Profile picture
Matthew Green @matthew_d_green
, 15 tweets, 3 min read Read on Twitter
What the *hell*?

Allegedly the FBI had techniques that could have opened the San Bernardino iPhone, and withheld them — even while FBI leadership was testifying differently in front of Congress!?
The report doesn’t reach that conclusion by the way. Instead it finds that leadership may have testified even before it had fully engaged on finding a technical solution.
When I think back to *how much* publicity the FBI threw up around their inability to access this phone, and how the only option was for Apple to voluntarily weaken their systems, this looks shifty as hell.
Let’s go back to that testimony. Here is what the FBI Director said to Congress at the time.
Keep in mind that the testimony above occurred on March 1. While the effort to engage a contractor (who already had a 90% solution) was initiated on February 11.

The solution was found March 16 and a working demo of the tech was given on March 20.
The rest of the report is this long description of how various elements of the FBI were not properly engaged. When it seems to me that the real story what was happening is that FBI leadership was going on a full court legal/PR press that was totally disconnected from reality.
I don’t expect the FBI to have perfect internal communications all the time. Unless they’re making a massive, unprecedented request to Congress, the courts, and the American people. Then they don’t get to do things halfway.
So in summary: the FBI had been working diligently for years to defeat Apple’s encryption. When they went to war with Apple in the courts, their own agency had a solution in the works. But it didn’t change a word of their testimony or their assertions before the court.
Full document here. While it technically exonerates the FBI, it doesn’t exactly inspire confidence in the FBI’s credibility and attention to detail when it comes to matters of encryption policy.

Hopefully they’ll keep this in mind next time. oig.justice.gov/reports/2018/o…
One more piece of (personal) commentary — which you should treat as pure speculation. But: when professional exploit devs tell a government customer that they have 90% of an exploit (chain), that means they already have a very high confidence that things will work.
You’re not in the “gosh let’s start fuzzing” stage of the work. You’re polishing and trying to get things stable.
But I’m just a cryptographer. What do I know. My exploits always work. :)
God. This makes the FBI look so bad.
One of the things I will say about this Apple v. FBI OIG report: there are good, honest people inside the FBI (and in their outside vendors), who genuinely thought this was about investigating a crime — and not about setting a dubious legal precedent.
To those people: thank you. Seriously, thank you.

Also, mysterious outside vendors: let’s get a drink sometime. You’re buying, though.
Missing some Tweet in this thread?
You can try to force a refresh.

Like this thread? Get email updates or save it to PDF!

Subscribe to Matthew Green
Profile picture

Get real-time email alerts when new unrolls are available from this author!

This content may be removed anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

More from @matthew_d_green see all

Profile picture
We’re talking about SIMON/SPECK and things just got real.
The government is shut down so we can literally say anything we want about NSA ciphers. It’s getting kind of dark.
I cannot possibly share on Twitter how spooky the delivery of this talk is. I feel like any minute the speaker is going to show us a dead body.
Read 12 tweets
Profile picture
The Facebook stablecoin (if it works, scales, gets deployed and adopted by non-Facebook companies, doesn’t get regulated into dust) is going to be a massive game-changer for the financial services industry. Fight me.
Hell, even if Facebook is able to make a credible run at deploying the thing, it will give them huge leverage with their banking relationships. No more closed (to FB) instant networks like Zelle, reduced transaction fees, etc.
Summary of the comments: (1) a bunch of people seem to think asset-backed stablecoins won’t be allowed by regulators, or that people won’t use/trust them. That horse has already bolted. google.com/amp/s/www.coin…
Read 5 tweets
Profile picture
The theory, for what it’s worth, was that the big brand name services would behave better than the fly-by-night shady data brokers. Much as CVS is perceived as less likely to put Fentanyl into your medicine than, say, the drug dealer on the corner.
The sole redeeming feature of the centralization of the web was supposed to be improved data handling. Better security and oversight of partners (like ad networks etc.) Instead we got Facebook treating your data the way a teenager treats a house when the parents go out of town.
The Facebooks and Googles would do this voluntarily, in part because it’s smart business — don’t give away the store. But mostly because it’s way easier for governments to target them with punitive regulations.
Read 4 tweets

Related threads

Profile picture
FBI email chain may provide most damning evidence of FISA abuses yet thehill.com/hilltv/rising/…
Just before Thanksgiving, House Republicans amended the list of documents they'd like President Trump to declassify in the Russia investigation. With little fanfare or explanation, a string of emails between the FBI and the DOJ was added to their wish list.
The targeted documents may provide the most damning evidence to date of potential abuses of the Foreign Intelligence Surveillance Act (FISA), evidence that has been kept from the majority of members of Congress for more than two years.
Read 13 tweets
Profile picture
The #FBI is turning 110! Follow along as we remember 11 decades in 11 days. Today we will highlight some of our milestones and significant cases from the early 2000s. #FBI110
In 2000 the #FBI's first Regional Computer Forensics Laboratory opened in San Diego. Today RCFLs across the country provide law enforcement agencies with technical support and training in support of criminal investigations. #FBI110 rcfl.gov
In 2001, following the 9/11 terrorist attacks, the #FBI dedicated 7,000 of its 11,000 Special Agents and thousands of support personnel to the PENTTBOM investigation. It remains the largest investigation in FBI #history. #FBI110 ow.ly/6tFt30l6Z8R
Read 12 tweets
Profile picture
#WeThePeople demand #TheColdCasePosse investigation file on #BarrySoetoro #ForgedDocuments be reviewed by @TheJusticeDept @JusticeOIG.

#Obama #Brennan began spying on #Arpaio #Trump B4 2012 election when #ForgedDocsInvestigation began
1. When @RealSheriffJoe #Arpaio started #ColdCasePosse 2 investigate #Obama #ForgedDocs, #Brennan made deal w/ Obama. He spied on @realDonaldTrump & #Arpaio if Obama would make him #CIADir. That digital spy data still exist. That is what Brennan knows #Mueller has 4 #PerjuryTrap.
2. #Brennan & #Obama used illegal surveillance data 2 create #ParallelCaseConstruction against @realSheriffJoe #Arpaio & that is how they prosecuted him.
Brennan threat2 @realDonaldTrump on Apr27 2 "StayTtuned" is what he knows from that illegal spying that no else should know.
Read 10 tweets
Profile picture
#POPQUIZ What Do Boston Bombings, San Bernardino and Pulse Nightclub have in common?
✅ FBI knew all the suspects BEFORE
#McCabe was in charge of the NSB during all of them.
Oh and that department is also in charge of cyber security👁‍🗨
Today we learned #OmarMateen’s Father worked for the FBI which is crazy because David Hogg’s father worked there as well and they’re both in Florida #blinditem
Did you know #OmarMateen was financially supported by his Dad, how much was #FBI paying Seddique Mir Mateen? #PulseNightclubShooting
Read 5 tweets
Profile picture
San Bernardino County @SupervisorRamos announced his intention to run for CA 40th Assembly District on February 9, 2018. James Ramos is a Democrat, a tribal leader, businessman and currently serves as San Bernardino's 3rd County Supervisor

sbsun.com/2018/02/09/its…
Where is California's 40th State Assembly District? It contains most of Rancho Cucamonga & San Bernardino, as well as Highland, Loma Linda & Redlands.
CA 40th District Assemblyman @MarcSteinorth (R-Rancho Cucamonga) won't be seeking re-election. He narrowly survived a challenge by @AbigailMMedina, in 2016 with a mere 2000 votes. He will be running to replace @JanRutherfordCA for 2nd County Supervisor.

sbsun.com/2018/03/02/inl…
Read 4 tweets
Profile picture
#FBI MADE BEST BUY'S GEEK SQUAD PAID INFORMANTS |..who routinely searched customers computers for "illegal" material ocweekly.com/news/fbi-used-…
⤴️Best Buy & FBI
— in May 2017 Judge Carney ruled the warrant to search Dr. Rettenmaier's home was based on "false & misleading statements". The judge's ruling left many of the case's troubling issues unresolved, but seemed to validate the use of Geek Squad by FBI.
⤵️🔗's
⤴️Judge throws out tainted fruit
— this case revealed a vast conspiracy (call it what it is) between the FBI & Best Buy to scan ppl's hard drives for illicit digital substances. Including bounties & targeted citizen lists. The judge threw out warrant because FBI lied.
⤵️🔗's
Read 9 tweets

Trending hashtags

#TheLightIsComing #GunControl #PulseNightclub #CPAC2018 #Whistleblowers #dc #NeverGetOurGuns #MuellerProbe #Ivanka #WERKforConsent #loyalty #MuslimBrotherhood #Solntsevskaya #FusionCenters #Sapir #weaponized #ResignSheriffIsrael #VisitTheUSA #Treasonous #Flynn #america #Britain #DACA #FBI #FISADeclassification

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member and get exclusive features!

Premium member ($3.00/month or $30.00/year)

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!