FBI Tracks Down Cop Car Firebomber Using Info The FBI Claims Is Way Less Useful Than An Encryption Backdoor

from the I-don't-want-to-tell-you-how-to-do-your-job-but dept

For all of the DOJ and FBI's protestations that Apple (and others) just aren't doing enough to help out the federal government, the company actually provides a lot of assistance. No, Apple won't break encryption or build backdoors, but we live in a golden age of surveillance -- one so golden it's putting the surveillers at risk.

Bill Barr has continually attacked Apple for refusing to cede to his anti-encryption demands. Barr and FBI Director Chris Wray also like to complain that the information Apple can give them -- the stuff that isn't encrypted -- is mostly useless.

It isn't. And they know this. But this false claim provides a lot more leverage than the truth does. There's a wealth of information available that's not secured by encryption. A recent case covered by Thomas Brewster for Forbes shows how much investigators can do with Apple's assistance.

In the Seattle case, the FBI had been tipped off about the identity of a protester police believed had set fire to at least two police patrol vehicles during a protest against police brutality on May 30 following the killing of George Floyd, according to a search warrant reviewed by Forbes. The FBI checked the tip against surveillance feeds, news broadcast footage and social media images, deciding that the lead was worth chasing down. They obtained Verizon records for the suspect, Kelly Jackson, that revealed his location during the protests, what calls he made and the fact that he was using an iPhone 7.

That’s when the FBI called on Apple, asking for the suspect’s iCloud information. A trove of potential evidence was returned by the Cupertino tech giant, including screenshots hosted in Jackson’s photo library, according to the search warrant.

The key element here was the suspect's iCloud account. Videos showing the man building his Molotov cocktails, as well as videos showing him throwing them at cop cars, were found there. An image taken later in the day showed the suspect with his mask removed, allowing investigators to identify him. The account also contained a screenshot of a website providing the list of things needed to concoct the Molotov cocktails.

But there's more in the complaint [PDF]. Investigators also used Facebook to tie the suspect to his employer and drivers license data to identify him. The suspect had had previous interactions with law enforcement, which gave them access to his phone number. Phone records put him near the scene of the firebombings, as did videos uploaded by other protesters.

Investigators may not be able to crack the phone (then again, maybe they can), but they can still obtain plenty of information from data backed up to the cloud. This is true with most mobile devices, even though Barr and Wray seem to have a particular dislike for Apple. Pretending this isn't the case is self-serving at best and thoroughly dishonest at worst.

Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: 4th amendment, doj, encryption, fbi, privacy, surveillance
Companies: apple, facebook


Reader Comments

Subscribe: RSS

View by: Thread


  • identicon
    Anonymous Coward, 24 Sep 2020 @ 10:54am

    Note, an encryption backdoor would not have helped them identify the person, as they need the phone to use it.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 24 Sep 2020 @ 12:01pm

      Re:

      Unless that backdoor provided such easy use that they already know who belongs to what phone.

      reply to this | link to this | view in chronology ]

    • icon
      PaulT (profile), 24 Sep 2020 @ 11:27pm

      Re:

      Depends on the backdoor. I'm sure they'd ideally want one that can be exploited remotely.

      reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 25 Sep 2020 @ 2:28am

        Re: Re:

        They still need to know which phone to target. That is an encryption backdoor is only of use when you have decided where to use it. As has been frequently demonstrated in terrorist cases, gathering everything is only useful when you know what or who you are searching for in the haystacks. That is haystacks of data have mainly proven to be of use to figure out what happened, rather than preventing the happening.

        reply to this | link to this | view in chronology ]

        • icon
          PaulT (profile), 25 Sep 2020 @ 3:24am

          Re: Re: Re:

          "They still need to know which phone to target. That is an encryption backdoor is only of use when you have decided where to use it.

          Of course, but the point is that once they have the target, they don't want to go through the process of physically getting the phone before getting entry. Similarly, they will likely want some kind of universal backdoor so they don't have to deal with those pesky warrants and things that might be involved if they have to find out the exploit for the specific phone.

          "As has been frequently demonstrated in terrorist cases, gathering everything is only useful when you know what or who you are searching for in the haystacks."

          But, you assume that they're actually trying to solve a specific crime rather than going on a fishing expedition against someone they don't like. In the latter case, a remote backdoor is perfect. They can invent a reason to search the phone on the record later if they find something they can use.

          reply to this | link to this | view in chronology ]

          • icon
            Scary Devil Monastery (profile), 28 Sep 2020 @ 6:54am

            Re: Re: Re: Re:

            "They can invent a reason to search the phone on the record later if they find something they can use."

            Or else just say "Well, the intel was good" and walk away with copies of any fully legal yet potentially personally embarrassing information in their possession. No way, of course, that a threat of release of said information later on would ever be used to extort benefits.

            reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 24 Sep 2020 @ 12:14pm

    There's a wealth of information available that's not secured by encryption … The key element here was the suspect's iCloud account. Videos showing the man building his Molotov cocktails, as well as videos showing him throwing them at cop cars, were found there. … The account also contained a screenshot of a website providing the list of things needed to concoct the Molotov cocktails. … They obtained Verizon records for the suspect, Kelly Jackson, that revealed his location during the protests, what calls he made and the fact that he was using an iPhone 7. … Investigators may not be able to crack the phone (then again, maybe they can), but they can still obtain plenty of information from data backed up to the cloud.

    All of this is stuff that ought to have been encrypted. Apple could easily encrypt iCloud data in future. It will be harder to take care of the location and call records, but if Apple are serious about customer privacy, they can push the telcos to support new privacy-respecting protocols to ensure telcos (and Apple) won't have this data.

    reply to this | link to this | view in chronology ]

  • icon
    Koby (profile), 24 Sep 2020 @ 12:55pm

    Happy Medium

    Tech companies don't want to waste time with police warrants and investigations that involve breaking open the security on a device. On the other hand, they want to be able to say that their devices are secure. Maybe this is the compromise? The devices themselves are (maybe) secure, but the cloud storage is not. So dumb people will still get caught, with a minimum of effort copying a customer's data onto a usb stick, while everyone else's device data remains secure.

    reply to this | link to this | view in chronology ]

    • icon
      PaulT (profile), 24 Sep 2020 @ 11:33pm

      Re: Happy Medium

      It's no compromise, these are 2 totally separate things. A phone is a device that you physically own, and that you should be able to protect at any time in order to secure your own property. A cloud account is something you rent on Apple's property.

      There's no problem with Apple giving law enforcement access to something on their own property if the correct legal channels are followed. There is a problem in them leaving a back door open for anyone who wants to violate your property just because some lazy cops want them to. These are not conflicting ideas.

      reply to this | link to this | view in chronology ]

    • icon
      Scary Devil Monastery (profile), 25 Sep 2020 @ 2:05am

      Re: Happy Medium

      "Maybe this is the compromise? The devices themselves are (maybe) secure, but the cloud storage is not."

      That's not a compromise. You can't be just a little bit pregnant, a door can't just be almost unlocked. A device can either be secured...or not.

      If a backdoor exists then that backdoor does not care who uses it, for what purpose, or through what mechanism. So if the cloud storage isn't secure, neither is the device. It's that simple, and every IT expert has been telling the DoJ as much for years.

      "Tech companies don't want to waste time with police warrants and investigations that involve breaking open the security on a device."

      Because if the device is actually secure, they can't. They'd have to create a new version of the device OS which includes a backdoor then force the update. But if they design and create such a backdoor update then that's a master key anyone can use to gain access. With it being worth billions of dollars it will leak no matter who holds it faster than water through a colander.

      "So dumb people will still get caught, with a minimum of effort copying a customer's data onto a usb stick..."

      That's...not how it'd work. What you describe there was literally the way unsecured cloud storage in the past has been hacked and the contents then distributed on the open net.

      reply to this | link to this | view in chronology ]

  • identicon
    Rekrul, 24 Sep 2020 @ 1:41pm

    The account also contained a screenshot of a website providing the list of things needed to concoct the Molotov cocktails.

    He needed a website's help to figure out to make Molotov cocktails?

    reply to this | link to this | view in chronology ]

    • identicon
      Bobvious, 24 Sep 2020 @ 2:39pm

      Re: needed help to figure out to make Molotov cocktails

      He kept burning his lips testing the early prototypes.

      reply to this | link to this | view in chronology ]

    • icon
      PaulT (profile), 24 Sep 2020 @ 11:29pm

      Re:

      Amusingly, I did a quick search to check to see if the guy was a "genuine" protestor or a guy with right-wing leanings who was trying to make the movement look bad, as you never know nowadays. The following was the caption of the main photo in the first result that came up:

      Video footage shows a male suspect throwing what appears to be a glass bottle with an ignited fabric or paper wick (i.e., a “Molotov cocktail” device)

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 24 Sep 2020 @ 1:57pm

    Again, LEOs Rely on Criminal Stupidity of Criminals

    "...they can still obtain plenty of information from data backed up to the cloud."

    Clam-shell burner phone never store data in the cloud (and never butt dial - BONUS!).

    reply to this | link to this | view in chronology ]

    • icon
      Narcissus (profile), 25 Sep 2020 @ 1:51am

      Re: Again, LEOs Rely on Criminal Stupidity of Criminals

      It is also a sign of the time where everybody feels the need to document and share everything.

      I'm an old geezer and I would never dream of photographing or videoing evidence for police to find and use. If I planned on throwing Molotov cocktails, or worse, I would probably lock my phone in a faraday cage someplace other than my own location, just to be sure. Even searches for "How to make Molotov Cocktails" or "How to create explosives from fertilizer and Diesel oil" would be done on a computer I don't own and which would be hard to tie to me.

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 24 Sep 2020 @ 2:09pm

    Not even a geofenced reverse warrant? Garshk.

    reply to this | link to this | view in chronology ]

  • identicon
    Bobvious, 24 Sep 2020 @ 2:46pm

    this false claim provides a lot more leverage

    reply to this | link to this | view in chronology ]

  • icon
    Eldakka (profile), 24 Sep 2020 @ 5:14pm

    The key element here was the suspect's iCloud account. Videos showing the man building his Molotov cocktails, as well as videos showing him throwing them at cop cars, were found there. An image taken later in the day showed the suspect with his mask removed, allowing investigators to identify him. The account also contained a screenshot of a website providing the list of things needed to concoct the Molotov cocktails.

    Absolute criminal genius this one. I'm surprised they caught him with him leaving all that self-incriminating evidence around.

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Close

Add A Reply

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Special Affiliate Offer

Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads
.

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.