Showing posts with label FBI. Show all posts
Showing posts with label FBI. Show all posts

Thursday, 17 March 2016

INVESTIGATION: Hillary Sent Dozens Of Emails On Her BlackBerry From Russia And China, Raising Risk Profile

Hillary Clinton sent at least three dozen emails during seven different trips to China, Vietnam and Russia as secretary of state, a Daily Caller investigation reveals.
Communicating through a personal email account, which Clinton had synced up to a private email server and a non-government-issued BlackBerry, put the Democratic presidential candidate’s communications at risk, especially in nations with robust spy agencies and government-owned telecoms companies like China and Russia, a cyber security specialist tells TheDC. 

The risk would have been even greater if Clinton failed to use what’s known as a BlackBerry Enterprise Server, a so-called “middleware” program that encrypts emails and other information, says Stephen Perciballi, a cyber security expert who formerly worked for BlackBerry retailer Softchoice.
If she did not, “it puts her at more risk,” Perciballi told TheDC.

It is unclear how Clinton’s server was configured. The device, which is now in the FBI’s possession, was kept at Clinton’s home in New York during her tenure at State. It was managed by former State Department IT specialist Bryan Pagliano, who worked on Clinton’s 2008 presidential campaign.
“Was that server just sitting there wide open, sitting on her Comcast cable connection?” Perciballi asked. “We don’t know, and that’s really the problem.”
“Is she building up a fortress of security in her basement? The sheer fact that she did something as irresponsible as this with her work email, I’m guessing no.”
The State Department declined to tell TheDC if Clinton utilized a BlackBerry Enterprise Server.
“There are reviews and inquiries looking into this matter generally and we are not going to get ahead of that,” agency spokesman John Kirby told TheDC.
Pagliano, who recently received immunity in exchange for cooperation with the FBI, did not respond to an email seeking comment.
TheDC was able to determine which emails Clinton sent during overseas trips by comparing the emails released by the State Department to her travel schedule. Politico conducted a similar analysis last March, using press photos to determine when and where Clinton was using her BlackBerry overseas.
The State Department has released Clinton’s 52,000-plus pages of emails since then, allowing for a better cross-reference of her email activities with her overseas travels.
Most — if not all — of Clinton’s emails were sent from her personal BlackBerry. Clinton has said that she used a personal email account — and, thus, a personal BlackBerry — so that she would not have to carry around two devices. The State Department did not have the capability during Clinton’s tenure to fix BlackBerries with both types of email accounts.
An Aug. 30, 2011 email recently obtained by TheDC shows that Clinton’s deputy chief of staff Huma Abedin rejected a proposal to provide Clinton with a second BlackBerry equipped with a State.gov email account.
Abedin and other Clinton aides, such as her chief of staff Cheryl Mills, used BlackBerries issued by the State Department. Communications on those devices likely would have been much more secure than Clinton’s, given that the State Department has its own massive IT department.
Clinton emailed heavily from China during a Nov. 2009 trip there to dedicate the USA Pavilion at the Shanghai Expo, State Department records show.
She did the same during a May 2010 trip to China where she again visited the USA Pavilion and attended a meeting of the U.S.-China Strategic and Economic Dialogue.
Clinton also used her BlackBerry and sent emails during trips to Vietnam and China in Oct. 2010.
During her next trip to China, in May 2012, Clinton sent several emails and also received one containing now-classified information from her top foreign policy aide, Jake Sullivan.
Sullivan forwarded the email, which had the subject line “Express Delivery in China,” to Clinton from Robert Hormats, who then served as under secretary of state for economic growth, energy, and the environment.
She continued using her BlackBerry during overseas trips, including during visits to Russia in June and September 2012. She sent emails from China in Sept. 2012 as well, State Department records show.
Clinton and her campaign have downplayed her use of a private email system, personal email account and personal BlackBerry by claiming that her server was never hacked. The campaign pointed to a New York Times article published last month which suggested that FBI investigators found no evidence that Clinton’s server was hacked.
But as former National Security Agency analyst John Schindler wrote in a recent column at the Observer, The Times article relies on a layman’s definition of “hacking” and ignores other methods of compromising Clinton’s communications devices.
“Unencrypted IT systems don’t need ‘hacking,'” Schindler wrote. “Ms. Clinton’s ‘private’ email, which was wholly unencrypted for a time, was incredibly vulnerable to interception, since it was traveling unprotected on normal commercial networks, which is where [signals intelligence] operators lurk, searching for nuggets of gold.”
A “specific phone number, a chatroom handle, an email address” would be the equivalent of “waving a huge ‘I’m right here’ flag at hostile intelligence services,” Schindler wrote.
Perciballi agrees that there would be other ways besides hacking directly into Clinton’s server to snoop on her communications. He also says that foreign states like China and Russia have enormous capabilities of pulling off such attacks.
By using a man-in-the-middle attack, a hacker “could snoop on her email while she was sending it even without her knowing,” the expert said.
While such an attack would be “very difficult” to pull off, it would not be as difficult for state-sanctioned actors to accomplish. That’s especially true in countries where telecoms agencies are owned or controlled by the state, such as is the case in China.
Another method of attack would be through malware.
Such a strategy would allow a hacker to remain silent in the background while stealing a user’s user name and password. If such an attack befell Clinton, the hacker could sync her email with their devices with little chance of detection.
“And now they’re reading State Department email,” said Perciballi.
It is known that Clinton received emails bearing viruses on her personal account. On Aug. 3, 2011 she received five emails designed as speeding tickets send from a New York police department. Clinton has claimed she did not open the emails. It is unclear, however, how many other phishing emails she received. As Politico’s Josh Gerstein pointed out in an article last year, Clinton has acknowledged that she deleted some “spam” emails.
The State Department declined to say whether Clinton utilized a BlackBerry Enterprise Server or whether it was aware if she had.
“As is standard, we don’t discuss State security protocols or speak to the full range of communications capabilities available to current or former Secretaries of State while on foreign travel,” spokesman John Kirby told TheDC.
“Generally speaking, while traveling abroad, the Secretary of State has access to a range of communications capabilities, both classified and unclassified,” he added, noting that security for communications is “adjusted routinely from place to place.”


Read more:
http://dailycaller.com/2016/03/16/investigation-hillary-sent-dozens-of-emails-on-her-blackberry-from-russia-and-china-raising-risk-profile/#ixzz4372Jpv2A

Wednesday, 16 March 2016

3 things you need to know about the war between Apple and the FBI

Apple Chief Executive Tim Cook has said abiding by the government’s request would mean creating the software equivalent of cancer.
The fight between the government and Apple Inc. over unlocking a San Bernardino shooter’s iPhone has gotten uglier with each salvo.
The Justice Department has accused Apple of creating “a diversion” by sounding alarms about security and privacy as part of a marketing ploy.
Apple disagrees. Bruce Sewell, Apple’s AAPL, +2.01%   general counsel, told reporters that “In 30 years of practice, I’ve never seen a legal brief more intended to smear the other side….It seems like disagreeing with the Justice Department must mean you’re evil and anti-American. Nothing could be further from the truth.”
It all started when a federal court in California ordered Apple to help the Federal Bureau of Investigation crack the iPhone used by the San Bernardino shooter who killed 14 people in December at a holiday gathering.Apple and government attorneys make their cases before the U.S. District Court for the District of Central California on March 22. Here are three things to keep in mind.
1. The FBI is trying to compel Apple to write a software that doesn’t exist right now.
This case has been boiled down to a simple question: Should Apple be forced to help the FBI unlock an iPhone used by a suspected terrorist? But it’s actually a bit more complicated.
The FBI is trying to unlock an iPhone used by Syed Rizwan Farook, who worked at the San Bernardino County Department of Health. The device at issue is an iPhone the county issued to him as a work phone. He had a personal phone, too, and destroyed that before the attack. The county has cooperated with the FBI and has given the agency permission to search the phone, but investigators have been paralyzed by several security features.
But the phone is locked with a passcode. County officials don’t know the passcode and Farook is dead, so they can’t get it from him. The phone also has a setting enabled that erases data if incorrect passwords are attempted 10 times. And on top of that, the phone introduces delays between each wrong password guess.
So the FBI wants Apple to write new software that it can load onto the phone that would kill the self-destruct function, as well as any delays when guessing passwords. It wants that software to allow for electronic password guesses so investigators don’t have to poke at the screen by hand.
U.S. prosecutors take aim at Apple again
The Justice Department criticized Apple for allegedly helping the Chinese government access customer phone data while refusing to assist U.S. agents.
Apple has turned over iCloud backups associated with the phone, but the most recent was in October, and the shooting occurred in December. (The company and the FBI have been arguing about whether the investigators fumbled any chances at obtaining a more recent backup by resetting the password within 24 hours of acquiring the device.) Apple says writing a new software for the government is a terrible idea for several reasons. For one, the company says if it abides by this request, it could set a precedent in which the government could ask — among other things — for Apple to allow investigators to spy on people through their iPhone cameras. Apple also says this could open up users to all kinds of security risks at a time when cyberattacks are already a growing threat.
2. Many doubt the iPhone in question contains any evidence.
San Bernardino Police Chief Jarrod Burguan joined security and tech experts when he said he doubts there’s much of value on the phone everyone is fighting about anyway.
“I’ll be honest with you, I think that there is a reasonably good chance that there is nothing of any value on the phone,” he told NPR.
That’s because Farook took the time to destroy personal devices but not this employer-issued work phone. Many in the tech and security communities have doubted it contains evidence beyond what the FBI has already gathered from sources like iCloud backups and metadata, or the information about who was communicating and when. FBI Director Jim Comey has said the effort to unlock this phone is about completing as thorough an investigation as possible in hopes of gleaning any additional evidence because “we can’t look the survivors in the eye, or ourselves in the mirror, if we don’t follow this lead.”
3. This isn’t about just one phone.
The government has repeated in its court filings that its request pertains to just one phone but legal experts have agreed with Apple that each case sets precedent, which other courts rely on for future cases. Manhattan’s district attorney and other state and local officials have said they would follow the FBI’s example if it wins this case in pursuit of unlocking other iPhones. And Jim Comey himself admitted at a hearing on Capitol Hill last month that the case could set a precedent.

How Apple will try to defeat the FBI in court next week

MARKET WATCH


Apple said Tuesday that the Justice Department is seeking an “all-powerful magic wand” in its attempt to compel the company to help unlock the San Bernardino, Calif., shooter’s iPhone and that “the Founders would be appalled.”
The legal battle between Apple and the Federal Bureau of Investigation over unlocking the work iPhone used by Syed Rizwan Farook, who with his wife killed 14 people in December, has turned into a national debate over security, surveillance and privacy.
The iPhone is locked with a passcode. Through a court order, the FBI asked Apple to write a new operating system that nixes several security features so they can load it onto the device and crack the password. Apple has asked the court to drop the order, and CEO Tim Cook called the FBI’s demand the software equivalent of cancer.
Here are the highlights of the company’s latest argument to the court. Apple lawyers and the FBI will make their cases before the U.S. District Court for the District of Central California at a hearing on March 22.
1. Even other federal intelligence officials don’t agree with the FBI.
Apple points out that U.S. Secretary of Defense Ashton Carter recently called encryption “essential.” Then the company cites Richard Clarke, the former national coordinator for security, infrastructure protection and counterterrorism. “They’re not as interested in solving the problem as they are in getting a legal precedent,” Clarke told NPR. “Every expert I know believes that NSA could crack this phone. They want the precedent that the government can compel a computer device manufacturer to allow the government in.”
2. The government is misconstruing laws and past cases to rewrite history.
“The government attempts to rewrite history by portrayed the [All Writs Act] as an all-powerful magic wand rather than the limited procedural tool it is,” Apple wrote. The All Writs Act is a 1789 catchall law that says federal courts may issue orders as they deem appropriate to fulfill their needs.
And in 2016, the Justice Department and Apple are fighting in footnotes over an 1807 case involving Aaron Burr. The government argued to the court last week that Chief Justice John Marshall once forced Aaron Burr’s clerk to “decipher a coded letter” that the third vice president had written after Burr was charged with treason. While the court asked Burr’s clerk whether he understood the letter, Apple says, it never forced him to decipher it.
(Legal nerds: Read the full filing for more details as to how Apple claims the government is misrepresenting several cases the Justice Department outlined to support its case.)
3. The government is lying about the fact that it wants to set precedent using this case.
The Justice Department’s court filings have repeatedly said the order seeks to access just one phone. FBI Director James Comey admitted on Capitol Hill that the case would set precedent he would seek to use to unlock future phones if Apple were forced to comply. Manhattan’s district attorney and other state and local officials have said they would follow the FBI’s example if it wins.
4. The government is making reckless accusations about Apple’s intent.
The government called Apple’s public refusal to obey the court order a marketing ploy. In a footnote in the latest court filing, Apple says since October 2014, it has produced 627 ads in the U.S. and 1,793 worldwide, but “not a single one advertised or promoted the ability of Apple’s software to block law enforcement requests for access to the contents of Apple devices.”
5. The government doesn’t understand technology, and if in fact it does, it’s playing dumb...
The government has argued to the court (and Comey has repeated on the Hill) that Apple is a big, powerful and successful tech company that knows how to keep the bad guys out, so if it wrote a software specifically for law enforcement, it would be able to keep it safe from criminals seeking to exploit it.
Apple says the idea that it would be able to keep any secret in a black box and safe forever shows that the government simply doesn’t understand how cybersecurity works.
It closes the argument with this zinger: “Almost 90 years ago, Justice Louis Brandeis, reflecting on the “progress of science” beyond wiretapping, famously warned that “[t]he greatest dangers to liberty lurk in insidious encroachment by men of zeal, well-meaning but without understanding.”
7. Forcing Apple to write new software that it finds “offensive” violates its First Amendment right to free speech.
Apple asked the court last month to drop its order partly because it says the company’s products represent its view. And the company considers data security to be a priority, so crafting a new product for investigators — particularly one that the company finds “deeply offensive” — violates its right to freedom of expression.

MY AD 2