The Daily Beast reports: The Obama administration may soon release 28 classified pages from a congressional investigation that allegedly links Saudis in the United States to the 9/11 attackers. A former Republican member of the 9/11 Commission alleged Thursday that there was “clear evidence” of support for the hijackers from Saudi officials.
But in Florida, a federal judge is weighing whether to declassify portions of some 80,000 classified pages that could reveal far more about the hijackers’ Saudis connections and their activities in the weeks preceding the worst attack on U.S. soil.
The still-secret files speak to one of the strangest and most enduring mysteries of the 9/11 attacks. Why did the Saudi occupants of a posh house in gated community in Sarasota, Florida, suddenly vanish in the two weeks prior to the attacks? And had they been in touch with the leader of the operation, Mohamed Atta, and two of his co-conspirators?
No way, the FBI says, even though the bureau’s own agents did initially suspect the family was linked to some of the hijackers. On further scrutiny, those connections proved unfounded, officials now say.
But a team of lawyers and investigative journalists has found what they say is hard evidence pointing in the other direction. Atta did visit the family before he led 18 men to their deaths and murdered 3,000 people, they say, and phone records connect the house to members of the 9/11 conspiracy. [Continue reading…]
The New York Times reports: On the morning of March 13, 2011, the assistant secretary of state for Near Eastern affairs, Jeffrey D. Feltman, wrote an urgent email to more than two dozen colleagues informing them that Saudi Arabia and the United Arab Emirates were sending troops into Bahrain to put down antigovernment protests there.
Mr. Feltman’s email prompted a string of 10 replies and forwards over the next 24 hours, including to Secretary of State Hillary Clinton, as the Obama administration debated what was happening and how to respond.
The chain contained information now declared classified, including portions of messages written by Mr. Feltman; the former ambassador in Kuwait, Deborah K. Jones; and the current director of the Central Intelligence Agency, John O. Brennan.
The top administration officials discussed the Bahrain situation on unclassified government computer networks, except for Mrs. Clinton, who used a private email server while serving as secretary of state.
Her server is now the subject of an F.B.I. investigation, which is likely to conclude in the next month, about whether classified information was mishandled.
Whatever the disposition of the investigation, the discussion of troops to Bahrain reveals how routinely sensitive information is emailed on unclassified government servers, reflecting what many officials describe as diplomacy in the age of the Internet, especially in urgent, fast-developing situations. [Continue reading…]
The New York Times reports: The director of the F.B.I. suggested Thursday that his agency paid at least $1.3 million to an undisclosed group to help hack into the encrypted iPhone used by an attacker in the mass shooting in San Bernardino, Calif.
At a technology conference in London, a moderator asked James B. Comey Jr., the F.B.I. chief, how much bureau officials had to pay the undisclosed outside group to demonstrate how to bypass the phone’s encryption.
“A lot,” Mr. Comey said, as audience members at the Aspen Institute event laughed.
He continued: “Let’s see, more than I will make in the remainder of this job, which is seven years and four months, for sure.”
The F.B.I. had been unwilling to say anything at all until Thursday about how much it paid for what has become one of the world’s most publicized hacking jobs, so Mr. Comey’s cryptic comments about his own wages and the bounty quickly sent listeners scurrying in search of their calculators.
The F.B.I. director makes about $185,100 a year — so Mr. Comey stands to earn at least $1.35 million at that base rate of pay for the remainder of his 10-year term. [Continue reading…]
The Washington Post reports: The Justice Department on Thursday revealed that a well-known Islamic State operative instructed a Boston-area man to kill Pamela Geller, the organizer of a controversial Muhammad cartoon contest in Texas last year.
In court documents, prosecutors said that Junaid Hussain, a British militant, had been communicating with Usaamah Abdullah Rahim, 26, who along with two friends discussed beheading Geller.
Rahim, however, changed his mind and instead decided to target a police officer. He was shot and killed in June 2015 in Roslindale, Mass., after he attacked members of an FBI-led surveillance team while wielding a large knife, officials said. [Continue reading…]
The New York Times reports: The F.B.I. defended its hiring of a third party to break into an iPhone used by a gunman in last year’s San Bernardino, Calif., mass shooting, telling some skeptical lawmakers on Tuesday that it needed to join with partners in the rarefied world of for-profit hackers as technology companies increasingly resist their demands for consumer information.
Amy Hess, the Federal Bureau of Investigation’s executive assistant director for science and technology, made the comments at a hearing by members of Congress who are debating potential legislation on encryption. The lawmakers gathered law enforcement authorities and Silicon Valley company executives to discuss the issue, which has divided technology companies and officials in recent months and spurred a debate over privacy and security.
The hearing follows a recent standoff between the F.B.I. and Apple over a court order to force the company to help unlock an iPhone used by one of the San Bernardino attackers. Apple opposed the order, citing harm to the privacy of its users. The F.B.I. later dropped its demand for Apple’s help when it found a third-party alternative to hack the device. [Continue reading…]
The New York Times reports: Big technology companies have usually played a defensive game with government prosecutors in their legal fight over customer information, fighting or bowing to requests for information one case at a time.
But now, in a move that could broaden the debate over the balance between customer privacy and law enforcement needs, Microsoft is going on the offense.
The software giant is suing the Justice Department, challenging its frequent use of secrecy orders that prevent Microsoft from telling people when the government obtains a warrant to read their emails.
In its suit, filed Thursday morning in Federal District Court in Seattle, Microsoft’s home turf, the company asserts that the gag order statute in the Electronic Communications Privacy Act of 1986 — as employed today by federal prosecutors and the courts — is unconstitutional. [Continue reading…]
The New York Times reports: In early 2003, F.B.I. agents hit a roadblock in a secret investigation, called Operation Trail Mix. For months, agents had been intercepting phone calls and emails belonging to members of an animal welfare group that was believed to be sabotaging operations of a company that was using animals to test drugs. But encryption software had made the emails unreadable.
So investigators tried something new. They persuaded a judge to let them remotely, and secretly, install software on the group’s computers to help get around the encryption.
That effort, revealed in newly declassified and released records, shows in new detail how F.B.I. hackers worked to defeat encryption more than a decade before the agency’s recent fight with Apple over access to a locked iPhone. The Trail Mix case was, in some ways, a precursor to the Apple dispute. In both cases, the agents could not decode the data themselves, but found a clever workaround.
The Trail Mix records also reveal what is believed to be the first example of the F.B.I. remotely installing surveillance software, known as spyware or malware, as part of a criminal wiretap.
“This was the first time that the Department of Justice had ever approved such an intercept of this type,” an F.B.I. agent wrote in a 2005 document summing up the case.
The next year, six activists were convicted of conspiracy to violate the Animal Enterprise Protection Act in the case. An appeals court upheld the convictions in 2009, and said that the use of encryption, among other things, was “circumstantial evidence of their agreement to participate in illegal activity.”
Ryan Shapiro, a national security researcher and animal welfare advocate, provided the documents in the case to The New York Times after obtaining them in a Freedom of Information Act lawsuit. Several important details remain secret, including whether the tactic worked. The wiretap was disclosed at trial but the software hacking was not, said Lauren Gazzola, one of the defendants, who now works for the Center for Constitutional Rights. [Continue reading…]
Reuters reports: The company that helped the FBI unlock a San Bernardino shooter’s iPhone to get data has sole legal ownership of the method, making it highly unlikely the technique will be disclosed by the government to Apple or any other entity, Obama administration sources said this week.
The White House has a procedure for reviewing technology security flaws and deciding which ones should be made public. But it is not set up to handle or reveal flaws that are discovered and owned by private companies, the sources said, raising questions about the effectiveness of the so-called Vulnerabilities Equities Process.
The secretive process was created to let various government interests debate about what should be done with a given technology flaw, rather than leaving it to agencies like the National Security Agency, which generally prefers to keep vulnerabilities secret so they can use them. [Continue reading…]
The Washington Post reports: The FBI cracked a San Bernardino terrorist’s phone with the help of professional hackers who discovered and brought to the bureau at least one previously unknown software flaw, according to people familiar with the matter.
The new information was then used to create a piece of hardware that helped the FBI to crack the iPhone’s four-digit personal identification number without triggering a security feature that would have erased all the data, the individuals said.
The researchers, who typically keep a low profile, specialize in hunting for vulnerabilities in software and then in some cases selling them to the U.S. government. They were paid a one-time flat fee for the solution. [Continue reading…]
The Intercept reports: The FBI’s plan to enlist community leaders in “Shared Responsibility Committees” all across the country with the goal of identifying “radicalized” individuals is raising alarm among civil rights activists.
The Shared Responsibility Committees, known as SRCs, “are expanding the informant program under the guise of an intervention program, which it is not,” said Abed Ayoub, legal director of the American-Arab Anti-Discrimination Committee (ADC).
The FBI’s ideas is to have social service workers, teachers, mental health professionals, religious figures, and others interdict young people they believe are on a path towards radicalization. The program was first revealed last November, and while details remain scant, it is widely believed to have been developed along the lines of similar “anti-radicalization” programs in the United Kingdom.
The FBI did not respond to multiple requests for comment.
Experts acknowledge the need to have options beyond sending young people to jail for making threatening statements. The committees purport to offer such an option, by allowing members to offer non-binding recommendations to law enforcement about whether certain individuals should be arrested or offered rehabilitation for their alleged radicalization.
But critics say that despite the FBI’s benign characterization of the SRCs, the proposal amounts to nothing more than an expansion of already existing FBI informant programs. The committees “would be doing the work of the FBI, gathering information. This initiative failed in the U.K., it’s not like this is a new idea,” said Ayoub.
The U.K. program called “Channel” has been widely blamed for alienating the communities it targeted while inflaming attitudes towards authorities. Arun Kundnani, an adjunct professor at New York University and expert on U.K. counterterrorism policy, said he worries that the U.S. program would “suffer from the same problems, such as drawing non-policing professionals into becoming the eyes and ears of counter-terrorism surveillance, and thereby undermining professional norms and relationships of trust among educators, health workers and others.” [Continue reading…]
The New York Times reports: The banging on the door jolted Sal Shafi awake. F.B.I. agents were looking for his son. “Where’s Adam?” they yelled. “Where’s Adam?”
Terrified, Mr. Shafi led the agents, guns drawn, up the stairs toward his son’s bedroom. He watched as they led his 22-year-old son away in handcuffs, backed by evidence of Adam Shafi’s terrorist ambitions.
He had come to the attention of officials not by a well-placed informant or a sting operation. His father, concerned and looking for help, had simply picked up the phone and led the government right to his son. For months, over the objections of his lawyer, Mr. Shafi had been talking to the F.B.I., believing he was doing the right thing.
“My God,” he thought, soon after the arrest in July. “I just destroyed Adam.”
Had things been different, Mr. Shafi, 62, a Silicon Valley executive, might have become a much-needed spokesman for the Obama administration’s counterradicalization campaign. Who better to talk to other parents about the seductive pull of terror organizations? Trust the government, he would tell them. They do not want to take away your children.
Despite nascent efforts to steer young people away from terrorism, the government’s strategy remains largely built on persuading people to call the F.B.I. when they first suspect a problem. [Continue reading…]
In a post on one of the intelligence community’s favorite blogs on Wednesday, Litt, general counsel for the Office of the Director of National Intelligence, outlined new intelligence data-sharing guidelines that he said will be released soon.
The post, on Just Security, was essentially a response to reporting last month from the New York Times’s Charlie Savage that the NSA would soon be sharing with other government agencies the raw, unfiltered intelligence from the depths of its massive overseas spying programs.
“There has been a lot of speculation about the content of proposed procedures that are being drafted to authorize the sharing of unevaluated signals intelligence,” Litt wrote.
The New York Times story raised concerns that the data, which inevitably includes information about Americans, would become too easily accessible by intelligence agencies including the FBI, potentially leading to fishing expeditions. [Continue reading…]
BuzzFeed reports: Just days after breaking into a terrorist’s iPhone using a mysterious third-party technique, FBI officials on Friday told local law enforcement agencies it will assist them with unlocking phones and other electronic devices.
The advisory, obtained by BuzzFeed News, was sent in response to law enforcement inquiries about its new method of unlocking devices — a technique the FBI said was successful at gaining access to the iPhone 5C belonging to one of the shooters in the deadly San Bernardino, California, attack.
“In mid-March, an outside party demonstrated to the FBI a possible method for unlocking the iPhone,” the message said. “That method for unlocking that specific iPhone proved successful.” [Continue reading…]
Elizabeth Rubin writes: I recently received a phone call from Alabama. It was Samey Honaryar, an Afghan who had worked as an interpreter with the United States military and had fled Taliban persecution hoping to find asylum here. Samey is not accused of committing any crime. Yet for nearly a year, he’s been locked up in Etowah County Detention Center, among the worst and most remote of immigration detention centers, with little access to lawyers or medical attention.
“I cannot take it anymore,” said Samey, who was planning a hunger strike. “I served this country. I risked my life for this country, and this is how I’m repaid.”
I have reported from Afghanistan frequently since 2001, and I know that interpreters are an essential conduit into a culture easily misread by foreigners. Nearly every translator I’ve worked with has saved my life. But once they choose to work for the military, their job becomes a political act, making them marked men and women for the Taliban.
At a time when Europeans and Canadians are sheltering over a million asylum seekers, many from conflicts created by United States policies, Samey’s treatment demands attention. Documents and witnesses show that Samey risked his life for American soldiers. But he has been cast into immigration purgatory nonetheless, his troubles caused by a toxic mix of bureaucracy, fear, prejudice and, most poignantly, his naïve faith in American honor. [Continue reading…]
After a very public stand-off over an encrypted terrorist’s smartphone, the FBI has backed down in its court case against Apple, stating that an “outside party” – rumoured to be an Israeli mobile forensics company – has found a way of accessing the data on the phone.
The exact method is not known. Forensics experts have speculated that it involves tricking the hardware into not recording how many passcode combinations have been tried, which would allow all 10,000 possible four-digit passcodes to be tried within a fairly short time. This technique would apply to the iPhone 5C in question, but not newer models, which have stronger hardware protection through the so-called secure enclave, a chip that performs security-critical operations in hardware. The FBI has denied that the technique involves copying storage chips.
So while the details of the technique remain classified, it’s reasonable to assume that any security technology can be broken given sufficient resources. In fact, the technology industry’s dirty secret is that most products are frighteningly insecure.