ISIS Has an App. Could They Build Encryption Tools, Too?

10 Dec 2015 | Author: | No comments yet »

AP News in Brief at 11:58 p.m. EST.

On Wednesday, FBI Director James Comey told senators that the person who opened fire at an anti-Prophet Muhammad event in May sent more than 100 encrypted messages to someone overseas, and the FBI couldn’t read any of them. “I’m not questioning their motivations,” Comey said of companies who encrypt their data. “The question we have to ask is, ‘Should they change their business model?'” In theory, a “back door” would let law enforcement gain insight into secret terrorist communications — if those terrorists were limited to a handful of regulated apps. After months and months of telling the American public that cybersecurity was the nation’s number one priority and that it’s “impossible to overstate” the threat from hackers, the FBI director and many senators spent Wednesday calling for a law that would indisputably weaken online security for everyone.President Obama is not getting regular briefings from the FBI about its ongoing probe into Democratic presidential front-runner Hillary Clinton’s use of a private email server during her time as secretary of state, the bureau’s chief said.

In the wake of the terrorist attacks in Paris and California, there is growing sentiment among security hawks on Capitol Hill for legislation to ensure that law enforcement has access to encrypted communication. Comey’s latest revelation is that encryption isn’t a ‘technical problem’: it’s a problem with the ‘business model’ of wanting to keep users’ data private. Investigators are also looking at whether the husband accused in the shootings was planning an attack in 2012 but abandoned those plans, according to two people familiar with the investigation who were not authorized to discuss the matter publicly and spoke on condition of anonymity. The Braves drove us to distraction and brought “termination” to Frank Wren, the general manager who built them, by swinging big, missing big and spitting the bit in September.

Since Apple iPhones and Facebook’s WhatsApp now encrypt messages end-to-end – meaning only the users can see what the messages say and the company is locked out from the conversation – the director and others have claimed it prevents them from fighting crime, a dubious statement belied by evidence and common sense, but nonetheless embraced by the Senate panel. I promise you, that’s the way we conduct ourselves.” During his “60 Minutes” appearance Oct. 11, Obama acknowledged that high-ranking politicians “have to be more sensitive and stay as far away from the line as possible when it comes to how we handle information, how we handle our own personal data.” The discovery of more than 300 potentially classified emails on Clinton’s personal server has dogged her presidential campaign and provided her opponents with potent ammunition. One week into its investigation, the FBI now believes that Syed Rizwan Farook and his wife, Tashfeen Malik, embraced radical Islamic ideology even before they had begun their online relationship and that Malik held extremist views before she arrived in the U.S. last year, Comey told the Senate Judiciary Committee. Dianne Feinstein (D-Calif.) became the latest senior lawmaker to call for such legislation. “If there is a conspiracy going on” among terrorist suspects using encrypted devices, “that encryption ought to be able to be pierced,” said Feinstein, vice chairman of the Senate Intelligence Committee.

Many of them were created outside of the U.S., meaning that even if Washington created laws demanding Silicon Valley create “back doors,” the foreign apps and services wouldn’t have to comply. Comey has been insisting for years now that tech companies that provide end-to-end encryption need to re-engineer their systems to introduce vulnerabilities, or backdoors as they are commonly referred, so that the government will never not have access to these communications if they demand it.

Though the FBI believes the pair was inspired in part by Islamic State ideology — Malik pledged allegiance to the group’s leader in a Facebook post around the time of last week’s massacre — agents are still looking for other motivations and sources of radicalization, especially because the couple’s interest in extremism predates the terror group’s emergence as a household name. “ISIL inspiration may well have been part of this, but these two killers were starting to radicalize towards martyrdom and jihad as early as 2013,” said Comey, using an acronym for the Islamic State. “And so that’s really before ISIL became the global jihad leader that it is.” When Donald Trump offered a “temporary” plan to block Muslims from entering the United States in response to jihadist terrorism, some supporters cheered while other Americans decried the call as “xenophobic,” saying Muslims are an important part of the national fabric. Terrorists worried about government surveillance have another option: building their own apps, much like Al Qaeda did with Asrar al-Mujahedeen, a program it created in 2007. But Clinton’s performance during an eight-hour Capitol Hill grilling at the hands of the House Select Committee on Benghazi was considered by many to be a triumph, and resulted in record-setting fundraising totals the hour after the hearing wrapped. Now that that idea has been roundly shot down (and perhaps the good folk of Silicon Valley explained to Comey how math works), Comey is back with a new suggestion: companies should reevaluate the “business model” of end-to-end encryption, which can’t be unlocked by anyone else, with something weaker.

Until four days before the attack, investigators had access to five years of such metadata — records of Americans’ phone calls, but not the content of those calls — under the Patriot Act enacted in 2001. That is just one several encrypted messaging apps created by terrorist organizations over the last few years, according to a report from threat intelligence firm Recorded Future. Comey’s argument goes something like this: end-to-end encryption didn’t use to be the standard across the internet, but now it is, and it’s preventing companies like Microsoft and Apple from complying with court orders to reveal users’ data. John McCain (R-Ariz.), who said after the Paris attacks that the status quo was “unacceptable.” He said that the Senate Armed Services Committee, which he chairs, would hold hearings and “have legislation.” It is not clear yet whether the San Bernardino, Calif., couple, who fatally shot 14 people, used encrypted communication or devices; they did own iPhones, officials said. ISIS also creates its own smartphone apps, like Amaq, an Android news app recently discovered by a group affiliated with the anti-terrorist hacker collective Ghost Security Group.

We still don’t know how to prevent China or Russia from following suit and also forcing tech companies to install backdoors if the US leads the way. One bright light, however: Comey also acknowledged that “encryption is very important to safety on the internet,” just not when it’s making his life harder. Comey, a longtime critic of the technologies that he contends are creating a “going dark” problem for law enforcement agencies, had cited a specific example of a terrorist using encrypted communications. Federal agents now will have to obtain warrants from the Foreign Intelligence Surveillance Court to demand those records from each of about a dozen telecommunications companies.

In the Texas shootings, two men armed with rifles and wearing armor opened fire near an exhibit that was showing cartoon images of the Prophet Muhammad. They tend to be younger and better educated than the general public, with 39 percent holding a college degree, compared to 27 percent of all Americans, according to the Pew Research Center. Katz pointed to the Heartbleed bug as an example of how even vetted encryption technology, in that case OpenSSL, can be vulnerable to implementation errors. Among all immigrants granted permanent residency status, or green cards, the share of Muslims increased from about 5 percent in 1992 to roughly 10 percent in 2012, representing about 100,000 immigrants in that year, according to Pew. He asserted that conversations with tech companies have been productive, though. “They really made clear to me that we’re not at war with each other,” Comey said. “We care about the same things.” But, he said, the discussions also convinced him that the firms were moving toward strong encryption to better compete with one another.

Quality encryption also relies on high-quality randomness, which, if lacking, can allow hackers to derive the encryption key without breaking the underlying system. There is no indication that the F.B.I. saw that such messages were exchanged before the shootings began or recognized that one of the suspects was talking to a foreign terrorist group member — something that might have been detected even if the authorities could not read the messages themselves.

MANCHESTER, N.H. (AP) — Even campaigning half as much as his rivals, Donald Trump is drowning them out in an echo chamber of insults and charged pronouncements that have taken over the presidential campaign. It’s not that the tools and knowledge needed to create secure encryption software aren’t out there, according to Ari Juels, a computer science professor at Jacobs Technion-Cornell Institute. She recently called encryption – the bedrock for not only privacy and security, but e-commerce and the entire web infrastructure – the “internet’s achilles heel”. All the while, some Republican officials worry the intense Trump focus is letting Democratic front-runner Hillary Clinton escape serious scrutiny as she works to strengthen her case to general election voters in the 2016 contest. “He’s playing you like a fine Stradivarius violin,” former Florida Gov. Comey argued in his testimony on Wednesday that the technology companies’ defense of “end-to-end encryption,” in which only specific users of a phone or computer hold the keys, was rooted in business decisions. “It’s a business model question,” he said. “Good people have made a decision to design products and sell products where court orders are ineffective.

Jeb Bush told reporters who mobbed him after a campaign stop in New Hampshire this week — to get his reaction to Trump’s remarks. “This is what he does. After all, they’ve been using encryption for decades, and even now, the top five encrypted applications Isis supposedly recommends to their followers are either open-source (meaning the code is already all over the internet), made by companies in other countries, or both. Identifying and cracking every new encryption program used by handful of people could get expensive and time-consuming, with no guarantee that anything of value will be discovered. “I would suspect any home-brewed encryption software would have vulnerabilities, but it’s not clear it would be cost-effective to exploit those vulnerabilities,” Juels told NBC News. He’s phenomenal at garnering attention.” Perhaps no one is more frustrated than Bush, the former Florida governor once thought the likely nominee but now fighting for relevance as Trump leads most Republican polls. Comey, whose 10-year term extends well beyond President Obama’s, the recent attacks have provided renewed arguments to pressure technology companies.

That could create new vulnerabilities that might be exploited by hackers and foreign governments, they said, not to mention stir up privacy concerns. “It’s a question of balancing civil liberties and potential exposure to cyber-attack with the ability of law enforcement to track criminals and terrorists,” Katz said. Now comes a fresh attack and the first test of whether these new provisions allow federal authorities maximum flexibility to pursue terrorists on an investigative trail that could lead through years of metadata. Bratton, New York City’s police commissioner, have faulted the encryption used by Apple, Facebook and Google for thwarting terrorism investigations. Carter outlined the steps as the Obama administration faces criticism from both Republicans and Democrats about its strategy to defeat the IS militants, reflecting a nation’s growing fears about the threat of terrorism.

It was the first time that Carter has testified before the committee since IS claimed responsibility for bombing a Russian airliner, attacks in Beirut and Paris, and the deadly shooting in San Bernardino, California, by a self-radicalized couple. Carter said that during the past several months, the U.S.-led coalition fighting IS in Iraq and Syria has provided specialized training and equipment, including combat engineering assistance such as bulldozing, and munitions such as AT-4 shoulder-fired missiles to stop truck bombs, to the Iraqi army and counter-terrorism service units entering Ramadi neighborhoods from multiple directions. There is also no evidence that the married couple who waged the attack in a San Bernardino office building last week communicated digitally about the attacks. COLORADO SPRINGS, Colo. (AP) — The man accused of killing three people at a Colorado Planned Parenthood clinic stunned a courtroom Wednesday when he declared himself a “warrior for the babies” and said he was guilty and won’t go to trial.

Bearded, unkempt and cuffed at the wrists and ankles, Dear repeatedly disrupted the hourlong hearing, interrupting his public defender, Daniel King, and objecting to King’s attempts to limit publicity in the case. King — who represented Colorado theater shooter James Holmes — has asked the judge to impose a gag order on participants in the Planned Parenthood case before a trial. “You’ll never know what I saw in that clinic. In the past, Apple could unlock communications under such circumstances, but the current scheme forces law enforcement agents to go directly to their target to read their communications. WASHINGTON (AP) — Torn as ever over race, the Supreme Court on Wednesday weighed whether it’s time to end the use of race in college admissions nationwide or at least at the University of Texas. The municipal councils are the only government body in which Saudi citizens can elect representatives, so the vote is widely seen as a small but significant opening for women to play a more equal role in Saudi society.

Still, women face challenges on the campaign trail: Because of Saudi Arabia’s strict policy of segregation of the sexes, they cannot address male voters directly and have to speak from behind a partition — or have male relatives speak for them. In an effort to create a more level playing field, the General Election Committee banned both male and female candidates from showing their faces in promotional flyers, billboards or in social media. The results are based on questionnaires from more than 715,000 British women aged 50 to 69 who were enrolled in a national breast cancer screening program in the late 1990s.

Lamar Alexander of Tennessee, who leads the Senate Education Committee, called the legislation a “Christmas present” for 50 million children across the country. Patty Murray of Washington — and in the House, Education Committee Chairman John Kline, R-Minn., and ranking Democrat Bobby Scott of Virginia. “You’ll see states taking the opportunity to serve kids better, meaning it’s not just a conversation about labeling schools but also a conversation about when a school’s not doing right by kids,” Chris Minnich, executive director of the Council of Chief State School Officers, said in an interview.

Our partners
Follow us
Contact us
Our contacts

About this site