FBI


'FBI' Articles

FBI Forensic Examiner Stephen Flatley Calls Apple 'Jerks' and 'Evil Geniuses' for Encrypting iPhones

Senior FBI forensic examiner Stephen R. Flatley spoke at the International Conference on Cyber Security yesterday, and during the talk he discussed Apple and the FBI's differing opinions on the topic of smartphone encryption. According to Motherboard, Flatley described the company as "jerks" and "evil geniuses" for creating iOS device encryption that is so powerful as to prevent Apple itself from entering users' iPhones. Flatley said that recent updates to Apple device encryption have made password guesses slower, by increasing hash iterations from 10 thousand to 10 million, "making his and his colleagues' investigative work harder." This extended brute force crack time from a few days to two months, leading to Flatley stating that Apple is "pretty good at evil genius stuff." No detailed context was given regarding his "jerks" comment. Image of Stephen Flatley taken by Lorenzo Franceschi-Bicchierai via Motherboard That means, he explained, that “password attempts speed went from 45 passwords a second to one every 18 seconds,” referring to the difficulty of cracking a password using a “brute force” method in which every possible permutation is tried. There are tools that can input thousands of passwords in a very short period of time—if the attempts per minute are limited, it becomes much harder and slower to crack. "Your crack time just went from two days to two months," Flatley said. “At what point is it just trying to one up things and at what point is it to thwart law enforcement?" he added. "Apple is pretty good at evil genius stuff." Flatley's comments come

FBI Didn't Ask Apple for Help Unlocking Texas Shooter's iPhone in First 48 Hours [Updated]

In the aftermath of a deadly shooting at a Texas Church on November 5th, the FBI and other law enforcement agencies failed to immediately ask Apple for help unlocking shooter Devin Patrick Kelley's iPhone, reports Reuters. According to a source that spoke to Reuters, the FBI did not contact Apple for about 48 hours after the shooting, missing a critical window where the iPhone in question might have been easier to unlock. If the iPhone had Touch ID enabled, the shooter's finger might have been able to be used to unlock the device. But that unlocking method would have needed to be used within a 48 hour window, as Touch ID is disabled after 48 hours have passed since it was last activated or when the iPhone is powered off. Christopher Combs, head of the FBI's San Antonio field office, said on Tuesday that the shooter's smartphone is being transferred to the FBI's crime lab in Quantico, Virginia as authorities have not been able to unlock it. Little is known about the shooter's smartphone at this time. Sources told the Washington Post that it's an iPhone, but it's not known which iPhone it is nor which version of iOS it's running. It's also not known if Touch ID was indeed enabled on the phone at this point. As we learned with the San Bernardino case, Apple will not provide authorities with the tools to unlock the iPhone, but the company can and will provide iCloud data if compelled by court order. It is not known if Apple has already received a court order asking for iCloud information. Update: Apple has provided a statement on the situation with the

FBI Unable to Retrieve Encrypted Data From 6,900 Devices Over the Last 11 Months

The United States Federal Bureau of Investigation was unable to retrieve data from 6,900 mobile devices that it attempted to access over the course of the last 11 months, reports the Associated Press. FBI Director Christopher Wray shared the number at an annual conference for the International Association of Chiefs of Police on Sunday. During the first 11 months of the current fiscal year, Wray says the 6,900 devices that were inaccessible accounted for half of the total devices the FBI attempted to retrieve data from. Wray called the FBI's inability to get into the devices a "huge, huge problem." "To put it mildly, this is a huge, huge problem," Wray said. "It impacts investigations across the board -- narcotics, human trafficking, counterterrorism, counterintelligence, gangs, organized crime, child exploitation."Wray did not specify how many of the 6,900 devices the FBI could not access were iPhones or iPads running a version of Apple's iOS operating system, but encryption has been an issue between Apple and the FBI since last year when the two clashed over the unlocking of an iPhone 5c owned by Syed Farook, one of the shooters in the December 2015 attacks in San Bernardino. The FBI took Apple to court in an attempt to force Apple to create a version of iOS that would disable passcode security features and allow passcodes to be entered electronically, providing the FBI with the tools to hack into the device. Apple refused and fought the court order, claiming the FBI's request could set a "dangerous precedent" with serious implications for the future of

Senator Reveals FBI Paid $900K for Hacking Tool Used to Open San Bernardino Shooter's iPhone

A year after the public disagreement between Apple and the FBI, which centered on the passcode-locked iPhone 5c of the San Bernardino terrorist, one of the major questions remains how much the United States government and the FBI paid for the tool it used to crack open the iPhone. That question became so focused upon that a trio of news organizations filed a lawsuit to find out the exact amount that the tool cost the FBI. Speculation in the midst of the Apple-FBI drama placed the price of the tool at upwards of $1.3 million, and then somewhere below $1 million. A recent statement by senator Dianne Feinstein appears to confirm the latter estimation, with Feinstein revealing that the U.S. government paid $900,000 to break into the locked iPhone 5c. The classified information came up during a Senate Judiciary Committee oversight hearing, where Feinstein was questioning FBI director James Comey (via The Associated Press). Senators Charles Grassley and Dianne Feinstein "I was so struck when San Bernardino happened and you made overtures to allow that device to be opened, and then the FBI had to spend $900,000 to hack it open," said Feinstein, D-Calif. "And as I subsequently learned of some of the reason for it, there were good reasons to get into that device." In the ongoing lawsuit filed by the Associated Press, Vice Media, and Gannett, the organizations cite the Freedom of Information Act: "Release of this information goes to the very heart of the Freedom of Information Act's purpose, allowing the public to assess government activity - here, the decision to pay public

Donald Trump Criticizes Apple for Opposing iPhone 'Backdoor' Order: 'Who Do They Think They Are?'

Donald Trump, a leading Republican candidate in the 2016 U.S. presidential elections, has spoken out against Apple's refusal to help the FBI access data on an iPhone 5c used by shooter Syed Farook in the 2015 San Bernardino attacks. Trump, who appeared on the morning news show Fox and Friends this morning, said he agrees "100 percent with the courts" about the matter, as reported by Politico. "Who do [Apple] think they are? They have to open it up," he said.“I agree 100 percent with the courts. In that case, we should open it up." […] "I think security, overall, we have to open it up and we have to use our heads. We have to use common sense," Trump continued, echoing his recent common refrain. Somebody the other day called me a common-sense conservative. We have to use common sense."Apple published an open letter earlier today stating that the company will oppose an order from a U.S. federal judge that demands the company create a new version of iOS that circumvents several important security features, allowing access to encrypted smartphone data to assist the FBI's investigation. Apple CEO Tim Cook said that while the company is "shocked and outraged" by the San Bernardino attacks last December, and presumes "the FBI’s intentions are good," the company strongly believes that building a "backdoor" for U.S. government or law enforcement would be "too dangerous to create."Opposing this order is not something we take lightly. We feel we must speak up in the face of what we see as an overreach by the U.S. government. We are challenging the FBI’s demands with the

Leaked Documents Suggest CIA Work on Hacked Version of Xcode, OS X Installer Exploit

United States Central Intelligence Agency researchers have been working for years to crack the security of Apple's iPhone and iPad, and may have done so through the creation of a modified version of Xcode, Apple's software development tool designed for developers. According to secret documents obtained by The Intercept, at a 2012 "Jamboree" that focused on security flaws found in various electronics, CIA researchers outlined both a hacked version of Xcode and a modified OS X updater that could be used to install malicious software like keyloggers.The modified version of Xcode, the researchers claimed, could enable spies to steal passwords and grab messages on infected devices. Researchers also claimed the modified Xcode could "force all iOS applications to send embedded data to a listening post." It remains unclear how intelligence agencies would get developers to use the poisoned version of Xcode.The malicious version of Xcode could potentially be used to extract private data from devices that installed apps built by the hacked Xcode. Some of the things researchers said could be done with Xcode included installing "remote backdoors" in Mac apps, embedding an app developer's private key into iOS applications (letting the government masquerade as the targeted developer), forcing iOS apps to send data from an iPhone or iPad to a "listening post," and disabling core security features on iOS devices. None of the documents detail how the Xcode and OS X installer exploits have been used by the CIA, and they also don't state whether the efforts have been successful, but as