Category Archives: FBI

Hillary’s ServerGate, Dates Matter Especially Here

Posted on by

Politico in part:

Cause of Action, revealed a new Mills email addressed to Clinton’s former top IT staffer Bryan Pagliano at his 2008 campaign address, [email protected], rather than his State.gov account. The group is questioning whether Clinton aides turned over emails from such campaign accounts if they used them for official business as well.

“What other emails, potentially involving official government business, did [Huma] Abedin, Mills, Pagliano and perhaps other federal employees send/receive using Clinton’s 2008 campaign email account?” asked a Cause of Action spockesperson. “And have such emails been recovered and saved to official government record keeping systems? To date, we don’t know the answer to any of those questions.”  More here and for sure below. Dates matter. (Brian Pagliano was at least one person who set up the Hillary email platform. He appeared for testimony via a subpoena and claimed protection under the 5th Amendment).

JW just recently obtained State Department records showing that the Obama agency asked Hillary Clinton to return emails in July 2014. This contradicts statements made in court that State only requested via a November 2014 letter (a version of which was sent to several former secretaries of state) that Mrs. Clinton return records to the State Department. Other new emails show the State Department has separate policies for handling the documents of State Department senior officials “and the rest of the department.” The emails are found in a batch of 189 pages of documents produced under court order in a major Judicial Watch FOIA lawsuit specifically seeking all of Clinton’s emails and records about her email practices. An astonishing email from Cheryl Mills, Hillary Clinton’s former counselor and chief of staff, to David E. Wade, then-chief of staff to Secretary of State John Kerry, shows that the State Department asked for the Clinton emails in July 2014.

From: Cheryl Mills Sent: Friday, August 22, 2014 9:20 AM To: Wade, David E Cc: Visek, Richard C; Philippe Reines Subject: Following Up Dear David (and Rich) I wanted to follow up on your request last month about getting hard copies of Secretary Clinton’s emails to/from accounts ending in “.gov” for her tenure at the Department. I will be able to get that to you, to the best of its availability. Given the volume, it will take some time to do but I wanted to let you know that I am working to get it to you. Hope you are having a great end to your summer. Best. cdm (Sorry for not copying Jen, I don’t have her email).

Judicial Watch filed this new email with U.S. District Court Judge Emmett Sullivan, who is now considering whether to grant discovery in another JW lawsuit seeking information on the “special government employee” status of Huma Abedin. The court specifically asked the State Department about how and when it requested that Mrs. Clinton return records. In our latest court filing, Judicial Watch states:

This [Mills] email indisputably shows that the State Department first asked Mrs. Clinton to return records as late as July 2014, not November 2014 as the State Department would have this Court and [Judicial Watch] believe.

Hillary Clinton also misled the American people, as she suggested during her infamous March 2015 United Nations press statement that she turned over the emails only after a request in October 2014 and responded “right away.” In fact, these new emails show it took at least five months for her to turn over only half of the emails in question. Another email, on the heels of the initial Clinton email story in the New York Times, details how a top State Department official tried to allay the concerns of National Archivist Paul Wester about the Clinton email issue. Margaret Grafeld, deputy assistant secretary of global information systems, recounts to other top State Department officials a March 3, 2015, call with National Archives:

I just had a very cordial 45 minute conversation with Paul Wester regarding the press coverage of the HRC email personal account and State records, focusing on State actions and those NARA will take today. I explained to Paul the environment in which State operates (and the bifurcated management of records for principals vs the rest of the Department), as well as steps that M and others have initiated to ensure that we are compliant with laws and regulations. In short, we can expect a letter from Paul to me later today covering the alienation (a legal term of art) of the former Secretary’s records [Redacted] requesting an explanation both of what happened and what we are doing to remedy the situation. I requested that he cc M on the letter as the Senior Agency Official for Records Management, which shall be done. I will share the letter with you all as soon as I receive it.

Don’t you love the phrase “bifurcated management of records for principals vs. the rest of the Department”! That phrase is Orwellian bureaucratese for: “We treated Hillary Clinton as if she were above the law.” The special treatment of Hillary Clinton continued after she left the State Department. Another email suggests the State Department provided Mrs. Clinton’s lawyers with a “two drawer safe” in which to store classified emails from the Clinton email server. The documents also show that a report was to be prepared regarding security issues with the Clinton emails, which included a security inspection made of the Clinton lawyers’ offices. One related email states:

Please ask the appropriate DS subject matter experts to contact [Clinton lawyer Kathleen] Turner to arrange for appointment to do a thorough security review to include physical security of area/safe in which document/electronic versions are being kept, who has access to the area/safe, do those individuals have appropriate clearances, when the electronic version is uploaded on a computer is it a stand-alone computer, when the disk/thumb drive is removed is any residual information deleted from the computer and any other appropriate questions. This review/inspection needs to be carried out as soon as possible.

The records also show that, as of December 2, 2014, the Select Committee on Benghazi was still in the dark about the separate Clinton email system. Mrs. Clinton would return some of the requested emails to the State Department on December 5, 2014, but the Select Committee was not informed of this transaction until March 2015. In fact, a December 29, 2014, letter from Mr. Kendall responding to the December 2 request for documents simply refers to the Committee’s request to the State Department with no mention of the Clinton email transfer that took place over three weeks earlier. Last week, this same lawsuit produced records that included a State Department letter to Hillary Clinton’s lawyers that includes a list of classified records to be either deleted or returned to the State Department. In September 2015, Judicial Watch released State Department documents showing a nearly five-month gap in the emails that Clinton chose to return to the State Department. Shortly afterward, Judicial Watch released correspondence from Under Secretary of State for Management Patrick F. Kennedy asking Hillary Clinton’s lawyer, David Kendall, to destroy or return all copies of a classified email “forwarded by Jacob Sullivan to Secretary Clinton … (Subject: Fw: FYI – Report of arrests – possible Benghazi connection).” Kendall rejected the request, as Congress and other investigators had demanded electronic records be preserved. The correspondence also shows Hillary Clinton ignored a demand to turn over all electronic copies of the approximately 55,000 pages of emails she previously returned in paper form. The State Department and Mrs. Clinton have been misleading the American people, the Congress, and the courts about when the State Department asked her for the government emails she took with her when she left State. The new emails show that Hillary Clinton was specifically and separately asked for her government emails months earlier than what the State Department represented to the courts and what Clinton told the American people. These new documents ought to be of keen interest to the FBI and federal prosecutors investigating Hillary Clinton and her colleagues in the Obama administration. Were the White House and John Kerry in on this deception? You can see how the Clinton email controversy is only worsening. So as America waits for the FBI and a compromised Justice Department to act – and as Congress is completely AWOL – your JW is doing the work of getting to the truth about this truly historic scandal.

Joint Chiefs, ‘NO’ on Closing Gitmo

Posted on by

Obama tweets: I’m going to Cuba

BI: President Barack Obama announced Thursday on Twitter that he was going to Cuba next month, which will be the first time a sitting president has visited the country since 1928.

The US recently restored diplomatic relations with the communist country after a 54-year break.

“14 months ago, I announced that we would begin normalizing relations with Cuba — and we’ve already made significant progress,” Obama tweeted.

In subsequent tweets, he said:

Our flag flies over our Embassy in Havana once again. More Americans are traveling to Cuba than at any time in the last 50 years. We still have differences with the Cuban government that I will raise directly. America will always stand for human rights around the world. Next month, I’ll travel to Cuba to advance our progress and efforts that can improve the lives of the Cuban people.

Obama also tweeted a link to a post on the website Medium that explained the thinking behind his trip.

Ben Rhodes, a national security adviser to Obama, wrote that the president would “have the opportunity to meet with President [Raúl] Castro, and with Cuban civil society and people from different walks of life” on the trip.

“Yes, we have a complicated and difficult history,” Rhodes wrote. “But we need not be defined by it. Indeed, the extraordinary success of the Cuban-American community demonstrates that when we engage Cuba, it is not simply foreign policy  —  for many Americans, it’s family.”

JW: As President Obama frees droves of terrorists—including five Yemenis this week—from the U.S. military prison in Guantanamo news reports confirm that a Gitmo alum who once led a Taliban unit has established the first Islamic State of Iraq and Syria (ISIS) base in Afghanistan.

His name is Mullah Abdul Rauf and international and domestic media reports say he’s operating in Helmand province, actively recruiting fighters for ISIS. Citing local sources, a British newspaper writes that Rauf set up a base and is offering good wages to anyone willing to fight for the Islamic State. Rauf was a corps commander during the Taliban’s 1996-2001 rule of Afghanistan, according to intelligence reports. After getting captured by U.S. forces, he was sent to Gitmo in southeast Cuba but was released in 2007. More here.

*** The Obama administration is in somewhat of a panic over the most recent development of Ibrahim al Qosi.

FNC: When Ibrahim al Qosi was released from Guantanamo Bay in 2012, a lawyer for the former Usama bin Laden aide said he looked forward to living a life of peace in his native Sudan.

Three years later, Qosi has emerged as a prominent voice of Al Qaeda in the Arabian Peninsula, appearing in a number of AQAP propaganda videos — including a 50-minute lecture calling for the takeover of Saudi Arabia.

The 56-year-old Qosi delivered a scathing critique of the Saudi monarchy — which appeared online on Feb. 6 — denouncing the Saudi government’s execution of more than 40 “mujahedeen” in January, according to the Long War Journal.

Joint Chiefs Issue Resounding ‘No’ to Obama on Gitmo Closure

Granger – TheBlaze: Just in case it couldn’t be more clear, the Joint Chiefs of Staff of the armed forces of the United States said “no, we won’t help” to the president in a letter regarding his possible use of an executive order to close the U.S. military detention facility at Guantanamo Bay, Cuba, and then bring the remaining detainees to the United States.

Quoting the law, Lt. Gen. William Mayville Jr., the director of the Joint Chiefs of Staff, wrote:

“Current law prohibits the use of funds to ‘transfer, release or assist in the transfer or release’ of detainees of Guantanamo Bay to or within the United States, and prohibits the construction, modification or acquisition of any facility within the United States to house any Guantanamo detainee. The Joint Staff will not take any action contrary to those restrictions.”

Sixteen members of the U.S. House of Representatives with military experience had written to the Joint Chiefs regarding the legal question of whether or not they would follow an executive order by President Barack Obama to close Gitmo by relocating the remaining detainees to the U.S.

Getty Images

The president is now alone in his fantasy of bringing detainees to U.S. shores.

Without the cooperation of the military, no physical transfer of Gitmo detainees can take place.

The president said in his end-of-year press conference, “We will wait until Congress has definitively said no to a well-thought-out plan with numbers attached to it before we say anything definitive about my executive authority here.”

Apparently, the Joint Chiefs beat Congress to the punch. There is no authority of the president to move anybody anywhere against the law.

Far from just an opinion, the Joint Chiefs are factually correct in their decision. Unless an order, even coming from the commander in chief, is legal, ethical and moral, the nation’s most responsible generals may not carry it out.

The letter is a first response in what could be a legal argument that could reach the attorney general and/or the Supreme Court.

With the balance of power in the highest court tilting slightly to the left now that conservative Antonin Scalia has passed away and his seat is vacant for the foreseeable future, any decision made by that body in question of the president’s Constitutional authority would probably side with him.

Without reaction to the letter, the Obama administration is surely scrambling for ideas on what next to do.

The really disappointing aspect of Obama’s obsession with closing Gitmo is the fact that he has forgotten the reason for the facility in the first place.

Sept. 11, 2001, is the reason for Gitmo. It is the reason for detaining as many potential sources of important information (that could save many lives) as possible. It is the reason so many lives have been lost and others changed forever.

Why has Obama forsaken the safety and security of the American people by releasing unlawful combatant Islamists who want to kill Americans before the Global War on Terror is won?

Thirty percent of all released Gitmo detainees are known or are suspected of returning to the fight. If that isn’t bad enough, there is NO information on the other 70 percent. Where are they; your neighborhood?

The president’s reckless behavior, from releasing dangerous enemies to wanting to bring others to the U.S. is proof that his priorities are confused. Thankfully, the Joint Chiefs of Staff have just reminded him that even he is bound by law, and they will not help him break it.

Montgomery Granger is a three-times mobilized U.S. Army major (Ret.) and author of “Saving Grace at Guantanamo Bay: A Memoir of a Citizen Warrior.” Amazon, Blog, Facebook

Ooops, What Hillary and her Aide did NOT Sign

Posted on by

EXCLUSIVE: Hillary Clinton And Cheryl Mills Did Not Sign Mandatory Agreement to Return Classified Materials

Howley – Breitbart:

Breitbart News has obtained confirmation on State Department letterhead that Hillary Clinton did NOT sign a mandatory OF-109 “Separation Statement” when she left the State Department.

That statement would have required her to affirm that she had returned all classified materials in her possession. Clinton’s top aide Cheryl Mills also avoided signing a separation statement.

Additionally, Clinton never certified that she went through a mandatory security debriefing to learn how to handle classified information. State Department officials, meanwhile, admitted that they “mistakenly” mailed out sensitive information involving the Clinton case.

Citizen researcher Larry Kawa has provided to Breitbart News the most clear-cut evidence to date that Clinton avoided going through mandatory channels to return classified government information.

Clinton failed to sign a separation agreement when she left the State Department, around the time she was required to give back all of her classified materials. Clinton signed a “Classified Information Nondisclosure Agreement” on January 22, 2009. This document is known as an SF-312. It is standard for government employees to sign an SF-312 when they begin working in a role that gives them access to classified information. But she was also required to sign an OF-109, or “Separation Statement,” when she left the job.

That OF-109 document would have required her to affirm the following:

I have surrendered to responsible officials all classified or administratively controlled documents and material with which I was charged or which I had in my possession. I am not retaining in my possession, custody, or control, documents or material containing classified or administratively controlled information furnished to me during the course of such employment or developed as a consequence thereof…

But Clinton never signed an OF-109, even though the State Department Foreign Affairs Manual requires all employees to do so. The office of the Speaker of the House and others have been desperately trying to figure out if Clinton signed an OF-109. Now we know.

On September 11, 2015, researcher Larry Kawa received a letter from State Department official Clarence N. Finney Jr. from the Office of Executive Secretariat Staff (S/ES-S). Finney claimed that, “Departing secretaries of state do not complete an OF-109 due to their continued need for a security clearance after their resignation.”

***  Hillary signature

In other words, the State Department claimed that Clinton, as Secretary of State, was exempt from the requirement in the Foreign Affairs Manual. But Kawa was not satisfied.

Kawa wrote to State Department Office of Information Programs and Services director John Hackett on November 19 and asked, “Can you please forward me written documentation that allows for the exemption of the Secretary of State?”

“Mr. Kawa, I do not have this information at hand. I recommend that you submit an additional FOIA request,” Hackett replied. Kawa submitted another FOIA request two days later seeking evidence for the exemption, but his FOIA request was never returned.

The State Department’s Foreign Affairs Manual Volume 12 Section 564.4 is crystal clear that all employees must sign a separation agreement and undergo a security debriefing:

a. A security debriefing will be conducted and a separation statement will be completed whenever an employee is terminating employment or is otherwise to be separated for a continuous period of 60 days or more.The debriefing is mandatory to ensure that separating personnel are aware of the requirement to return all classified material and of a continuing responsibility to safeguard their knowledge of any classified information. The separating employee must be advised of the applicable laws on the protection and disclosure of classified information (see 12FAM 557 Exhibit 557.3) before signing Form OF-109, Separation Statement (see 12 FAM 564 Exhibit 564.4).

b. AID’s Office of Security, IG/SEC, will conduct a security debriefing upon the separation of AID employees.

Kawa asked State Department Office of Information Programs and Services litigation and appeals branch chief Brandi Garrett for the “pertinent exemption” that would have allowed Clinton to skip out on signing a separation statement, but Garrett did not provide any evidence to show that Clinton was exempt. 

Cheryl Mills also skipped the exit procedure.

A Separation Statement exists for top Clinton aide Cheryl Mills, and a copy of it was quietly released by the State Department.

You might notice something fairly jarring: the statement was never signed, by Mills or anyone else. It was left blank.

Cheryl Mills, like Clinton, avoided having to affirm that she “surrendered to responsible officials all classified or administratively controlled documents and material with which I was charged or which I had in my possession.”

Unlike Mills, Clinton aide Huma Abedin signed a separation statement and security debriefing acknowledgment in February 2013.

Citizen researcher Larry Kawa found the information during a series of exchanges with State Department officials in which the Department admitted to “mistakenly” mailing out sensitive information on the Clinton case.

On the evening of Friday November 13, 2015, Kawa received an email from Deputy Assistant Secretary of State Martha Grafeld. That same night, he received a voicemail message from State Department information officer John Hackett. Both Grafeld and Hackett told Kawa that he had been mailed sensitive information about Clinton and her aides. Even though Kawa had not received any information, the State Department officials seemed panicked.

They both asked him to return the sensitive information as soon as he gets it in the mail. They also both warned him not to disclose any of the information they thought he’d been sent.

Audio of Hackett’s voice mail message, reviewed by Breitbart News, referred to information that was “mistakenly” sent out:

Mr. Kawa, this is John Hackett with the Department of State. Area code [redacted]. The documents we recently mailed you relating to your FOIA request, um, these documents were mistakenly mailed to you without proper processing. They may contain, um, information that is exempt from public disclosure including Social Security numbers. We ask that you not distribute or disseminate these documents. We’ll be sending you an email to ask you to return these documents. Um, also we’ll be sending you a link where these documents that have been properly processed may be found. We regret any inconvenience. If you have any questions, please don’t hesitate to give me a call. Thanks a lot. Bye now.

Grafeld wrote:

I am writing to follow up on a phone call you received today.  In that call, our staff informed you that documents you recently received in the mail from the Department of State were mistakenly mailed to you without proper processing, as they include information that is exempt from disclosure, potentially including Social Security numbers.  The Department asked that you not distribute or disseminate these documents or copies of these documents.  Substitute documents that have been properly processed are posted at:  https://foia.state.gov/Search/Results.aspx?collection=HRC_NDAS.

We will forward to you a prepaid envelope to return to us the documents that were mistakenly sent and any copies you may have made. This return will be at no cost to you.

As you may know, many states have enacted privacy laws that prohibit the disclosure of the Social Security number of another person. With that in mind, we appreciate your safeguarding the Social Security numbers on the documents mistakenly sent to you.

We regret any inconvenience that this may cause you and appreciate your cooperation.

Clinton’s lack of an OF-109 is especially relevant in light of her SF-312, a sworn agreement in 2009 that she made to return all classified materials “upon the conclusion of my employment”:

7…I agree that I shall return all classified materials which have, or may come into my possession or for which I am responsible because of such access: (a) upon demand by an authorized representative of the United States Government; (b) upon the conclusion of my employment or other relationship with the Department or Agency that last granted me a security clearance or that provided me access to classified information; or (c) upon the conclusion of my employment or other relationship that requires access to classified information. If I do not return such materials upon request, I understand that this may be a violation of Sections 793 and/or 1924, Title 18, United States Code, a United States criminal law.

But Clinton did not return her private server, with classified information on it, when she left the State Department in January 2013. She only gave her private server to an inter-agency task force led by the FBI in August 2015, more than two years after her employment with the State Department came to an end.

Thus, Clinton violated her sworn SF-312 statement and could have violated the Title 18 sections cited in the agreement: Section 793, on “Gathering, transmitting, or losing defense information,” and Section 1924, on “Unauthorized removal and retention of classified documents or material.” If she is convicted of violating either of those sections, she could face prison time.

Clinton did not sign the second line on the bottom of the SF-312 document, the “Security Debriefing Acknowledgment.” The signature line was left blank. Thus, Clinton did not certify that she was debriefed on her security obligations regarding classified information.

The Hillary Clinton campaign and the State Department did not return requests for comment for this report.

 

Apple vs. FBI, Try the iCloud or iTunes

Posted on by

In all fairness, General Michael Hayden, former head of the NSA actually disagrees with FBI Director James Comey and sides with Apple. The reason is fascinating.

Apple’s formal statement is here.

Zetter – Wired:

The news this week that a magistrate ordered Apple to help the FBI hack an iPhone used by one of the San Bernardino shooter suspects has polarized the nation—and also generated some misinformation.

Those who support the government say Apple has cooperated in the past to unlock dozens of phones in other cases—so why can’t it help the FBI unlock this one?

But this isn’t about unlocking a phone; rather, it’s about ordering Apple to create a new software tool to eliminate specific security protections the company built into its phone software to protect customer data. Opponents of the court’s decision say this is no different than the controversial backdoor the FBI has been trying to force Apple and other companies to build into their software—except in this case, it’s an after-market backdoor to be used selectively on phones the government is investigating.

The stakes in the case are high because it draws a target on Apple and other companies embroiled in the ongoing encryption/backdoor debate that has been swirling in Silicon Valley and on Capitol Hill for the last two years. Briefly, the government wants a way to access data on gadgets, even when those devices use secure encryption to keep it private.

Apple specifically introduced security features in 2014 to ensure that it would not be able to unlock customer phones and decrypt the data on them; but it turns out it overlooked a loophole in those security features that the government is now trying to exploit. The loophole is not about Apple unlocking the phone but about making it easier for the FBI to attempt to unlock it on its own. If the controversy over the San Bernardino phone causes Apple to take further steps to close that loophole so that it can’t assist the FBI in this way in the future, it could be seen as excessive obstinance and obstruction by Capitol Hill. And that could be the thing that causes lawmakers to finally step in with federal legislation that prevents Apple and other companies from locking the government out of devices.

If the FBI is successful in forcing Apply to comply with its request, it would also set a precedent for other countries to follow and ask Apple to provide their authorities with the same software tool.

In the interest of clarifying the facts and correcting some misinformation, we’ve pulled together a summary of the issues at hand.

What Kind of Phone Are We Talking About?

The phone in question is an iPhone 5c running the iOS9 version of Apple’s software. The phone is owned by the San Bernardino Department of Public Health, which gave it to Syed Rizwan Farook, the shooter suspect, to use for work.

What Is the Issue?

Farook created a password to lock his phone, and due to security features built into the software on his device, the FBI can’t unlock the phone and access the data on it using the method it wants to use—a bruteforce password-guessing technique wherein they enter different passcodes repeatedly until they guess the right one—without running the risk that the device will lock them out permanently.

How Would It Do That?

Apple’s operating system uses two factors to secure and decrypt data on the phone–the password the user chooses and a unique 256-bit AES secret key that’s embedded in the phone when it’s manufactured. As cryptographer Matthew Green explains in a blog post, the user’s password gets “tangled” with the secret key to create a passcode key that both secures and unlocks data on the device. When the user enters the correct password, the phone performs a calculation that combines these two codes and if the result is the correct passcode, the device and data are unlocked.

To prevent someone from brute-forcing the password, the device has a user-enabled function that limits the number of guesses someone can try before the passcode key gets erased. Although the data remains on the device, it cannot be decrypted and therefore becomes permanently inaccessible. The number of password tries allowed before this happens is unclear. Apple says on its web site that the data becomes inaccessible after six failed password attempts. The government’s motion to the court (.pdf) says it happens after 10 failed guesses.

The government says it does not know for certain if Farook’s device has the auto-erase feature enabled, but notes in its motion that San Bernardino County gave the device to Farook with it enabled, and the most recent backup of data from his phone to iCloud “showed the function turned on.”

A reasonable person might ask why, if the phone was backing data up to iCloud the government can just get everything it needs from iCloud instead of breaking into the phone. The government did obtain some data backed up to iCloud from the phone, but authorities allege in their court document that he may have disabled iCloud backups at some point. They obtained data backed up to iCloud a month before the shootings, but none closer to the date of the shooting when they say he is most likely to have used the phone to coordinate the attack.

Is This Auto-Erase the Only Security Protection Apple Has in Place?

No. In addition to the auto-erase function, there’s another protection against brute force attacks: time delays. Each time a password is entered on the phone, it takes about 80 milliseconds for the system to process that password and determine if it’s correct. This helps prevent someone from quickly entering a new password to try again, because they can only guess a password every 80 milliseconds. This might not seem like a lot of time, but according to Dan Guido, CEO of Trail of Bits, a company that does extensive consulting on iOS security, it can be prohibitively long depending on the length of the password.

“In terms of cracking passwords, you usually want to crack or attempt to crack hundreds or thousands of them per second. And with 80 milliseconds, you really can only crack eight or nine per second. That’s incredibly slow,” he said in a call to reporters this week.

With a four-digit passcode, he says, there are only about 10,000 different combinations a password-cracker has to try. But with a simple six-digit passcode, there are about one million different combinations a password cracker would have to try to guess the correct one—Apple says would take more than five-and-a-half-years to try all combinations of a six-character alpha-numeric password. The iOS9 software, which appears to be the software on the San Bernardino phone, asks you to create a six-digit password by default, though you can change this requirement to four digits if you want a shorter one.

Later models of phones use a different chip than the iPhone 5c and have what’s called a “secure enclave” that adds even more time delays to the password-guessing process. Guido describes the secure enclave as a “separate computer inside the iPhone that brokers access to encryption keys” increasing the security of those keys.

With the secure enclave, after each wrong password guess, the amount of time you have to wait before trying another password grows with each try; by the ninth failed password you have to wait an hour before you can enter a tenth password. The government mentioned this in its motion to the court, as if the San Bernardino phone has this added delay. But the iPhone 5c does not have secure enclave on it, so the delay would really only be the usual 80 milliseconds in this case.

Why None of This Is an Issue With Older iPhones

With older versions of Apple’s phone operating system—that is, phones using software prior to iOS8—Apple has the ability to bypass the user’s passcode to unlock the device. It has done so in dozens of cases over the years, pursuant to a court order. But beginning with iOS8, Apple changed this so that it can no longer bypass the user’s passcode.

According to the motion filed by the government in the San Bernardino case, the phone in question is using a later version of Apple’s operating system—which appears to be iOS9. We’re basing this on a statement in the motion that reads: “While Apple has publicized that it has written the software differently with respect to iPhones such as the SUBJECT DEVICE with operating system (“iOS”)9, Apple yet retains the capacity to provide the assistance sought herein that may enable the government to access the SUBJECT DEVICE pursuant to the search warrant.”

The government is referring to the changes that Apple initially made with iOS8, that exist in iOS9 as well. Apple released iOS9 in September 2015, three months before the San Bernardino attacks occurred, so it’s very possible this is indeed the version installed on the San Bernardino phone.

After today, technology vendors need to consider that they might be the adversary they’re trying to protect their customers from.

What Does the Government Want?

A lot of people have misconstrued the government’s request and believe it asked the court to order Apple to unlock the phone, as Apple has done in many cases before. But as noted, the particular operating system installed on this phone does not allow Apple to bypass the passcode and unlock the phone. So the government wants to try bruteforcing the password without having the system auto-erase the decryption key and without additional time delays. To do this, it wants Apple to create a special version of its operating system, a crippled version of the firmware that essentially eliminates the bruteforcing protections, and install it on the San Bernardino phone. It also wants Apple to make it possible to enter password guesses electronically rather than through the touchscreen so that the FBI can run a password-cracking script that races through the password guesses automatically. It wants Apple to design this crippled software to be loaded into memory instead of on disk so that the data on the phone remains forensically sound and won’t be altered.

Note that even after Apple does all of this, the phone will still be locked, unless the government’s bruteforcing operation works to guess the password. And if Farook kept the iOS9 default requirement for a six-character password, and chose a complex alpha-numeric combination for his password, the FBI might never be able to crack it even with everything it has asked Apple to do.

Apple CEO Tim Cook described the government’s request as “asking Apple to hack our own users and undermine decades of security advancements that protect our customers—including tens of millions of American citizens—from sophisticated hackers and cybercriminals. The same engineers who built strong encryption into the iPhone to protect our users would, ironically, be ordered to weaken those protections and make our users less safe.”

What Exactly Is the Loophole You Said the Government Is Exploiting?

The loophole is the fact that Apple even has the ability to run crippled firmware on a device like this without requiring the user to approve it, the way software updates usually work. If this required user approval, Apple would not be able to do what the government is requesting.

How Doable Is All of This?

Guido says the government’s request is completely doable and reasonable.

“They have to make a couple of modifications. They have to make it so that the operating system boots inside of a RAM disk…[and] they need to delete a bunch of code—there’s a lot of code that protects the passcode that they just need to trash,” he said.

Making it possible for the government to test passwords with a script instead of typing them in would take a little more effort he says. “[T]hat would require a little bit of extra development time, but again totally possible. Apple can load a new kernel driver that allows you to plug something in over the Thunderbolt port… It wouldn’t be trivial but it wouldn’t be massive.”

Could This Same Technique Be Used to Undermine Newer, More Secure Phones?

There has been some debate online about whether Apple would be able to do this for later phones that have newer chips and the secure enclave. It’s an important question because these are the phones that most users will have in the next one or two years as they replace their old phones. Though the secure enclave has additional security features, Guido says that Apple could indeed also write crippled firmware for the secure enclave that achieves exactly what the FBI is asking for in the San Bernardino case.

“It is absolutely within the realm of possibility for Apple themselves to tamper with a lot of the functionality of the secure enclave. They can’t read the secure private keys out of it, but they can eliminate things like the passcode delay,” he said. “That means the solution that they might implement for the 5c would not port over directly to the 5s, the 6 or the 6s, but they could create a separate solution for [these] that includes basically crippled firmware for the secure enclave.”

If Apple eliminates the added time delays that the secure enclave introduces, then such phones would only have the standard 80-millisecond delay that older phones have.

“It requires more work to do so with the secure enclave. You have to develop more software; you have to test it a lot better,” he said. “There may be some other considerations that Apple has to work around. [But] as far as I can tell, if you issue a software update to the secure enclave, you can eliminate the passcode delay and you can eliminate the other device-erase [security feature]. And once both of those are gone, you can query for passcodes as fast as 80 milliseconds per request.”

What Hope Is There for Your Privacy?

You can create a strong alpha-numeric password for your device that would make bruteforcing it essentially infeasible for the FBI or anyone else. “If you have letters and numbers and it’s six, seven or eight digits long, then the potential combinations there are really too large for anyone to bruteforce,” Guido said.

And What Can Apple Do Going Forward?

Guido says Apple could and should make changes to its system so that what the FBI is asking it to do can’t be done in future models. “There are changes that Apple can make to the secure enclave to further secure their phones,” he said. “For instance, they may be able to require some kind of user confirmation, before that firmware gets updated, by entering their PIN code … or they could burn the secure enclave into the chip as read-only memory and lose the ability to update it [entirely].”

These would prevent Apple in the future from having the ability to either upload crippled firmware to the device without the phone owner’s approval or from uploading new firmware to the secure enclave at all.

“There’s a couple of different options that they have; I think all of them, though, are going to require either a new major version of iOS or new chips on the actual phones,” Guido said. “But for the moment, what you have to fall back on is that it takes 80 milliseconds to try every single password guess. And if you have a complex enough password then you’re safe.”

Is the Ability to Upload Crippled Firmware a Vulnerability Apple Should Have Foreseen?

Guido says no.

“It wasn’t until very recently that companies had to consider: What does it look like if we attack our own customers? What does it look like if we strip out and remove the security mitigations we put in specifically to protect customers?”

He adds: “Apple did all the right things to make sure the iPhone is safe from remote intruders, or people trying to break into the iPhone.… But certainly after today, technology vendors need to consider that they might be the adversary they’re trying to protect their customers from. And that’s quite a big shift.” (Great job on this Kim)

 

Hillary has NO Defense Under the Law or Executive Order

Posted on by

Executive Order #13526  Espionage Act

WASHINGTON — Ahmed Wali Karzai, the brother of the president of Afghanistan, gets regular payments from the CIA and has for much of the past eight years, The New York Times reported Tuesday.

The newspaper said that according to current and former American officials, the CIA pays Karzai for a variety of services, including helping to recruit an Afghan paramilitary force that operates at the CIA’s direction in and around Kandahar.

The CIA’s ties to Karzai, who is a suspected player in the country’s illegal opium trade, have created deep divisions within the Obama administration, the Times said.

Allegations that Karzai is involved in the drug trade have circulated in Kabul for months. He denies them.

Critics say the ties with Karzai complicate the United States’ increasingly tense relationship with his older brother, President Hamid Karzai. The CIA’s practices also suggest that the United States is not doing everything in its power to stamp out the lucrative Afghan drug trade, a major source of revenue for the Taliban.

Clinton email chain discussed Afghan national’s CIA ties, official says

FNC: EXCLUSIVE: One of the classified email chains discovered on Hillary Clinton’s personal unsecured server discussed an Afghan national’s ties to the CIA and a report that he was on the agency’s payroll, a U.S. government official with knowledge of the document told Fox News.

The discussion of a foreign national working with the U.S. government raises security implications – an executive order signed by President Obama said unauthorized disclosures are “presumed to cause damage to the national security.”

The U.S. government official said the Clinton email exchange, which referred to a New York Times report, was among 29 classified emails recently provided to congressional committees with specific clearances to review them. In that batch were 22 “top secret” exchanges deemed too damaging to national security to release.

Confirmation that one of these exchanges concerned a reported CIA asset means the emails went beyond issues like the drone strike campaign. Democrats repeatedly have said some messages referred to this, reinforcing Clinton’s position that the documents are over-classified.

Based on the timing and other details, the email chain likely refers to either an October 2009 Times story that identified Afghan national Ahmed Wali Karzai, the half-brother of then-Afghan president Hamid Karzai, as a person who received “regular payments from the Central Intelligence Agency” — or an August 2010 Times story that identified Karzai aide Mohammed Zia Salehi as being on the CIA payroll. Ahmed Wali Karzai was murdered during a 2011 shoot-out, a killing later claimed by the Taliban.

Fox News was told the email chain included then-Secretary of State Clinton and then-special envoy to Afghanistan and Pakistan Richard Holbrooke and possibly others. The basic details of this email exchange were backed up to Fox News by a separate U.S. government source who was not authorized to speak on the record.

It’s unclear who initiated the discussion – Clinton, Holbrooke or a subordinate – or whether the CIA’s relationship with the Afghan national was confirmed, because the classified documents are not public.

Holbrooke died in December 2010, during his service as a special envoy.

A CIA spokesperson told Fox News they had no comment on the email chain.

A spokeswoman for the Office of the Intelligence Community Inspector General also had no comment.

The U.S. government official’s account of the Clinton email chain dovetails with a Feb. 3 interview on Fox News’ “America’s Newsroom,” where Republican Rep. Chris Stewart, a member of the House intelligence committee, said, “I have never read anything more sensitive than what these emails contain. They do reveal classified methods. They do reveal classified sources and they do reveal human assets.”

Stewart added, “I can’t imagine how anyone could be familiar with these emails, whether they’re sending them or receiving them, and not realize that these are highly classified.”

While the Clinton campaign claims the government classification review has gone too far, Executive Order 13526, in a section called “classification standards,” says, “the unauthorized disclosure of foreign government information is presumed to cause damage to the national security.”

Fox News was first to report that the Clinton emails contained intelligence beyond “top secret,” and some of the information was deemed “HCS-O” – a code that refers to human intelligence from ongoing operations.

National security and intelligence experts emphasized to Fox News that security clearance holders are trained to not confirm or deny details of a classified program in an unclassified setting, which would include a personal unsecured email network, even if the classified program appears in press reports.

“The rules of handling classified information dictate if something is reported in open source [news reports] you don’t confirm it because it’s still classified information,” said Dan Maguire, who spent more than four decades handling highly classified programs and specialized in human intelligence operations.

As secretary of state, Clinton signed at least two non-disclosure agreements (NDA) on Jan. 22, 2009, and received a briefing from a security officer whose identity was redacted. As part of the NDA for “sensitive compartmented information” (SCI), Clinton acknowledged any “breach” could result in “termination of my access to SCI and removal from a position of special confidence and trust requiring such access as well as the termination of my employment or any other relationships with any Department or Agency that provides me with access to SCI.”

It is remains unclear how classified materials “jumped the gap” from a classified system to her personal server.

On Feb. 12, Clinton’s national press secretary Brian Fallon emphasized that classified information would have been marked as such. “I think when this review plays itself out, at the end they’ll find that what we have said is true,” he told CNN. “Nothing was marked classified at the time it was sent.”

Fallon also attacked the State Department inspector general, Steve Linick, for what he described as “fishing expedition-style investigations” since Clinton decided to run for president. “There is no basis. It is intended to create headwinds for her campaign, but it is not going to work,” Fallon said. He leveled a similar allegation against Intelligence Community Inspector General I. Charles McCullough, III, after his office notified Congress the emails contained information beyond top secret.

Inquiries by Fox News to Clinton’s attorney David Kendall about the status of or changes to her security clearance, and access to classified information, have not been returned.