The Other Side of Security and Privacy

The Other Side of Security and Privacy

August 28

Privacy and security have been ongoing concerns here on the Recovery Zone, but for the most part we’ve discussed ways to protect you and your data. We haven’t yet touched on the reality of how advances in technologies and best practices are aiding criminals in hiding their illegal actions from law enforcement agencies.

In July 2014, the Administrative Office of the U.S. Courts released its annual Wiretap Report, which led to a flurry of articles and blog posts discussing its significance. Andy Greenberg of Wired reported that state police failed to break encryption technologies on a record number of cases in 2013. And Washington Post reporter Ellen Nakashima wrote about the problems Federal intelligence and law enforcement agencies face when running wiretaps on suspects who use online communication services.

Nakashima explains:

One former U.S. Official claims each year “hundreds” of individualized wiretap orders for foreign intelligence are not being fully executed because of a growing gap between the government’s legal authority and its practical ability to capture communications … Officials have expressed alarm for several years about the expansion of online communication services that — unlike traditional and cellular telephone communications — lack intercept capabilities because they are not required by law to build them in [emphasis mine].

A number of encryption technologies are frustrating law enforcement, most notably P2P calling and messaging services and “Dark Nets” like Tor and Freenet that let users browse, share, chat, and publish on the web anonymously.

In a recent post, digital forensic researcher and lecturer Joshua James explains why these types of P2P-based services are becoming the bane of law enforcement:

[They] take advantage of two things that also make the Internet work. First, [they] uses [p]ublic IP addresses to connect other computers that are also running the program. This means that a computer is connected to several other computers on the network.

Even Apple’s popular iMessage app has created problems for law enforcement. In an April 2013 CNET story, reporters Declan McCullagh and Jennifer Van Grove discuss how iMessage communications can trip up Federal surveillance efforts:

The DEA says that “iMessages between two Apple devices are considered encrypted communication and cannot be intercepted, regardless of the cell phone service provider.” But, if the messages are exchanged between an Apple device and a non-Apple device, the agency says, they “can sometimes be intercepted, depending on where the intercept is placed.

But are law enforcement – and the people who report on them – overstating the problem? T. Rob Wyatt of IoPT Consulting thinks so. Wyatt wrote in December 2013 that most Internet traffic is completely transparent, causing encrypted traffic to stand out “like fluorescent dye under UV light.”

Even though the content can’t be read, knowing from where it originates and to where it ends up is valuable intel. It reveals the topology of relationships and provides context…A perfect example was the recent case of Harvard Student Eldo Kim who sent the school an anonymous bomb threat in order to get out of his final exams. He sent the threat using the anonymous Guerilla Mail service, which he accessed using TOR. He was caught almost instantly.

Others, meanwhile, wonder if government intelligence and law enforcement are placing too much focus on encryption technologies. The first person who commented on Nakashima’s story, “Moderator1,” wrote:

So what about those criminals who perpetrate their crimes that don’t use the phone or the Internet? The mafia hasn’t used the phone for decades.

Next week I’ll go into more detail about the challenges that law enforcement faces when fighting cybercrimes…