backtop


Print 22 comment(s) - last by Noya.. on Apr 7 at 5:51 AM

The FBI is looking to amend a 1994 law so that it includes Internet companies

U.S. government agencies are upset that they can't spy on suspects' who are using Apple's iMessage service for texting. 

According to government agencies like the Drug Enforcement Administration (DEA) and the Federal Bureau of Investigation (FBI), messages sent between iPhone users with the iMessage chat service are "impossible" to access because of iMessage's heavy encryption. 

CNET managed to get its hands on a DEA document, which describes a criminal investigation from February of this year. The document said that "it is impossible to intercept iMessages between two Apple devices" because of the encryption -- even with a federal court order.

Apple's iMessage chat service works a lot like a text message, but is transmitted through the internet rather than SMS messages by wireless carriers. It's an encrypted chat program that has become wildly successful. Apple CEO Tim Cook said 300 billion iMessages had been exchanged as of fall 2012. 



However, the DEA and FBI are having troubles keeping an eye on suspects who use the chat service. For instance, in a case where the DEA drafted a request for a court order to carry out electronic surveillance under Title III of the Federal Wiretap Act, it found that text messages from Verizon Wireless were incomplete because the suspect was an iMessage user.

"There is a growing and dangerous gap between law enforcement's legal authority to conduct electronic surveillance, and its actual ability to conduct such surveillance," said FBI director Robert Mueller. "We must ensure that the laws by which we operate and which provide protection to individual privacy rights keep pace with new threats and new technology."

The FBI is pushing for legislation on the topic, but even if that doesn't go through, government agencies can employ other methods -- such as obtain a warrant allowing them to go into someone's house/office, install keystroke-logging software and record passphrases. They can also send malware to take control of the suspect's device. 

One year ago today, it was reported that the U.S. Department of Homeland Security (DHS) and the U.S. Navy had launched a new research initiative to explore ways of allowing the government to hack into gaming consoles like the Xbox 360, Wii, or PlayStation 3 to obtain information on gamers.

Source: CNET



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

Wiretaps should be illegal, warrant or not
By tayb on 4/4/2013 11:49:47 AM , Rating: 5
Why the hell should wiretaps be legal under any circumstances? If you have enough circumstantial evidence to get a warrant you can search through the phone. Tapping my phone to get evidence to get a warrant circumvents the entire process.

No wonder the U.S. isn't even in the top 15 for freedom or democracy.




RE: Wiretaps should be illegal, warrant or not
By Argon18 on 4/4/13, Rating: -1
RE: Wiretaps should be illegal, warrant or not
By tayb on 4/4/2013 3:43:23 PM , Rating: 1
quote:
Ok, now they can listen in, find out where the deal is happening and when, and show up at the deal to arrest those involved.


No, you shouldn't be able to do that. Ever. If they don't have enough evidence to seize the phone and go through phone records they don't have enough evidence to tap the phone. This is ridiculous.

quote:
You can't do that without a wire tap.


Yeaaaaaah bullshit. If you want to find out where the deal is happening get an informant.


By BRB29 on 4/5/2013 7:51:24 AM , Rating: 2
i suppose informants are a dime a dozen? and their info is accurate?

The next best thing to a wiretap is most likely undercover. That's a bit much to ask someone to risk their life when you can just tap the damn phone.

Phone taps has to be approved by a judge. That's not something that's easy to do. If I'm ever suspected of anything, then they can tap my phone instead of turn my house upside down. But then they better have a damn good reason or else they'll have a lawsuit against them.


By Bateluer on 4/5/2013 4:42:27 PM , Rating: 2
Uh,that is exactly how the system is supposed to work. And you should be arrested by LEO if busted in the middle of a drug deal.


By theapparition on 4/4/2013 4:02:51 PM , Rating: 2
No it doesn't work like that.

There has to be evidence first and a judge must approve the request. Then a warrant is issued to allow the wiretap.

Warrant-less wiretaps are a different animal, and almost always illegal. I believe there is a loophole regarding terrorism, but it's a slippery slope to try, as if a federal law enforcement agency doesn't document everything 10000%, any evidence gathered would be inadmissible.


RE: Wiretaps should be illegal, warrant or not
By cyberguyz on 4/5/2013 3:18:48 PM , Rating: 3
Who says the U.S. is a real democracy?


By Noya on 4/7/2013 5:51:30 AM , Rating: 2
Of course we're not, nor are we a capitalist society.

We're a corporate plutocracy that rapes everyone (to varying degrees) from the top down.


Chat Logging
By WoWCow on 4/4/2013 11:12:43 AM , Rating: 4
I thought by now ALL text messaging are logged by their service providers.

Facebook does it, Google does it, MSN, every provider does it. Because of the 5th in the US, suspects do not providing self-damning evidences; their service providers do and they usually only do so at the order of a judge.

And to quote
quote:
... obtain a warrant allowing them to go into someone's house/office, install keystroke-logging software and record passphrases. They can also send malware to take control of the suspect's device.


There should really be no reason for them to CHANGE the law when they have so many options already.




RE: Chat Logging
By Jeffk464 on 4/4/2013 11:39:06 AM , Rating: 2
I thought criminals use burner phones.


RE: Chat Logging
By quiksilvr on 4/4/2013 12:01:15 PM , Rating: 1
They do, but this is regards to texting. Get the burner's phone number (something that can be obtained with a signal sniffer), and you got their text logs.

Most criminals now just use burners to call as a beeper. Someone calls, simply close the phone. Initiating the phone call is all you need for messages for certain phone numbers.


RE: Chat Logging
By Solandri on 4/4/2013 6:45:55 PM , Rating: 4
quote:
I thought by now ALL text messaging are logged by their service providers.

The problem with logging iMessage chats is that the encryption is endpoint-to-endpoint. That is, the plaintext is encrypted by the sender's phone, and decrypted by the recipient's phone. The only version of the message the service provider and Internet sees is the encrypted version. Even if Apple or your phone carrier were logging the messages (which apparently they are since the Feds were able to get copies to try to decrypt), they're still encrypted.

What we're seeing here is a fundamental shift in the concept of sending a message. In the old days, it was always possible to intercept a message. Modern cryptography and advances in computing power now mean that it's possible to send messages whose plaintext simply can't be intercepted (at least not in a realistic timeframe). The early salvos were strong encryption ciphers like DES, then RSA (public-private key). But iMessage is probably the widest-implemented due to the popularity of iPhones.

All this stuff about wiretaps and warrants is based on the premise that messages can be intercepted. But they go out the window if you're using messages which can't be intercepted. Even if you ban endpoint-to-endpoint encryption, it's still possible for anyone to manually write a program that implements it.

This is the brave new world we're heading towards, whether law enforcement likes it or not. One where wiretaps are impossible. You can no longer intercept a message; you have to get a copy of it either from the source or the recipient. (Phones can still be remotely hacked, and encryption keys surreptitiously copied.)


RE: Chat Logging
By WinstonSmith on 4/5/2013 10:35:22 AM , Rating: 3
"the plaintext is encrypted by the sender's phone, and decrypted by the recipient's phone. The only version of the message the service provider and Internet sees is the encrypted version"

Sounds basically the same as public key encryption, like PGP. Must be idiot proof and super easy to use or it wouldn't be on iPhones. Why hasn't this been a standard feature of every email application for years?


Pigin and OTR
By Ammohunt on 4/4/2013 11:39:07 AM , Rating: 2
I have consolidated all my chat using pidgin and enable OTR wherever i can; not because i have any secrets but because it no ones business(especially the governments) what i chat about except the person on the other side.




RE: Pigin and OTR
By MadMan007 on 4/4/2013 5:01:00 PM , Rating: 2
So what happens when the person on the other side of the convo doesn't have that kind of security?


RE: Pigin and OTR
By Ammohunt on 4/5/2013 11:29:17 AM , Rating: 2
I verbally berate them and tell them how stupid they are then don't talk to them.</joke>

Seriously i keep the conversation light and non specific personally i think it should be standard that all chat and email is encrypted personal privacy should be #1.


tapping out
By Nortel on 4/4/2013 11:50:05 AM , Rating: 5
This article should be about the disgraceful ease of intercepting SMS and voice (which are completely un-encrypted).




Apple, give me the keys
By half_duplex on 4/4/2013 12:59:14 PM , Rating: 4
I'm sure the next step is forcing Apple to provide a way for them to log all iMessages or a back door into the users phone.




Not what it seems.
By KrustySanchez on 4/4/2013 4:41:50 PM , Rating: 3
Any time you see an article like this you should know that they are _saying_ "Ooooh, XYZ is so secure we can't crack it!" when what they mean is "We cracked XYZ 2 years ago, please use it."




Wait
By lagomorpha on 4/4/2013 11:50:41 AM , Rating: 2
quote:
"We must ensure that the laws by which we operate and which provide protection to individual privacy rights


This is in the same breath as a request to change the laws in order to stop individual privacy rights? Reminds me of a certain company that claims to provide its customers with the digital rights management they love so much...




What about VPNs?
By adrift02 on 4/5/2013 12:49:55 AM , Rating: 2
If they can legislate away something like iMessage encryption what's next -- VPNs? I'm all for law enforcement using sneaky means to obtain information (with that archaic thing called a warrant that is), but to complain about encryption and our clearly legal right to protect our privacy is ridiculous.




Snookered
By Uncle on 4/4/2013 1:19:25 PM , Rating: 1
You all got snookered. This article is an infomercial to sell more iphones. Excuse me for a sec, I'm getting a firmware update on my iphone as I type. Ah shoot my Imessages can now be intercepted and decrypted.




"This week I got an iPhone. This weekend I got four chargers so I can keep it charged everywhere I go and a land line so I can actually make phone calls." -- Facebook CEO Mark Zuckerberg














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki