UPDATE: After publishing this story, I consulted a technology reporter who wrote yesterday that the “third party” referred to by the FBI who can hack the iPhone is “not known.” When I wrote to her about the Yediot and AP claims that Cellebrite is the third party, she explicitly said this is not true. Cellebrite (she said) is not the company which the FBI mentioned. So read the following with this caveat in mind.
In an exclusive story, Yediot Achronot reports (Hebrew) that the Israeli high-tech company, Cellebrite, is the “third party” referred to by the FBI in a court filing, which offered to hack Syed Rizwan Farouk’s iPhone, so that the agency doesn’t need to compel Apple to do it. The report doesn’t make clear whether the Israeli company has succeeded in cracking the phone’s encryption. But it seems likely the FBI would not have announced a postponement in its case against Apple unless it was fairly confident it had a solution to the problem.
If true, this would be yet another example of Israel’s military-intelligence technology being used to penetrate the privacy of terrorists and average citizens world-wide. Indeed, Cellebrite, along with almost all other Israeli high tech companies recruits veterans of the IDF’s SIGINT Unit 8200. This is the entity which spies on Israel’s adversaries around the world, hacks into their code and infrastructure. Among other feats, it was largely responsible (in a partnership with the NSA) for the Stuxnet virus which attacked Iran’s nuclear centrifuges.
NRG notes the exceedingly close relationship between Unit 8200 and Cellebrite in particular. In an article describing 8200’s annual veteran’s reunion, the company’s CEO praised it:
“Veterans of the Unit bring with them a certain type of knowledge which is learned and about which he may not elaborate. For them [the veterans] this brings added benefit relative [to other job candidates].
Cellebrite specializes in forensic analysis of cell phone data:
Cellebrite is a global company known for its breakthroughs in mobile data technology, delivering comprehensive solutions for mobile forensics and mobile lifecycle management.
Cellebrite mobile forensics solutions give access to and unlock the intelligence of mobile data sources to extend investigative capabilities, accelerate investigations, unify investigative teams and produce solid evidence. Cellebrite’s range of mobile forensic products…enable the bit-for-bit extraction and in-depth decoding and analysis of data from thousands of mobile devices, including feature phones, smartphones, portable GPS devices, tablets and phones manufactured with Chinese chipsets. In addition to mobile device data, [our product] provides extraction, preservation and analysis of private data residing in cloud environments such as social media accounts. Cellebrite’s…is the prime choice of forensic specialists in law enforcement, military, intelligence, corporate security and eDiscovery agencies, with more than 30,000…units deployed in more than 100 countries.
Since 2013, it has had a contract with the FBI to help it hack into the cell phones of criminals and terrorists of interest to the agency.
The reporter attributes his story to “sources in the industry well-familiar with the subject.” My guess is this is someone associated with Cellebrite or perhaps a major shareholder who wants to see his stake appreciate in value. It may also be an Israeli intelligence source or even the prime minister’s office, seeking to brag about the Startup Nation helping to aid a U.S. terror investigation. It sure puts a hasbara feather in Israel’s cap.
The reporter doesn’t credit this AP report which confirms aspects of the Yediot story:
…The most straightforward possibility is that the FBI described the problem to a variety of contractors and one of them came forward with a proposed solution.
Other experts mentioned an Israeli company, Cellebrite Inc., that’s a leader among several firms selling smartphone forensics services and software tools to US police agencies. The programs can extract data from iPhones running older versions of Apple’s operating system, but they have been stymied by the latest version, known as iOS 9. That’s the version running on the San Bernardino iPhone.
Cellebrite hasn’t announced any new product that works with iOS 9, but it’s likely working on developing one, said Darren Hayes, a computer scientist and cyber-security expert at Pace University in New York.
Cellebrite representatives couldn’t be reached for comment Tuesday. The company did not respond to an email and phone message left at its US offices in New Jersey.
McAfee: I know who’s helping the #FBI hack Apple https://t.co/lXLftUqp8p #iPhone
— BlackBerry Exclusive (@BBExclusiveUK) March 22, 2016
If anyone’s feeling reassured about this development (possibly Tim Cook, for example), they shouldn’t. See McAfee’s comment in the tweet above. While it will take Apple off the hook in the short-term, if Cellebrite can hack this iPhone then there are a lot of other smart people in the world who will figure out how to do it as well. Unless Apple comes up with new ways to further enhance its encryption that even Cellebrite can’t hack, then Apple’s guarantee of privacy won’t be worth the virtual paper it’s written on.
The article does get the background story about how the cell phone was used by the terror suspect and how it was handled after the police retrieved it, wrong. The reporter clearly hadn’t bothered to read the actual accounts which noted that the police had access to the phone until a not-so-smart detective decided to change the password. In doing so, he locked himself out of the phone. That is what caused the problem the FBI faces today.
In my experience, if a reporter gets one major part of their story, they may’ve gotten everything else in it wrong as well. So some measure of skepticism is warranted here. But my guess is that this error doesn’t invalidate the breaking story.
I’ve approached the Apple press office for comment and they have not responded.
At the risk of being booed, I don’t see what all the fuss is about.
We live in houses, with doors, windows and locks. Most of the time they give us privacy and security. Sometimes bad guys figure out how to break in. Sometimes the guy living there is bad and a judge will order a search warrant, and if the owner is unwilling or unable to allow it, the police will hire a locksmith to break the lock. Nothing is 100% airtight and break-in proof. No different than breaking into an IPhone.
We don’t hear from the Master Lock Co whining about locksmiths who break into their locks, nor from shrieking privacy advocates protesting about the violation of house privacy.
What is this religion that enshrines absolute and inviolate right to privacy? Did God herself command that right? Right to privacy is just an idea that we came up with, and it has its limits.
@ Yehuda: As usual your analogy is less than air-tight. Breaking into one individual home is far, far differdent than being able to hack the phones of hundreds of millions of people worldwide, which the FBI or anybody else would be able to do once the iPhone is hacked.
Democracy and privacy rights are not a “religion.” A religion is the ultra-nationalist state you live in. Democratic rights are a system of government that works pretty well when everyone follows the rules. The right to privacy is not an “idea.” It is inscribed in the U.S. Constitution and Supreme Court rulings. Unlike your country, we accord these institutions & precedents tremendous respect. It’s how we govern our nation. A foundation of the republic.
It’s too bad you’re so tone deaf in understanding these bedrock principles of liberal democracy. But it’s not surprising.
@Richard “Democratic rights are a system of government that works pretty well when everyone follows the rules. ”
Seriously?? We are talking about a terrorist. Not exactly someone who “follows the rules.”
Great analogy Yehuda!
Not sure how the Israelis came out bad out of this when Americans are those who request the service. Go figure!
Aparently I’m being censored
@ Jack Cohen: Stop whining, “Jack.” It’s unbecoming.
This is precisely the sort of comment that violates the comment rules. Comments must have substance and a political point.
@ Jack Cohen: That’s precisely the point. A nation of laws which upholds the rule of law doesn’t treat terrorists differently than other criminals or even other citizens. Everyone is accorded the same rights & you are innocent till proven guilty, no matter how heinous the crime. Again, this is democracy, which you appear not to understand.
You follow the rules especially in cases in which criminals don’t because you are upholding higher values than justice for one individual criminal.
Cellebrite (or any professional hacker – whether inside or outside the FBI) is the rather benign option here.
The less benign option is that the FBI pressured workers (current or former) or contractors to cooperate going around Apple mgmt. And pressure could come in so many different forms (e.g. threats to deport illegal parents, helping/hindering relatives of workers or workers themselves involved in different criminal cases, etc. etc.).
“If true, this would be yet another example of Israel’s military-intelligence technology being used to penetrate the privacy of terrorists and average citizens world-wide.”
The San Bernadino terrorists are both dead, and a dead man has no ‘privacy’.
@ Bernie X: But companies and innocent citizens do have a right to privacy, which they will lose if Apple’s phone is hacked.
Would you care to explain why a terrorist should be privileged to ‘privacy.’ A terrorist, be definition, has an aim which ligitimizes killing innocent people. Why should such individuals, or groups, be entitled to privacy, when ‘violating’ their privacy could very well save innocent lives?
@ James Cooper: Last I checked terrorists and average civilians were all human beings. As such, we accord even criminals rights to privacy. Now if you wish to live in a totalitarian state in which the state is the only entity with rights & citizens have none, be my guest. But that’s not the USA. So yes, criminals do have a right to privacy–at least until it’s proven that they’ve committed a crime.
But that’s not the main problem with your view. In truth, once Apple breaks encryption in order to expose criminal behavior anyone will able to break the phones of average citizens or even corporate executives or high tech engineers–each of whom expect & need privacy for different reasons. So we have to weigh the necessity of catching criminals with the rights of average citizens, which are very important in a democracy.
Thank you, Richard, for your response. I’m just curious about one item: Had your Mom, Dad, sister, brother, wife, child, nephew or niece been blown to smithereens by such a terrorist, and the way to apprehend the terrorists and his buddies, (to prevent more attacks) was to crack the phone’s code, would you still oppose it?
Thank you again.
I can’t speak for Richard, but I for one would still oppose it, even if it involved a family member.
Living in a democracy where all citizens have rights comes with a cost. That cost is that you have to treat everyone the same way.
As soon as the government can say “He’s a terrorist, he has no rights”, then there’s nothing to stop the government saying the same thing about you (personally). Sure, it’s unlikely if you haven’t done anything to draw notice to yourself, but what about if you object to some political decision or military action? If it helps the government to remove you from circulation, they can just brand you a terrorist and make you disappear without a lawyer, trial or even evidence.
Plus… Where do you draw the line? Do Peadophiles lose their rights too? Rapists? Drug dealers? How about tax dodgers? What about when you push someone and they accuse you of assault? Do you lose your rights then?
The only way it can work is to say everyone has rights and they must be observed at all times.
@James Cooper: this isn’t remotely the case in this situation. The FBI has all the data it needs in this case. It is missing 20 minutes of cellphone data, which it seeks to ascertain who they might’ve called during that period.
Your dramatic rendition doesn’t remotely correspond to the facts of this case.
@Richard
Of course no analogy is perfect, but the house analogy is a pretty good one. The existence of tools that locksmiths use allows the break-in of millions of homes– but only by the people with the motives and means to do so. Not “anybody”. Yes, this includes criminals and governments. With smartphones its only a matter of scale, the principle is the same.
As far as right to privacy, evidently US courts disagree with your interpretation of the constitution that only a convicted criminal loses his right to privacy. Suspects do as well. They may have their property searched and their computers hacked.
As far as religion, yes it is, although its not a theistic religion. If one holds a principle so inviolate even if logic dictates in a particular circumstance the principle doesn’t apply, then that is a religion. Like the religion of the National Rifle Association.
An interesting side question is whether you consider Assange or Snowden to be crominals or heroes? Or is hacking only a crime when it is done by somebody who doesn’t share YOUR agenda, like government trying to prosecute terrorists.
@ Yehuda: Once again, no cigar I’m afraid. Locksmiths tools must be used on individual houses one at a time. One person can’t break into a million homes simultaneously. But one person or a small group of people may do that when they break the encryption of the iPhone.
Suspects do not lose their right to privacy. In fact, they retain that right. It may only be infringed under limited circumstances and with the permission of a judge, who may limit the reach of prosecutorial investigation.
Democracy is not a principle in which “logic does not apply” & I find this view of yours not only stupid, but offensive. Further, comparing it the NRA is, well, loony.
So you’re done in this thread. Move on.
I’ve pronounced my views of Snowden here numerous times. Please don’t ask questions you can easily answer yourself.
Snowden is advocating the rights of millions of citizens. The government is advocating the right of the State to invade the privacy of these millions. They have opposite goals.
Another problem with the analogy is that it’s treating the phone as a container, rather than data.
As an example, there exist techniques using a deck of cards that (while slow) provide the same level of encryption as that used in many modern devices. A well-known example is the Solitaire Encryption Algorithm: https://www.schneier.com/cryptography/solitaire/
So, if I have some private data and encrypt it using a deck of cards, then write the result on a piece of paper, the authorities have the right to enter my house (with a warrant) and read the paper. That doesn’t mean anyone has to try and decrypt the information stored there.
The FBI will already have imaged the phone, and will have a copy of all the data in storage. They just can’t decrypt it without a key.
Nobody has stopped them looking (“entering the house and poking around”), so the situation is equivalent
The trouble is that people living in a state that has security problems caused by its own oppression of others start to take a certain measure of control for granted and subsequently suggest that such practices are normal for a democracy. In this way a political sore starts to infect much more than the body on which it came about. And this holds particularly for Israel.
As Michael Neumann wrote about Israel’s infectious example in general:
“It is this ability to command respect despite the most public outrages against humanity that makes Israel so exceptionally bad. Not that it needs to be any worse than ‘the others’: that would be more than bad enough. But Israel does not only commit its crimes; it also legitimates them.
That is not a matter of abstract moral argument, but of political acceptance and respectability. As the world slowly tries to emerge from barbarism–for instance, through the human rights movements for which Israel has such contempt– Israel mockingly drags it back …”
http://www.counterpunch.org/2002/07/06/what-s-so-bad-about-israel/
(I recommend Neumann’s article particularly to Yehuda who wanted to know why Israel was singled out for criticism)
@Arie– since Richard has prohibited me from further commenting on this thread, a discussion of the claims of the article will have to continue elsewhere.
“And nothing could be more inappropriate than the complaints that Israel is being ‘held to a higher standard’. It is not being held to one; it aggressively and insolently appropriates it. It plants its flag on some cultural and moral summit.” (Michael Neumann)
Exaggerated?
Listen to what then Israeli Ambassador to the UN, Dan Gillerman, said at the occasion of Israel’s sixtieth birthday:
“Each and every day when I walk the halls and corridors of the U.N… I walk with my head held up high because I know I represent a country that is far better than most other members of the United Nations. A country that has contributed, is contributing, and will continue to contribute to the world more than most other member states, a country that is contributing not just to itself and the Jewish people but to mankind and humanity in a huge way, a country that is making deserts bloom all over the world with its agriculture, that is making limbs move each and every day in the remotest corners of the world with its medicine, that is making the world a better place each and every day with its innovations and its patents, and its research, and its science and technology and indeed a country that is making the world each and every day a richer place with its art and with its culture…. “
“It is this ability to command respect despite the most public outrages against humanity that makes Israel so exceptionally bad.” (Neumann)
And how could hasbara be so amazingly successful particularly in the US? I hope that this film will contribute to my understanding: http://www.occupationmovie.com/ ( title: “The occupation of the American Mind”)