Profile picture
Matthew Green @matthew_d_green
, 15 tweets, 3 min read Read on Twitter
What the *hell*?

Allegedly the FBI had techniques that could have opened the San Bernardino iPhone, and withheld them — even while FBI leadership was testifying differently in front of Congress!?
The report doesn’t reach that conclusion by the way. Instead it finds that leadership may have testified even before it had fully engaged on finding a technical solution.
When I think back to *how much* publicity the FBI threw up around their inability to access this phone, and how the only option was for Apple to voluntarily weaken their systems, this looks shifty as hell.
Let’s go back to that testimony. Here is what the FBI Director said to Congress at the time.
Keep in mind that the testimony above occurred on March 1. While the effort to engage a contractor (who already had a 90% solution) was initiated on February 11.

The solution was found March 16 and a working demo of the tech was given on March 20.
The rest of the report is this long description of how various elements of the FBI were not properly engaged. When it seems to me that the real story what was happening is that FBI leadership was going on a full court legal/PR press that was totally disconnected from reality.
I don’t expect the FBI to have perfect internal communications all the time. Unless they’re making a massive, unprecedented request to Congress, the courts, and the American people. Then they don’t get to do things halfway.
So in summary: the FBI had been working diligently for years to defeat Apple’s encryption. When they went to war with Apple in the courts, their own agency had a solution in the works. But it didn’t change a word of their testimony or their assertions before the court.
Full document here. While it technically exonerates the FBI, it doesn’t exactly inspire confidence in the FBI’s credibility and attention to detail when it comes to matters of encryption policy.

Hopefully they’ll keep this in mind next time. oig.justice.gov/reports/2018/o…
One more piece of (personal) commentary — which you should treat as pure speculation. But: when professional exploit devs tell a government customer that they have 90% of an exploit (chain), that means they already have a very high confidence that things will work.
You’re not in the “gosh let’s start fuzzing” stage of the work. You’re polishing and trying to get things stable.
But I’m just a cryptographer. What do I know. My exploits always work. :)
God. This makes the FBI look so bad.
One of the things I will say about this Apple v. FBI OIG report: there are good, honest people inside the FBI (and in their outside vendors), who genuinely thought this was about investigating a crime — and not about setting a dubious legal precedent.
To those people: thank you. Seriously, thank you.

Also, mysterious outside vendors: let’s get a drink sometime. You’re buying, though.
Missing some Tweet in this thread?
You can try to force a refresh.

Like this thread? Get email updates or save it to PDF!

Subscribe to Matthew Green
Profile picture

Get real-time email alerts when new unrolls are available from this author!

This content may be removed anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member and get exclusive features!

Premium member ($3.00/month or $30.00/year)

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!