[Infowarrior] - F.B.I. Tried to Defeat Encryption 10 Years Ago, Files Show

[Richard Forno]

F.B.I. Tried to Defeat Encryption 10 Years Ago, Files Show

Matt Apuzzo

http://www.nytimes.com/2016/04/14/technology/fbi-tried-to-defeat-encryption-10-years-ago-files-show.html

WASHINGTON — In early 2003, F.B.I. agents hit a roadblock in a secret investigation, called Operation Trail Mix. For months, agents had been intercepting phone calls and emails belonging to members of an animal welfare group that was believed to be sabotaging operations of a company that was using animals to test drugs. But encryption software had made the emails unreadable.

So investigators tried something new. They persuaded a judge to let them remotely, and secretly, install software on the group’s computers to help get around the encryption.

That effort, revealed in newly declassified and released records, shows in new detail how F.B.I. hackers worked to defeat encryption more than a decade before the agency’s recent fight with Apple over access to a locked iPhone. The Trail Mix case was, in some ways, a precursor to the Apple dispute. In both cases, the agents could not decode the data themselves, but found a clever workaround.

The Trail Mix records also reveal what is believed to be the first example of the F.B.I. remotely installing surveillance software, known as spyware or malware, as part of a criminal wiretap.

“This was the first time that the Department of Justice had ever approved such an intercept of this type,” an F.B.I. agent wrote in a 2005 document summing up the case.

The next year, six activists were convicted of conspiracy to violate the Animal Enterprise Protection Act in the case. An appeals court upheld the convictions in 2009, and said that the use of encryption, among other things, was “circumstantial evidence of their agreement to participate in illegal activity.”

Ryan Shapiro, a national security researcher and animal welfare advocate, provided the documents in the case to The New York Times after obtaining them in a Freedom of Information Act lawsuit. Several important details remain secret, including whether the tactic worked. The wiretap was disclosed at trial but the software hacking was not, said Lauren Gazzola, one of the defendants, who now works for the Center for Constitutional Rights.

It is also unclear why the Justice Department, which is required to report every time it comes across encryption in a criminal wiretap case, did not do so in 2002 or 2003. The Justice Department and F.B.I. did not comment Wednesday.

The Trail Mix documents provide an unusual, if dated, glimpse at the cat-and-mouse game that the F.B.I. has been playing for years with people who use technology to keep their affairs secret. The records show that, even when encryption was not widely used, there was a growing frustration about it in the F.B.I. To defeat it, agents built and used surveillance software earlier than was known.

“The documents show that the F.B.I. has been in the hacking business for a long time,” said Chris Soghoian, a technology analyst with the American Civil Liberties Union who reviewed the records.

The technology company has been locked in a major legal battle against law enforcement officials over privacy and security.


In 2008 the F.B.I. began a campaign called “Going Dark” to build support for laws requiring companies to allow government access to data in unencrypted form. But the Trail Mix records show that agents were frustrated by encryption many years earlier, and saw the fight against terrorism as an opportunity to get new authority.

“The current terrorism prevention context may present the best opportunity to bring up the encryption issue,” an F.B.I. official said in a December 2002 email. A month later, a draft bill, called Patriot Act 2, revealed that the Justice Department was considering outlawing the use of encryption to conceal criminal activity. The bill did not pass.

The Trail Mix investigation focused on sabotage and stalking at Huntingdon Life Sciences, a company with a New Jersey laboratory that conducted pharmaceutical testing on animals. The group Stop Huntingdon Animal Cruelty strongly opposed the company’s testing and advocated protests to end it.

F.B.I. agents contended members of the group were also behind criminal attacks that included nuisances like sending nonstop faxes of all-black paper and hacking attacks that caused more than $450,000 in damages and lost business. Federal law labeled such attacks eco-terrorism.

The activists communicated using a well-known security program called Pretty Good Privacy, which makes emails unreadable by anyone without a password and a digital key. The agents tried several tactics, including getting a “full-content” wiretap that intercepted every byte that left the group’s computers. Yet the encryption proved unbreakable.

More than a decade later, the F.B.I. still cannot break sophisticated encryption such as the kind used on Apple’s iPhones. Early this year, in its investigation of the San Bernardino, Calif., terrorist attack, the Justice Department tried to require Apple to remove some security features from a locked iPhone so the F.B.I. could guess the password. Eventually, a private consultant developed a way to hack into the phone without Apple’s help, and sold the idea to the F.B.I.

Agents in the Trail Mix case also found a workaround. Like the San Bernardino case, the Trail Mix solutions were classified.

“Please be advised that the tool itself is classified SECRET,” an F.B.I. computer specialist from Quantico, Va., wrote in early 2003 while delivering an early version of the tool. “Further, any indication that the tool is specifically software in nature is also classified.”

Exactly what the software was built to do is still not clear. But language in the documents suggests that it may have copied the digital keys, kept track of keystrokes to help the F.B.I. identify the passwords, or both.

In a Mafia case years earlier, agents sneaked into a Philadelphia office and attached a device to a computer that recorded every keystroke. That classified device helped agents break into an encrypted file. But until Trail Mix, such a tactic had never been tried using software as part of a wiretap, the documents show.

Cases like Operation Trail Mix and the San Bernardino shootings are examples of why many government officials say they need a new law to guarantee access to encrypted data. Going case-by-case, hack-by-hack is impractical, they say.

“Individually tailored solutions have to be the exception and not the rule,” Valerie Caproni, the F.B.I.’s top lawyer, told Congress in 2011.
--
It's better to burn out than fade away.