From Trump’s Mar-a-Lago to Facebook, a National Security Crisis in the Open

Via The New York Times:

President Trump and his top aides coordinated their response to North Korea’s missile test on Saturday night in full view of diners at Mr. Trump’s Mar-a-Lago resort in Florida — a remarkable public display of presidential activity that is almost always conducted in highly secure settings.

The scene — of aides huddled over their computers and the president on his cellphone at his club’s terrace — was captured by a club member dining not far away and published in pictures on his Facebook account. The images also show Mr. Trump conferring with his guest at the resort, Shinzo Abe, the Japanese prime minister.

Shortly before the club member, Richard DeAgazio, who joined Mr. Trump’s club recently, took the pictures, North Korea test-fired a ballistic missile into the sea off its eastern coast. Mr. DeAgazio posted his photographs to Facebook as the two leaders and their staff members reviewed documents and worked on their laptops, using cellphones as flashlights.

“HOLY MOLY !!! It was fascinating to watch the flurry of activity at dinner when the news came that North Korea had launched a missile in the direction of Japan,” Mr. DeAgazio wrote later on Facebook, describing how the two leaders “conferred and then went into another room for hastily arranged press conference.”

“Wow…..the center of the action!!!” Mr. DeAgazio wrote in the post. The scene at Mar-a-Lago was first reported by CNN. Mr. DeAgazio did not respond to a call seeking comment.

President Trump at Mar-a-Lago in Palm Beach, Fla., on Saturday. He and his aides coordinated a national security response there in full view of diners instead of moving to a private location.

The fact that the national security incident played out in public view drew swift condemnation from Democrats, who said it was irresponsible for Mr. Trump not to have moved his discussion to a more private location.

“There’s no excuse for letting an international crisis play out in front of a bunch of country club members like dinner theater,” Representative Nancy Pelosi of California, the Democratic leader in the House, wrote onTwitter.

Senators Sheldon Whitehouse of Rhode Island and Tom Udall of New Mexico, Democrats who have called for Mr. Trump’s club to release a list of its members, denounced the president on Monday for discussing the North Korean missile launch in the open.

“This is America’s foreign policy, not this week’s episode of ‘Saturday Night Live,’” the senators said in a statement. “We urge our Republican colleagues to start taking this administration’s rash and unprofessional conduct seriously before there are consequences we all regret.”

Republican senators also seemed puzzled by the president’s actions. Senator Marco Rubio, Republican of Florida, said, “Usually that’s not a place where you do that kind of thing.” Senator John McCain, Republican of Arizona, could barely find words. “Can’t make it up,” he said.

Michael J. Morell, a former acting C.I.A. director under President Barack Obama, said, “Every president with whom I have worked would have gone to a private room to have what was potentially a classified discussion.”

Mr. Trump was at his Mar-a-Lago resort in Palm Beach, Fla. — known casually as the Winter White House — for a get-to-know-you weekend with Mr. Abe, including time with the prime minister on the golf course and dinners with their spouses.

Around 8 p.m. on Saturday, the two leaders appeared for a brief photo-op together at the main entrance to the resort. Mr. Trump ignored a shouted question from a reporter about the North Korean missile test, which had occurred about an hour earlier.

The president and his guests dined at the resort’s restaurant during the next two hours, eventually providing the flurry of national security activity that Mr. DeAgazio captured.

Around 10:30 p.m., Mr. Trump and Mr. Abe made short statements to a small group of reporters brought to a separate room in the resort.

Sean Spicer, the president’s press secretary, told reporters at the White House that Mr. Trump and Mr. Abe had not reviewed classified material on the resort’s patio.

Mr. Spicer said the president was briefed about North Korea in a secure location on the property. It is against the law for officials to be handling classified materials in a nonsecure setting.

Mr. Spicer said Mr. Trump and his aides were reviewing “news conference logistics” about the North Korean missile test.

But national security veterans of past administrations still expressed surprise that Mr. Trump and his staff would not have excused themselves to be able to have candid conversations about the North Korean situation and to review sensitive or classified documents.

Discussions about how to respond to international incidents involving adversaries like North Korea are almost always conducted in places that have high-tech protections against eavesdropping, like the White House Situation Room.

When presidents are away from the White House, they often conduct important business in a Sensitive Compartmented Information Facility, or SCIF, a location that can be made temporarily impervious to eavesdropping.

Much more here.

Trump declines to read the President’s Daily Brief

The perfect quote of the day, :

You know, I’m, like, a smart person. I don’t have to be told the same thing in the same words every single day for the next eight years.

— President Elect Donald Trump, who apparently believes it is below his standing to read the President’s Daily Brief. No one who is a “smart person” would respond like an idiot. In addition, as President, he should personally be involved in security issues and not dump the effort to his Vice President-Elect. America deserves better.

Too understand President’s Daily Brief, take a look at this article..

Obama administration works with foreign governments allowing them to serve warrant on US firms

Via The Wall Street Journal:

The Obama administration is working on a series of agreements with foreign governments that would allow them for the first time to serve U.S. technology companies with warrants for email searches and wiretaps—a move that is already stirring debates over privacy, security, crime and terrorism.

Brad Wiegmann, a senior official at the Justice Department, discussed the administration’s efforts during a public forum on Friday at a congressional office building in Washington, D.C. The first such agreement is being assembled with the U.K., he said.

Word of the plans came one day after a federal appeals court ruled that federal warrants couldn’t be used to search data held overseas by Microsoft Corp., dealing the agency a major legal defeat.

* * *

Under the proposed agreements described by Mr. Wiegmann, foreign investigators would be able to serve a warrant directly on a U.S. firm to see a suspect’s stored emails or intercept their messages in real time, as long as the surveillance didn’t involve U.S. citizens or residents.

Such deals would also give U.S. investigators reciprocal authority to search data in other countries.

“They wouldn’t be going to the U.S. government, they’d be going directly to the providers,’’ said Mr. Wiegmann. Any such arrangement would require that Congress pass new legislation, and lawmakers have been slow to update electronic privacy laws.

* * *

Greg Nojeim, a privacy advocate at the Center for Democracy and Technology, criticized the plan. He said it would be “swapping out the U.S. law for foreign law’’ and argued that U.K. search warrants have less stringent judicial protections than U.S. law.

British diplomat Kevin Adams disputed that, saying the proposal calls for careful judicial scrutiny of such warrants. Privacy concerns over creating new legal authorities are overblown, he added.

“What is really unprecedented is that law enforcement is not able to access the data they need,’’ Mr. Adams said. The ability to monitor a suspect’s communications in real time “is really an absolutely vital tool to protect the public.’’

This is simply outrageous and continues a very disappointing Obama administration effort to breach privacy around the world.

Some good news on the privacy front

Reuters is reporting that the  Burr/Feinstein draft legislation to require backdoors in otherwise strong encryption will not proceed.

After a rampage that left 14 people dead in San Bernardino, key U.S. lawmakers pledged to seek a law requiring technology companies to give law enforcement agencies a “back door” to encrypted communications and electronic devices, such as the iPhone used by one of the shooters.

Now, only months later, much of the support is gone, and the push for legislation dead, according to sources in congressional offices, the administration and the tech sector.

Draft legislation that Senators Richard Burr and Dianne Feinstein, the Republican and Democratic leaders of the Intelligence Committee, had circulated weeks ago likely will not be introduced this year and, even if it were, would stand no chance of advancing, the sources said.

Key among the problems was the lack of White House support for legislation in spite of a high-profile court showdown between the Justice Department and Apple Inc over the suspect iPhone, according to Congressional and Obama Administration officials and outside observers.

“They’ve dropped anchor and taken down the sail,” former NSA and CIA director Michael Hayden said.

EFF files suit against Justice Department

The Electronic Frontier Foundation has announced it filed a suit against the Justice Department over whether the Department ever required private companies to decrypt consumer’s private information.

The Electronic Frontier Foundation (EFF) filed a Freedom of Information (FOIA) lawsuit today against the Justice Department to shed light on whether the government has ever used secret court orders to force technology companies to decrypt their customers’ private communications, a practice that could undermine the safety and security of devices used by millions of people.

The lawsuit argues that the DOJ must disclose if the government has ever sought or obtained an order from the Foreign Intelligence Surveillance Court (FISC) requiring third parties—like Apple or Google—to provide technical assistance to carry out surveillance.

The suit separately alleges that the agency has failed to turn over other significant FISC opinions that must be declassified as part of surveillance reforms that Congress enacted with the USA FREEDOM Act.

EFF filed its FOIA requests in October and March amid increasing government pressure on technology companies to provide access to customers’ devices and encrypted communications for investigations. Although the FBI has sought orders from public federal courts to create a backdoor to an iPhone, it is unclear to what extent the government has sought or obtained similar orders from the FISC. The FISC operates mostly in secret and grants nearly every government surveillance request it receives.

You can read the full complaint here.

The EFF is a terrific organization that deserves support. You can support their efforts on civil liberties by contributing here.

Wall Street Journal editorial slams the FBI over actions against Apple

The Wall Street Journal has published an editorial berating the actions of the FBI in connection with their claims about Apple’s encryption and the need for Apple help.

Excerpt:

The Justice Department and FBI insist the encryption debate is critical to national security, and they’re right. The problem is that—amid another terror attack in the West—they continue to supply more reasons to doubt their credibility and even basic competence.

* * *

In a shock filing the night before, Justice reported that over the weekend, apparently, “an outside party demonstrated to the FBI a possible method for unlocking Farook’s iPhone.” The FBI “has continued to research methods to gain access to the data stored on it. The FBI did not cease its efforts after this litigation began.” The legal proceedings are now thrown into limbo while the deus ex machina technique is tested.

This twist with double somersault is especially notable because DOJ has insisted for months that “the undisputed evidence is that the FBI cannot unlock Farook’s phone without Apple’s assistance,” as the department put it in a March 10 brief. The source code for the operating system is designed to reject programs that are not electronically “signed” by Apple, and thus “Apple alone” and “only Apple” can be commandeered, Justice argued.

* * *

In a democracy, the questions raised by encryption should be resolved by Congress, not by free-lancing judges. Those questions won’t vanish because the Apple case is on hold. Legislators could start by appointing a panel of expert arbiters who are more trustworthy than the FBI and Justice Department.

The FBI clearly never needed Apple’s help, at least to access this particular phone, but pushed ahead in an effort to try to set some sort of precedent requiring technology companies to either breach their own security and install backdoors and fight in court. Shameful.

Susan Crawford essay on Apple/FBI fight

Susan Crawford, a prominent Harvard legal scholar and Barack Obama’s former Special Assistant for Science, Technology, and Innovation Policy, has written an important essay that deftly shows that the FBI has no legal authority whatsoever  to force any phone manufacturer to make any changes at all to the manufacturer’s software and hardware.

The problem for the president is that when it comes to the specific battle going on right now between Apple and the FBI, the law is clear: twenty years ago, Congress passed a statute, the Communications Assistance for Law Enforcement Act (CALEA) that does not allow the government to tell manufacturers how to design or configure a phone or software used by that phone — including security software used by that phone.

CALEA was the subject of intense negotiation — a deal, in other words. The government won an extensive, specific list of wiretapping assistance requirements in connection with digital communications. But in exchange, in Section 1002 of that act, the Feds gave up authority to “require any specific design of equipment, facilities, services, features or system configurations” from any phone manufacturer. The government can’t require companies that build phones to come to it for clearance in advance of launching a new device. Nor can the authorities ask a manufacturer to design something new — like a back door — once that device is out.

The full article is worth a read.

The tide may be turning in favor of Apple over FBI

This is an interesting survey that seems to show people coming around to supporting strong encryption.

As the FBI and Apple continue to fight in court over whether the tech giant should help unlock a San Bernardino shooter’s iPhone, a new NBC News/Wall Street Journal poll shows Americans about evenly divided, with a slightly greater number backing the iThing maker.

Forty-seven percent of respondents said that Apple should not cooperate with a Justice Department request to build a piece of software that would bypass security features on Syed Farook’s iPhone 5C. Forty-two percent of those interviewed said Apple should cooperate with the request in the ongoing case.

The poll was conducted between March 3 and 6, and interviewed 1,200 registered voters. The margin or error was 2.83 percent.

And the New York Times reports the following:

Officials had hoped the Apple case involving a terrorist’s iPhone would rally the public behind what they see as the need to have some access to information on smartphones. But many in the administration have begun to suspect that the F.B.I. and the Justice Department may have made a major strategic error by pushing the case into the public consciousness.

Many senior officials say an open conflict between Silicon Valley and Washington is exactly what they have been trying to avoid, especially when the Pentagon and intelligence agencies are trying to woo technology companies to come back into the government’s fold, and join the fight against the Islamic State. But it appears it is too late to confine the discussion to the back rooms in Washington or Silicon Valley.

The fact that Apple is a major consumer company “takes the debate out of a very narrow environment — the universe of technologists and policy wonks — into the realm of consumers where barriers like the specific language of Washington or the technology industry begins to fall away,” said Malkia Cyril, the executive director of the Center for Media Justice, a grass-roots activist network.

* * *

Ms. Cyril says the public angst about the iPhone case feels more urgent than did the discussion about government surveillance three years ago.

“This is one of those moments that defines what’s next,” she said. “Will technology companies protect the privacy of their users or will they do work for the U.S. government? You can’t do both.”

And now the DOJ comes for WhatsApp

Via the New York Times:

WhatsApp, which is owned by Facebook, allows customers to send messages and make phone calls over the Internet. In the last year, the company has been adding encryption to those conversations, making it impossible for the Justice Department to read or eavesdrop, even with a judge’s wiretap order.

As recently as this past week, officials said, the Justice Department was discussing how to proceed in a continuing criminal investigation in which a federal judge had approved a wiretap, but investigators were stymied by WhatsApp’s encryption.

The Justice Department and WhatsApp declined to comment. The government officials and others who discussed the dispute did so on condition of anonymity because the wiretap order and all the information associated with it were under seal. The nature of the case was not clear, except that officials said it was not a terrorism investigation. The location of the investigation was also unclear.

* * *

In a twist, the government helped develop the technology behind WhatsApp’s encryption. To promote civil rights in countries with repressive governments, the Open Technology Fund,  which promotes open societies by supporting technology that allows people to communicate without the fear of surveillance, provided $2.2 million to help develop Open Whisper Systems, the encryption backbone behind WhatsApp.

Because of such support for encryption, Obama administration officials disagree over how far they should push companies to accommodate the requests of law enforcement.

DOJ mad at WhatsApp for using crypto, but US gov paid to develop the crypto WhatsApp uses. https://t.co/Dam4XgkezV pic.twitter.com/YrgTmN5se9

— Christopher Soghoian (@csoghoian) March 12, 2016

Encryption quote of the day

I firmly believe Obama is advocating the wrong set of trade-offs. Our phones are either insecure, making life easier for law enforcement — or, our phones are secure, making life more difficult for law enforcement, rendering some potential evidence unobtainable. We don’t ban matches to prevent people from burning evidence. We don’t mandate weak locks to make it easier for the police to crack safes.

I keep thinking about a line from Orson Welles’s Touch of Evil: “A policeman’s job is only easy in a police state.

John Gruber

Obama opposes strong encryption

If, technologically, it is possible to make an impenetrable device or system, where the encryption is so strong that there is no key, there is no door at all, then how do we apprehend the child pornographer? How do we disrupt a terrorist plot? What mechanisms do we have available to do even simple things like tax enforcement? If in fact you can’t crack that all, if the government can’t get in, then everybody is walking around with a Swiss bank account in their pocket. There has to be some concession to the need to be able to get into that information somehow.

* * *

This notion that somehow our data is different and can be walled off from those other trade-offs we make, I believe, is incorrect

President Obama.  Of course, he fails to acknowledge that law enforcement has almost infinite ways to do their jobs, and that providing back doors to encrypted data, of all kinds, weakens our security greatly. And yet, he still claims that he supports civil liberties. And what the hell does his reference to a Swiss bank account. In addition, there is a strong division in government as a whole as to whether he is right.

Meanwhile, ex-CIA Director James Woolsey has spoken out on the issue.

Via 9to5mac:

Speaking with CNBC’s Squawk Box, former CIA director James Woolsey gave his personal thoughts on the FBI’s request to have Apple unlock an iPhone used by one of the San Bernardino killers. Telling CNBC that the last time he looked into the situation with care, the former CIA head said he felt as though the FBI was attempting to get a right to effectively decide what kind of operating system Apple would have. Stating it wasn’t about getting into one phone, but rather to change “an important aspect of Apple’s operating system.”

Woolsey explains that having worked with the FBI in the past, he has a great deal of admiration for them, but they are not “great telephone designers” and that he doesn’t “think that is their cache.” Woolsey shies away from directly stating he sides with Apple, but believes they are “generally in the right”, although he wouldn’t describe it in the same language Apple does.

* * *

When presented with the hypothetical that this phone may contain information on another terrorist cell operating within the country, Woolsey replies, “If one knew about a forthcoming terrorist threat and was trying to get information just about that from one phone, I don’t know that there would be a problem. That doesn’t seem to be what the bureau is asking for.” He believes that the FBI is asking for a restructuring of Apple’s operating system.

Apple secures litigation support from many tech firms

Yesterday, several tech firms filed a brief in support of Apple. The firms included Amazon.com, Box, Cisco Systems, Dropbox, Evernote, Facebook, Google, Microsoft, Mazilla, Nest, Pinterest, Slack, SnapChat, WhatsApp, and Yahoo. It is an amazing coalition of support, given the competition between the firms. It is clear that Apple and its supporters are ready to go the distance to stop the application of the All Writs Act to impair strong data encryption.

The full text of the brief can be found here.

And other tech firms joined in with their own briefs. In all over 40 companies and individuals filed more than a dozen briefs in support.

Update:

And more support for Apple comes from the top human rights official of the United Nations.

The top human rights official at the United Nations, Zeid Ra’ad al-Hussein, the United Nations high commissioner for human rights, warned the United States authorities on Friday that their efforts to force Apple to unlock an iPhone belonging to a gunman risked helping authoritarian governments and jeopardizing the security of millions around the world.

* * *

Mr. al-Hussein said that American law enforcement agencies, in seeking trying to break the encryption protecting one phone, “risk unlocking a Pandora’s box,” and that there were “extremely damaging implications” for the rights of many millions of people, with possible effects on their physical and financial security.

“A successful case against Apple in the U.S. will set a precedent that may make it impossible for Apple or any other major international I.T. company to safeguard their clients’ privacy anywhere in the world,” Mr. al-Hussein said in a statement. “It is potentially a gift to authoritarian regimes, as well as to criminal hackers.”