idea of the unrestrained movement of supra-human forces, should sound familiar. That’s how Arendt described Imperialism, the early form of unrestrained capitalism. It also describes today’s world as seen by the architects of neoliberalism. They warn that everyone loses if The Market is subjected to even the slightest restraint, whether to movement of jobs and capital overseas or to prohibit dumping toxins into earth, air and water. They insist that foreign limitations on patents and copyrights are impossible restraints. They preach that the only legitimate goal of government is to enforce property rights to the utter maximum. For them, the restless movement of money in the hands of the rich and powerful operates in accordance with its own internal logic, logic which cannot be questioned by quasi-humans not gifted with the power to control vast sums of wealth. They tell us that The Market knows all and fixes everything as long as we mere humans do not interfere with its workings. Neoliberal capitalism is a form of supra-human force that Arendt warned us about.

Neoliberalism forms world view of movement conservatives. Here’s an article in the National Review on this issue by one Kevin Williamson. :

The truth about these dysfunctional, downscale communities is that they deserve to die. Economically, they are negative assets. Morally, they are indefensible. Forget all your cheap theatrical Bruce Springsteen crap. Forget your sanctimony about struggling Rust Belt factory towns and your conspiracy theories about the wily Orientals stealing our jobs. Forget your goddamned gypsum, and, if he has a problem with that, forget Ed[mund] Burke, too. The white American underclass is in thrall to a vicious, selfish culture whose main products are misery and used heroin needles. Donald Trump’s speeches make them feel good. So does OxyContin. What they need isn’t analgesics, literal or political. They need real opportunity, which means that they need real change, which means that they need U-Haul.

Williamson’s NRO colleague David French agrees:

My childhood was different from Kevin’s, but I grew up in Kentucky, live in a rural county in Tennessee, and have seen the challenges of the white working-class first-hand. Simply put, Americans are killing themselves and destroying their families at an alarming rate. No one is making them do it. The economy isn’t putting a bottle in their hand. Immigrants aren’t making them cheat on their wives or snort OxyContin. Obama isn’t walking them into the lawyer’s office to force them to file a bogus disability claim.

For generations, conservatives have rightly railed against deterministic progressive notions that put human choices at the mercy of race, class, history, or economics. Those factors can create additional challenges, but they do not relieve any human being of the moral obligation to do their best.

Williamson and French agree that the white working-class people are superfluous, and so are their communities and their way of life. Millions of them should just hire U-Hauls and move to the blessed land of plentiful jobs. They must all lose themselves and their way of life to the inexorable laws of movement, only this time, it’s the inexorable laws of neoliberalism, of rampant unrestrained capitalism. By those rules, individuals cannot act collectively, through unions or through active government. They are permitted to act collectively in their Churches, which emphasize their helplessness in this world except through the will of the Almighty, and therefore pose no real threat to the interests of the rich and powerful.

These white working-class people and their communities aren’t economically viable, and nothing can or should be done to make things different. They should surrender to the external and ungovernable force of hyper-capitalism. They are superfluous, and if they die in misery, leaving their families in poverty, it’s just the natural law of economic freedom working itself out in the passive voice, with the invisible hand of the rich and powerful hidden in a fog of words.

Index to prior posts in this series

Posted in 2016 Presidential Election, Economics | Tagged Fascism, Hannah Arendt, Marxism, neoliberalism, Terror, The Origins of Totalitarianism, unrestrained capitalism | 15 Comments

With Upcoming David Medine Departure, Will PCLOB Slip Back into Meaninglessness?

Published March 29, 2016 | By emptywheel

The Chair of the Privacy and Civil Liberties Oversight Board, David Medine, has announced he will resign effective July 1 to work with a development organization “advising on data privacy and consumer protection for lower-income financial consumers.”

The move comes not long after Congress has, in several ways, affirmatively weakened or unexpectedly stopped short of expanding PCLOB’s mandate, by ensuring it could not review any covert programs, and by eliminating a PCLOB oversight role under OmniCISA.

In Medine’s statement, he promised the board would continue to work on their examination of CT activities relating to EO 12333.

I look forward to continuing to work on PCLOB’s current projects until my departure. I am pleased to know that, even after my departure, the Board Members and our dedicated staff remain committed to carrying forward the Board’s critical work, including its ongoing examination of counterterrorism activities under Executive Order 12333.

The EO 12333 approach (and the two CIA programs to examine) was formally approved July 1, a year to the day before Medine’s departure. It was initially scheduled to be done by the end of last year. But in their most recent semi-annual report (released at the end of December), PCLOB noted they were just starting on their public report.

In July, the Board voted to approve two in-depth examinations of CIA activities conducted under E.O. 12333. Board staff has subsequently attended briefings and demonstrations, as well as obtained relevant documents, related to the examinations. The Board also received a series of briefings from the NSA on its E.O. 12333 activities. Board staff held follow-up sessions with NSA personnel on the topics covered and on the agency’s E.O. 12333 implementing procedures. Just after the conclusion of the Reporting Period, the Board voted to approve one in-depth examination of an NSA activity conducted under E.O. 12333. Board staff are currently engaging with NSA staff to gather additional information and documents in support of this examination. Board staff also began work developing the Board’s public report on E.O. 12333, described above.

So while Medine promises PCLOB will continue to work on the EO 12333 stuff, I do worry that it will stall after his departure. I’m concerned, as well, about the makeup of the board. Board member Jim Dempsey’s term officially ended on January 29, though President Obama nominated him for another term on March 17, which means he will serve out 2016 (I believe as a temporary appointment until the end of the congressional term, but am trying to confirm; Update: this stems from PCLOB’s statute, but the appointment would extend through the end of the Congressional term), and longer if and when the Senate confirms him. But Medine’s departure will leave 2 members (counting Dempsey) who have been firmly committed to conducting this review, Rachel Brand, who has been lukewarm but positive, and Elisabeth Collins Cook who was originally opposed. That is, unless Medine is replaced in timely fashion (and given that this is a multiple year appointment, Republicans would have incentive to stall to get a GOP Chair), the board may be split on its commitment to investigating these issues.

There are a few other things happening on the EO 12333 front. Most urgently, the Intelligence Community is as we speak implementing new procedures for the sharing of EO 12333 with law enforcement agencies. PCLOB was involved in a review of those procedures, and had successfully pressed for more controls on the FBI’s back door access to 702 data (which is one reason I find the timing of Medine’s departure of particular concern). Two years after PCLOB first outed Treasury as having no EO 12333 implementing guidelines, they still have none.

That is, particularly after Congress’ successful attempts at undercutting PCLOB’s power, Medine’s departure has me seriously worried about whether the Intelligence Committee is willing to undergo any scrutiny of its EO 12333 activities.

Posted in EO 12333 | Tagged David Medine, Jim Dempsey, PCLOB | 3 Comments

The StuxNet Team Reunion

Published March 28, 2016 | By emptywheel

On Thursday, DOJ had a big dog and pony show over the indictment of 7 Iranians in connection with cyberattacks on US banks and a small dam in suburban NY.

A grand jury in the Southern District of New York indicted seven Iranian individuals who were employed by two Iran-based computer companies, ITSecTeam (ITSEC) and Mersad Company (MERSAD), that performed work on behalf of the Iranian Government, including the Islamic Revolutionary Guard Corps, on computer hacking charges related to their involvement in an extensive campaign of over 176 days of distributed denial of service (DDoS) attacks.

Ahmad Fathi, 37; Hamid Firoozi, 34; Amin Shokohi, 25; Sadegh Ahmadzadegan, aka Nitr0jen26, 23; Omid Ghaffarinia, aka PLuS, 25; Sina Keissar, 25; and Nader Saedi, aka Turk Server, 26, launched DDoS attacks against 46 victims, primarily in the U.S financial sector, between late 2011 and mid-2013. The attacks disabled victim bank websites, prevented customers from accessing their accounts online and collectively cost the victims tens of millions of dollars in remediation costs as they worked to neutralize and mitigate the attacks on their servers. In addition, Firoozi is charged with obtaining unauthorized access into the Supervisory Control and Data Acquisition (SCADA) systems of the Bowman Dam, located in Rye, New York, in August and September of 2013.

I agree with Jack Goldsmith about this: It’s pretty comical that the country that disrupted major installments in Iran is now indicting Iranians for DDOS attacks on instruments of power that the US used to attack Iran, the nation’s banks. It invites a similarly theatrical indictment of Keith Alexander.

The U.S. indictment is not premised on an international law violation. It is based on violation of U.S. law for harm the Iranians caused inside the United States. The Iranians could invoke precisely the same principle: An Iran indictment for the U.S. cyberattacks would be based on a violation of Iranian domestic law for harm caused in Iran by U.S. officers. In short, the cyberattacks from each nation violated the criminal laws of the other nation.

The United States is likely less concerned with charges of hypocrisy than with deterring attacks on its financial infrastructure. Attorney General Lynch said yesterday that the indictment sends “a powerful message: that we will not allow any individual, group, or nation to sabotage American financial institutions or undermine the integrity of fair competition in the operation of the free market.” FBI Director James B. Comey added: “By calling out the individuals and nations who use cyber-attacks to threaten American enterprise, as we have done in this indictment, we will change behavior.”

But will the indictments change behavior? The Iranians will almost certainly never appear in the United States and thus never go to trial. John Carlin, the Justice Department’s top national security lawyer, argued late last year that indictments for cybercrimes can contribute to deterrence even if the defendants are never prosecuted because they expose the responsible actors and demonstrate more broadly that the United States has powerful tools to discover and identify those behind cyberattacks. “The world is small, and our memories are long,” Director Comey said yesterday, explaining the government’s deterrence logic. “People often like to travel for vacation or education, and we want them looking over their shoulder.”

It is hard to assess whether the deterrence effect of the indictments will be large enough to stop further attacks on financial infrastructure or so small that they invite more attacks. Moreover, any deterrence achieved by the indictments comes at the cost of exposing U.S. intelligence capabilities and inviting similarly theatric retaliatory indictments.

The timing of this particular theatrical indictment is all the more interesting given that — as Josh Gerstein points out — the actual indictment was handed up in January, just after the nuclear deal and prisoner swap with Iran was finalized.

The indictment, handed up by a grand jury in Manhattan on Jan. 21 and unsealed Thursday, charges seven Iranian nationals with launching a cyber assault that impaired the computer systems of major U.S. financial institutions in 2012. One of the defendants is also charged with attempting to take over the controls of a dam in Rye, N.Y.

On the weekend of Jan. 16, the U.S. and Iran implemented the intensely negotiated nuclear deal and carried out a prisoner swap. Under the pact, at least four Americans were released from Iranian prisons, including Washington Post reporter Jason Rezaian. President Barack Obama signed pardons or commutations for seven Iranian nationals who were the subject of U.S. criminal cases alleging export violations. Cases were dropped against 14 other Iranians U.S. officials said were unlikely ever to be brought to justice in American courts.

All the more so given this news: last week (apparently after Thursday), Admiral Mike Rogers had a “secret” meeting with Israel’s Intelligence Corps Unit 8200, the unit CyberCom partnered with on the StuxNet attack.

The senior Israeli official noted that one of the subjects that Rogers discussed in Israel was cooperation in the field of cyber defense, particularly in the face of attacks from Iran and Hezbollah. A few days before Rogers’ arrival in Israel, the U.S. Justice Department filed indictments for the first time against a group of Iranian hackers on charges of carrying out cyber attacks on banks and essential infrastructure in the U.S. three years ago at the behest of the Iranian Revolutionary Guards. Israel has also faced cyber attacks from Iran and Hezbollah, which according to senior IDF officers were prominent during the fighting with Hamas and its allies in Gaza in the summer of 2014, but have risen in intensity in recent months.

It seems, then, unsealing the indictment is not so much about deterrence, as it is a show (though I’m unclear on the audience — the international public? or the Israelis themselves?) as Israel and the US prepare to ratchet up the cyberwar against Iran.

Reminder: We shut down some functionality in an attempt to isolate the issues that crashed the site last Thursday. We’re getting closer but still have comments shut down. Bear with us!

Posted in Cybersecurity, WMD | Tagged Admiral Mike Rogers, IDF 8200

Battening Down the Hatches — Stand By

Published March 25, 2016 | By emptywheel

As a few of you have noticed, the site has been misbehaving since Friday afternoon. We are working on the problem, but for now have battened down the hatches to try to isolate the problem. As part of that we have shut down commenting.

Please bear with us! As always, I’ll be commenting excessively [email protected] on Twitter if you need a fix.

Posted in Uncategorized

DOJ Claims the Cybersecurity Related OLC Memo Is Also A Stellar Wind Memo

Published March 24, 2016 | By emptywheel

I’ve written a bunch of times about an OLC memo Ron Wyden keeps pointing to, suggesting it should be declassified so we all can know what outrageous claims DOJ made about common commercial service agreements. Here’s my most complete summary from Caroline Krass’ confirmation process:

Ron Wyden raised a problematic OLC opinion he has mentioned in unclassified settings at least twice in the last year (he also wrote a letter to Eric Holder about it in summer 2012): once in a letter to John Brennan, where he described it as “an opinion that interprets common commercial service agreements [that] has direct relevance to ongoing congressional debates regarding cybersecurity legislation.” And then again in Questions for the Record in September.

Having been ignored by Eric Holder for at least a year and a half (probably closer to 3 years) on this front and apparently concerned about the memo as we continue to discuss legislation that pertains to cybersecurity, he used Krass’ confirmation hearing to get more details on why DOJ won’t withdraw the memo and what it would take to be withdrawn.

Wyden: The other matter I want to ask you about dealt with this matter of the OLC opinion, and we talked about this in the office as well. This is a particularly opinion in the Office of Legal Counsel I’ve been concerned about — I think the reasoning is inconsistent with the public’s understanding of the law and as I indicated I believe it needs to be withdrawn. As we talked about, you were familiar with it. And my first question — as I indicated I would ask — as a senior government attorney, would you rely on the legal reasoning contained in this opinion?

Krass: Senator, at your request I did review that opinion from 2003, and based on the age of the opinion and the fact that it addressed at the time what it described as an issue of first impression, as well as the evolving technology that that opinion was discussing, as well as the evolution of case law, I would not rely on that opinion if I were–

Wyden: I appreciate that, and again your candor is helpful, because we talked about this. So that’s encouraging. But I want to make sure nobody else ever relies on that particular opinion and I’m concerned that a different attorney could take a different view and argue that the opinion is still legally valid because it’s not been withdrawn. Now, we have tried to get Attorney General Holder to withdraw it, and I’m trying to figure out — he has not answered our letters — who at the Justice Department has the authority to withdraw the opinion. Do you currently have the authority to withdraw the opinion?

Krass: No I do not currently have that authority.

Wyden: Okay. Who does, at the Justice Department?

Krass: Well, for an OLC opinion to be withdrawn, on OLC’s own initiative or on the initiative of the Attorney General would be extremely unusual. That happens only in extraordinary circumstances. Normally what happens is if there is an opinion which has been given to a particular agency for example, if that agency would like OLC to reconsider the opinion or if another component of the executive branch who has been affected by the advice would like OLC to reconsider the opinion they will come to OLC and say, look, this is why we think you were wrong and why we believe the opinion should be corrected. And they will be doing that when they have a practical need for the opinion because of particular operational activities that they would like to conduct. I have been thinking about your question because I understand your serious concerns about this opinion, and one approach that seems possible to me is that you could ask for an assurance from the relevant elements of the Intelligence Community that they would not rely on the opinion. I can give you my assurance that if I were confirmed I would not rely on the opinion at the CIA.

Wyden: I appreciate that and you were very straightforward in saying that. What concerns me is unless the opinion is withdrawn, at some point somebody else might be tempted to reach the opposite conclusion. So, again, I appreciate the way you’ve handled a sensitive matter and I’m going to continue to prosecute the case for getting this opinion withdrawn.

The big piece of news here — from Krass, not Wyden — is that the opinion dates to 2003, which dates it to the transition period bridging Jay Bybee/John Yoo and Jack Goldsmith’s tenure at OLC, and also the period when the Bush Administration was running its illegal wiretap program under a series of dodgy OLC opinions. She also notes that it was a memo on first impression — something there was purportedly no law or prior opinion on — on new technology.

Back in November, ACLU sued to get that memo. The government recently moved for summary judgment based on the claim that a judge in DC rejected another ACLU effort to FOIA the document, which is a referral to ACLU’s 2006 FOIA lawsuit for documents underlying what was then called the “Terrorist Surveillance Program” and which we now know as Stellar Wind. Here’s the key passage of that argument.

The judgment in EPIC precludes the ACLU’s claim here. First, EPIC was an adjudication on the merits that involved the district court’s reviewing in camera the same document that is at issue in this litigation, and granting summary judgment to the government after finding that the government had properly asserted Exemptions One, Three, and Five – the same exemptions asserted here – to withhold the document. See Colborn Decl. ¶ 13; EPIC, 2014 WL 1279280, at *1. Second, the ACLU was a plaintiff in EPIC. Id. Finally, the claims asserted in this action were, or could have been, asserted in EPIC. The FOIA claim at issue in EPIC arose from a series of requests that effectively sought all OLC memoranda concerning surveillance by Executive Branch agencies directed at communications to or from U.S. citizens.2at See id. Even if the ACLU did not know that this specific memorandum was included among the documents reviewed in camera by the EPIC court, the ACLU had a full and fair opportunity to make any and all arguments in seeking disclosure of that document. Indeed, in EPIC, the government’s assertion of exemptions received the highest level of scrutiny available to a plaintiff in FOIA litigation—the district court issued its decision after reviewing the document in camera and determining that the government’s assertions of Exemptions One, Three, and Five were proper. Colborn Decl. ¶ 13. The ACLU’s claim in this lawsuit is therefore barred by claim preclusion.

2 One of the FOIA requests at issue in EPIC sought “[a]ll memoranda, legal opinions, directives or instructions from [DOJ departments] issued between September 11, 2001, and December 21, 2005, regarding the government’s legal authority for surveillance activity, wiretapping, eavesdropping, and other signals intelligence operations directed communications to or from U.S. citizens.” Elec. Privacy Information Ctr. v. Dep’t of Justice, 511 F. Supp. 2d 56, 63 (D.D.C. 2007).

Wyden just sent a letter to Loretta Lynch disputing some claim made in DOJ’s memorandum of law.

I encourage you to direct DOJ officials to comply with the pending FOIA request.

Additionally, I am greatly concerned that the DOJ’s March 7, 2016 memorandum of law contains a key assertion which is inaccurate. This assertion appears to be central to the DOJ’s legal arguments, and I would urge you to take action to ensure that this error is corrected.

I am enclosing a classified attachment which discusses this inaccurate assertion in more detail.

Here are some thoughts about what the key inaccurate assertion might be:

ACLU never had a chance to argue for this document as a cybersecurity document

Even the section I’ve included here pulls a bit of a fast one. It points to EPIC’s FOIA request (these requests got consolidated), which asked for OLC memos in generalized fashion, as proof that the plaintiffs in the earlier suit had had a chance to argue for this document.

But ACLU did not. They asked for “legal reviews of [TSP] and its legal rationale.” In other words, back in 2006 and back in 2014, ACLU was focused on Stellar Wind, not on cybersecurity spying (which Wyden has strongly suggested this memo implicates). So they should be able to make a bid for this OLC memo as something affecting domestic spying for a cybersecurity purpose.

DOJ claimed only Wyden had commented publicly about the document, not Caroline Krass

DOJ makes a preemptive effort to discount the possibility that Ron Wyden’s repeated efforts to draw attention to this document might constitute new facts for the ACLU to point to to claim they should get the document.

Nor is there any evidence the memorandum has been expressly adopted as agency policy or publicly disclosed. Colborn Decl. ¶¶ 23-24. Although the ACLU’s complaint points to statements about the document by Senator Wyden, he is not an Executive Branch official, and his statements cannot effect any adoption or waiver

[snip]

The ACLU may argue that statements made by Senator Ron Wyden regarding the document, including in letters to the Attorney General, constitute new facts or changed circumstances. See Compl. ¶ 2 (“In letters sent to then–Attorney General Eric Holder, Senator Wyden suggested that the executive branch has relied on the Opinion in the past and cautioned that the OLC’s secret interpretation could be relied on in the future as a basis for policy.”). But such statements do not constitute new facts or changed circumstances material to the ACLU’s FOIA claim because they do not evince any change of the Executive Branch’s position vis-à-vis the document or otherwise affect its status under FOIA. See Drake, 291 F.3d at 66; Am. Civil Liberties Union, 321 F. Supp. 2d at 34. As the Senator is not an Executive Branch official, his statements about the document do not reflect the policy or position of any Executive Branch agency. See Brennan Center v. DOJ, 697 F.3d 184, 195, 206 (2d Cir. 2012); Nat’l Council of La Raza v. DOJ, 411 F.3d 350, 356-59 (2d Cir. 2005); infra at 11-12. Senator Wyden’s statements are simply not relevant to whether the document has been properly withheld under Exemptions One, Three, and Five, and do not undermine the applicability of any of those exemptions. Additionally, the Senator has made similar statements regarding the document at issue in letters sent during at least the last four years. Compl. ¶ 2. Thus, the Senator’s statements regarding the document are not new facts since they were available to Plaintiffs well before the district court ruled in EPIC.

That’s all well and good. But the entire discussion ignores that then Acting OLC head and current CIA General Counsel Caroline Krass commented more extensively on the memo than anyone ever has on December 17, 2013 (see my transcript above). This is a still-active memo, but the then acting OLC head said this about the memo in particular.

I have been thinking about your question because I understand your serious concerns about this opinion, and one approach that seems possible to me is that you could ask for an assurance from the relevant elements of the Intelligence Community that they would not rely on the opinion. I can give you my assurance that if I were confirmed I would not rely on the opinion at the CIA.

That seems to be new information from the Executive branch (albeit before the March 31, 2014, final judgment in that other suit).

I’d say this detail is the most likely possibility for DOJ’s inaccuracy, except that Krass’ comments are in the public domain, and have been been written about by other outlets. It wouldn’t seem that Wyden would need to identify this detail in secret.

(I think it’s possible some of the newly declassified language in Stellar Wind materials may be relevant to, but I will have to return to that.)

The document may be a different document

DOJ’s memo and the Paul Colborn declaration describe this as a March 30, 2003 memo written by John Yoo.

The withheld document is a 19-page OLC legal advice memorandum to the General Counsel of an executive branch agency, drafted at the request of the General Counsel, dated March 30, 2003 and signed by OLC Deputy Assistant Attorney General John Yoo. The memorandum was written in response to confidential communications from an executive branch client soliciting legal advice from OLC attorneys. As with all such OLC legal advice memoranda, the document contains confidential client communications made for the purpose of seeking legal advice and predecisional legal advice from OLC attorneys transmitted to an executive branch client as part of government deliberative processes. In light of the fact that the document’s general subject matter is publicly known, the identity of the recipient agency is itself confidential client information protected by the attorney-client privilege.

But their claim that ACLU has already been denied this document under FOIA is based on the claim that this document is the same document as one identified in a Steven Bradbury declaration submitted in the Stellar Wind suit. Here’s how he described the document.

DAG 42 is a 19-page memorandum, dated May 30, 2003, from a Deputy Assistant Attorney General in OLC to the General Counsel of another Executive Branch agency. This document is withheld under FOIA Exemptions One, Three, and Five.

This may be an error (if so, Bradbury is probably correct, as March 30, 2003 was a Sunday), but a document dated March 30, 2003 cannot be the same document as one dated May 30, 2003. If it’s not a simple error in dates, it may suggest that the document the DC court reviewed was a later revision, perhaps one making less outrageous claims. Moreover, as I’ll show in my post on newly learned Stellar Wind information, the change in date (as well as the confirmation that Yoo wrote the memo) make the circumstances surrounding this memo far more interesting.

The document may not have been properly classified

As noted, this is a March 2003 OLC memo written by John Yoo. That’s important not just because Yoo was freelancing on certain memos at the time. But more importantly, because a memo he completed just 16 days earlier violated all guidelines on classification. Here’s what former ISOO head Bill Leonard had to say about John Yoo’s March 14, 2003 torture memo.

The March 14, 2003, memorandum on interrogation of enemy combatants was written by DoJ’s Office of Legal Counsel (OLC) to the General Counsel of the DoD. By virtue of the memorandum’s classification markings, the American people were initially denied access to it. Only after the document was declassified were my fellow citizens and I able to review it for the first time. Upon doing so, I was profoundly disappointed because this memorandum represents one of the worst abuses of the classification process that I had seen during my career, including the past five years when I had the authority to access more classified information than almost any other person in the Executive branch. The memorandum is purely a legal analysis – it is not operational in nature. Its author was quoted as describing it as “near boilerplate.”! To learn that such a document was classified had the same effect on me as waking up one morning and learning that after all these years, there is a “secret” Article to the Constitution that the American people do not even know about.

[snip]

In this instance, the OLC memo did not contain the identity of the official who designated this information as classified in the first instance, even though this is a fundamental requirement of the President’s classification system. In addition, the memo contained neither declassification instructions nor a concise reason for classification, likewise basic requirements. Equally disturbing, the official who designated this memo as classified did not fulfill the clear requirement to indicate which portions are classified and which portions are unclassified, leading the reader to question whether this official truly believes a discussion of patently unclassified issues such as the President’s Commander-in-Chief authorities or a discussion of the applicability to enemy combatants of the Fifth or Eighth Amendment would cause identifiable harm to our national security. Furthermore, it is exceedingly irregular that this memorandum was declassified by DoD even though it was written, and presumably classified, by DoJ.

Given that Yoo broke all the rules of classification on March 14, it seems appropriate to question whether he broke all rules of classification on March 30, 16 days later, especially given some squirrelly language in the current declarations about the memo.

Here’s what Colborn has to say about the classification of this memo (which I find to be curious language), after having made a far more extensive withholding argument on a deliberative process basis.

OLC does not have original classification authority, but when it receives or makes use of classified information provided to it by its clients, OLC is required to mark and treat that information as derivatively classified to the same extent as its clients have identified such information as classified. Accordingly, all classified information in OLC’s possession or incorporated into its products has been classified by another agency or component with original classifying authority.

The document at issue in this case is marked as classified because it contains information OLC received from another agency that was marked as classified. OLC has also been informed by the relevant agency that information contained in the document is protected from disclosure under FOIA by statute.

As far as the memo of law, it relegates the discussion of the classified nature of this memo to a classified declaration by someone whose identity remains secret.

As explained in the classified declaration submitted for the Court’s ex parte, in camera review,1 this information is also classified and protected from disclosure by statute.

Remember, this memo is about some secret interpretation of common commercial service agreements. Wyden believes it should be “declassified and released to the public, so that anyone who is a party to one of these agreements can consider whether their agreement should be revised or modified.”

If this is something that affects average citizens relationships with service providers, it seems remarkable that it can, at the same time, be that secret (and remain in force). While Wyden certainly seems to treat the memo as classified, I’d really love to see whether it was, indeed, properly classified, or whether Yoo was just making stuff up again during a period when he is known to have secretly made stuff up.

In any case, given DOJ’s continued efforts to either withdraw or disclose this memo, I’d safe it’s safe to assume they’re still using it.

Posted in Cybersecurity, EO 12333, FISA

FBI Claimed It Consulted a Manual Rather Than Cellebrite Directly

Published March 24, 2016 | By emptywheel

Yesterday, I suggested that the initial docket pertaining to efforts to search Syed Rizwan Farook’s Lexus and the work phone found in it is consistent with FBI first asking Cellebrite (or some other outside party) to break into the phone before asking the court to use an All Writs Act to compel Apple to help.

In an article today in the wake of possibly incorrect reports the outside entity now helping FBI is Cellebrite, the NYT claims that FBI did try them.

The F.B.I. has tried many ways to get into the iPhone used by Mr. Farook, such as exploiting a previous bug that allowed unsigned code to be loaded and run on the device, Stacey Perino, an electronics engineer with the F.B.I. has said in a court filing in the case.

The F.B.I. also tried tools made by the agency and a mobile forensics company, Cellebrite, which let older iPhones load and run code that could crack a device passcode, Ms. Perino wrote. Cellebrite describes itself on its website as a subsidiary of Sun Corporation, a publicly traded Japanese company; it has done work for a number of government agencies.

Yet none of those tools worked, Ms. Perino wrote in the court document that was filed March 10.

I think this misreads Perino’s declaration, which in the section in question basically repeats what she found in the standard law enforcement tool UFED manual.

Those previous tools that are available cannot be used on the Subject Device because they are not signed by Apple, and the current chain of trust on the Subject Device requires Apple to have signed any software that will be allowed to run

[snip]

From this open source research, several forensic tools were developed that combined (1) the boot ROM code signing defeat, and (2) brute-force passcode guessing. Examples include the Cellebrite UFED tool and an FBI-developed tool. Both the Cellebrite13 and FBI tools utilize the boot ROM exploit, allowing iPhone 3GS and iPhone 4 devices to load and boot an unsigned RAMdisk containing code to brute force the device passcode. The passcode recovery process operated from RAM, and did not alter the system or user data area

[snip]

Apple addressed the bug, and subsequently a jailbreak (i.e., allowing code unsigned by Apple) could only occur on an iPhone after it had been booted and unlocked.

13Cellebrite is a private company that makes forensic data recovery tools for mobile devices. While I have not examined the source code for the UFED tool, based on the Cellebrite Physical Extraction Manual for iPhone and iPad (Rev 1.3) and the fact that the Cellebrite tool no longer supports iPhone 4S and later devices, I believe the UFED tool relied on the same ROM exploit. The manual states: “The extraction application does not load iOS but instead loads a special forensic utility to the device. This utility is loaded to the device’s memory (RAM) and runs directly from there.” The utility is loaded from recovery mode.

It does not reveal that DOJ agencies continue to request Cellebrite’s help on more sophisticated phones, nor that Cellebrite advertises the ability to crack iOS 8 phones (which is still an earlier operating system than Farook’s phone runs).

Perino’s passage is one that Apple’s Erik Neuenschwander discussed, dismissively, at length.

21. Paragraphs 25 through 28 of the Perino Declaration describe supposedly already existing software that Mr. Perino suggests Apple use as a starting point to create GovtOS. For example, Mr. Perino points to a security exploit that supposedly allowed an iPhone to load a minimal operating system in RAM that had not been signed by Apple, which is what the government is requesting here. Similarly, Mr. Perino points to a hacking tool the FBI created that supposedly allowed it to brute force the device passcode on older iPhones.

22. These descriptions show that the FBI, along with its partners, currently have, and have had in the past, the capability to develop the types of code that Apple is being asked to create.

23. Mr. Perino is incorrect, however, in his suggestion that Apple can use these third-party items, add Apple’s signature, and load the finished product on to the subject device to accomplish the result that the government seeks with less effort than what I described in my initial declaration.

24. Using the allegedly already existing software code that Mr. Perino identifies would not be an appropriate way to accomplish what the government wants. Setting aside the legal question of whether Apple can incorporate a software tool created by some other party (such as the Cellebrite UFED tool Mr. Perino identifies) for this purpose, Apple would not save time and effort by incorporating unfamiliar third-party code that has never been used and deployed by Apple before, and it would introduce a host of new issues and potential risks that would need to be addressed. [my emphasis]

Of particular note, Neuenschwander noted that “FBI, along with its partners, currently have…the capability to develop the types of code that Apple is being asked to create.” Cellebrite was the only partner listed by name.

Neuenschwander went on to note that the jailbreaking Perino described is precisely why Apple works so hard to improve its security.

The NYT wants to claim FBI researched all possibilities before repeatedly claiming, more than 19 times (I did not include Perino’s declaration in my count), that only the FBI or Apple could open this phone.

But Perino’s declaration understates what Cellebrite itself claims to be able to do — and that DOJ asks Cellebrite to do.

That still doesn’t mean Cellebrite is the entity now helping FBI crack the phone. It does mean FBI and DOJ engaged in affirmatively misleading briefing on whether Cellebrite might be able to do so.