I'm a Bachelor of Science.
398 stories
·
36 followers

After Replacing FBI Devices Two Times, the Bureau Still Fails to Collect 10% of Agent Text Messages

1 Share

Today, DOJ’s Inspector General released its report on the efforts it made to restore all of Peter Strzok and Lisa Page’s text messages. The report is actually better used to illustrate how, three years into beginning to respond to its failures to collect all of the texts sent or received using FBI issued phones, and after twice upgrading the phones Agents get issued, it still fails to retain 10% of texts that Agents send and receive.

With regards to Strzok and Page, the report describes the efforts it made to obtain all their texts, which includes:

  • Obtaining both the Samsung (Galaxy 5, then Galaxy 7) phones they used during this period, as well the iPhones issued for their brief stint in Mueller’s office, the latter of which neither appears to have used
  • Using the existing collection tool, which included big gaps for key periods of interest
  • Asking DOD’s Computer Forensic Lab for help
  • Searching the Enterprise database, which found a bunch more texts, for reasons no one could explain
  • Hiring an outside Android consultant, who found 62 additional text messages

The upshot is, FBI doesn’t know whether they recovered all Strzok and Page’s texts, and doesn’t know why they didn’t, if in fact they didn’t.

And we’re only learning this because the two of them decided to conduct an extramarital affair on their FBI-issued devices while serving on the two most high profile investigations in recent FBI history.

Which raises the question: is this also true for Agents investigating defendants without the clout of Hillary Clinton or Donald Trump? If necessary, would the FBI be able to find their texts?

The answer is, maybe not.

Here’s what this report says about FBI’s retention rules, generally.

First, important texts are retained by policy, not (technologically-assisted) procedure. So the country’s premier law enforcement agency ensures that important law enforcement related texts are retained by saying anything covering these topics must be retained.

  • Factual information about investigative activity
  • Factual information obtained during interviews or interactions with witnesses (including victims), potential witnesses, experts, informants, or cooperators
  • Factual discussions related to the merits of evidence
  • Factual information or opinions relating to the credibility or bias of witnesses, informants and potential witnesses; and
  • Other factual information that is potentially discoverable under Brady, Giglio, Rule 16 or Rule 26.2 (Jencks Act)

But it’s up to the Agents to do that. And if they don’t for some reason, they’re instructed to ask the Enterprise Security Operations Center if they retained them. But the ESOC is not mandated to retain texts. They happen to, but it’s not tied to any mandate to retain substantive communications required to be saved by policy.

The ESOC has a tool, by a vendor whose name may not even appear in redacted form in this report, that “wirelessly collect[s] text messages sent to or from FBI-issued mobile devices.”

As the FBI’s response to this report reveals, the Bureau has known for some time that that tool didn’t collect everything, because they’ve told the OIG that on two prior occasions.

Prior to the OIG’s investigation into the FBI’s actions in advance of the 2016 election, during at least two unrelated investigations, one of which dates back to 2015, the FBI made the OIG aware of gaps in FBI text message collection capabilities.

As DOJ IG was trying to puzzle through why they couldn’t find all of Strzok and Page’s texts, the unnamed vendor got squirrelly when asked how the retention tool interacts with administrative privileges.

Upon OIG’s request, ESOC Information Technology Specialist [redacted] consulted with the FBl’s collection tool vendor, who informed the FBI that the collection application does not write to enterprise.db. [Redacted] further stated that ESOC’s mobile device team and the vendor believed enterprise.db is intended to track applications with administrative privileges and may have been collecting the logs from the collection tool or another source such as the Short Message Service (SMS) texting application. The collection tool vendor preferred not to share specific details regarding where it saves collected data, maintaining that such information was proprietary; however, [redacted] represented that he could revisit the issue with the vendor if deemed necessary.

Maybe it’s me, but I find it pretty sketchy that this unnamed collection tool vendor doesn’t want to tell the FBI precisely what they’re doing with all these FBI Agents’ texts. “Proprietary” doesn’t cut it, in my opinion.

In any case, the FBI started trying to fix the problem, starting in 2016. At the time they started, they were losing 20% of the texts sent and received. After two upgrades of Samsung phones and a fix to a “bug” later, they’re still not collecting 10%.

During calendar year 2017, the FBI phased out use of the Samsung Galaxy S5 devices by its employees and replaced them with Samsung Galaxy S7 devices because of software and other issues that prevented the data collection tool from reliably capturing text messages sent and received via FBI issued Samsung Galaxy SS mobile devices. According to FBl’s Information and Technology Branch, as of November 15, 2018, the data collection tool utilized by FBI was still not reliably collecting text messages from approximately IO percent of FBI issued mobile devices, which included Samsung S7s and subsequently issued S9s. By comparison, the estimated failure rate of the collection tool was 20 percent for the Samsung S5s.

The FBI’s tech folks provided these explanations for why the tool by the unnamed vendor still doesn’t work.

  • In calendar year 2016 the collection application vendor reported a “bug” in a version of the collection tool which caused the application to stop collecting text message or log data- This application version was replaced by a newer version that corrected the issue in March 2017.
  • Errors during the initial installation of the collection application, such as misconfiguration during setup.
  • Errors in the collection application’s ability to send text message data caused by software updates or operating system updates on the mobile device itself.
  • Hardware errors, such as the device not being powered on, being located in a poor cellular signal area, or being located in an area with no cellular service.

Among the other excuses FBI offers for implementing a fix to a 20% failure with one that still results in a 10% failure is to say, “complete collection of text messages is neither required nor necessary to meet the FBI’s legal preservation obligations” (which goes back to how they’re requiring retention via policy, but not technologically-assisted procedure). The FBI also says that it “is not aware of any solution that closes the collection gap entirely on its current mobile device platforms,” which makes me wonder why they keep buying new Samsungs if the Samsungs aren’t serving their needs? Aside from the question of why we’d ask FBI Agents to use less secure Korean phones rather than more secure American ones (note, Mueller’s team is using iPhones)?

This story, like so many with the hoaxes that Republicans have ginned up to try to delegitimize the Mueller investigation, seems to be the big story, not what Strzok and Page sent themselves two years ago (the IG Report concluded the non-discoverable texts did not cover one subject area, so weren’t by themselves suspect, and doubted either Strzok or Page had the technical capability to selectively destroy only incriminating texts).

The FBI is an agency that routinely demands that people respond to subpoenas by pulling all the relevant texts on a given subject. If you were to fail, they would be at least consider whether your failure to do so amounted to obstruction. But they don’t guarantee they would be able to meet that same standard — they’re happy with their 10% failure rate, apparently.

And while it is an interesting topic for Strzok and Page and Donald Trump’s attempts to claim Witch hunt! it’s the instances where criminal defendants are asking the FBI to search for relevant texts among agents (in just one example, MalwareTech asked the FBI for texts between Agents surveilling and then arresting him in Las Vegas, but got nothing) that I care about. Because if you only aspire to 90% retention, and if you attribute any failure to do better to an individual Agent’s failure to meet a policy (but how would you prove it, if the point is that a given text no longer exists to be discovered?), then you’re pretty much ensuring that you can’t fully comply with discovery requests from defendants.

Apparently, the FBI seems okay with that.

Read the whole story
benzado
1 day ago
reply
New York, NY (40.785018,-73.97
Share this story
Delete

Today in Headlines I Never Thought I’d See

1 Comment
Read the whole story
benzado
1 day ago
reply
Hey, Kevin Drum is a Newsblur user!
New York, NY (40.785018,-73.97
Share this story
Delete

galacticism: brainstatic: brainstatic: I want a Santa movie where he’s actually Saint Nicholaos of...

1 Comment

galacticism:

brainstatic:

brainstatic:

I want a Santa movie where he’s actually Saint Nicholaos of Myra. Three kids run away from home and find a portal to the Council Of Nicaea in 325 AD. Then the kids watch him debate the promulgation of canon law. In the end they return home and tell their parents that presents aren’t important so long as Pentecost is counted 50 days after Easter on the Roman solar calendar and not the Jewish lunar calendar.

And the kids tell their parents the whole story and the dad is like “those kids and their imaginations.” But then he sees a piece of paper in the dog’s mouth and goes “whatcha got there boy? Is that…orders from the Holy See that the schismatic bishop Meletius is to remain in Lycopolis and keep his episcopal title but the ecclesiastics ordained by him must again receive the laying of hands? But…how?” And then he gazes off to the sky and you hear a light jingling of bells and then a voice over goes “Ho ho ho! The baptisms performed by the Paulian heretics are invalid! Merry Christmas!”

@apocrypals

Read the whole story
benzado
5 days ago
reply
LOL
New York, NY (40.785018,-73.97
Share this story
Delete

Centered

1 Comment and 2 Shares
Someone on the twitter box put the political press's view of Republicans well: they're always the protagonists of the story. They can be up, down, good, bad, evil, but they're still always the main characters of the story. It is their fortunes that the reader/reviewer is made to care about, love them or hate them. It is their fortunes which are tied up, by implication, with the fortune of the country itself.

When Democrats win, the focus remains on Republicans. Obama did manage to break through this, some, but not nearly as much as he should have, especially when Democrats ran everything for two years and the heroes of the story were...the Tea Party.
Read the whole story
benzado
9 days ago
reply
Case in point: the House Democrats had a press conference last week to announce what they plan to introduce as H.R. 1 for this Congress. The only place I found the video on YouTube was some sketchy re-posting channel. None of the major networks even carried clips.
New York, NY (40.785018,-73.97
skorgu
9 days ago
reply
Share this story
Delete

The Iffy Science of Ancestry DNA

1 Share

Here’s yet another story based on reconciling our individual beliefs about our ethnic or racial identity with the results of DNA testing. It’s a good piece, with several twists. (I won’t give away the surprises.) But it does get at an issue I’ve thought about a lot as an historian and just as a lay person interested in science. Put simply, what if the report about your ancestry just isn’t true?

We can pose this question at a few different levels. All good science is tentative and subject to refinement and disproof. Go back a century and all sorts of things that were believed to be true we now know are not true. Or, more cautiously, our best science now says they’re not true.

This kind of radical doubt is probably too absent from the our view of the world we live in. But that’s not mainly what I’m talking about. I’m quite confident that the basic outlines of DNA science are accurate in our basic understanding. If you take a DNA test and it says you’re not biologically related to your parents, that’s very, very hard science behind the determination, assuming the tests are done correctly. Same with forensic tests that say your DNA is at the crime scene. But using DNA to say where your ancestors are from is a much, much more speculative enterprise. And the testing companies do not make this nearly clear enough.

These ascriptions are based in large part to comparing your DNA with the DNA of other people who seem to have good documentary evidence that they have ancestors that go centuries back in a particular geographic region. So your DNA says 50% of your ancestors come from South Italy because other people who have strong historical or genealogical documentation of that ancestry have DNA that looks a lot like yours.

That’s not a bad methodology. If you get enough samples, outliers should get sifted out. You should end up with fairly good evidence of ancestry in a particular region. But as you can see, there’s a strong non-hard-science (more historical and documentary) bedrock under a lot of the science of how testing companies use DNA to tell you where you’re from. This evidentiary problem amplifies dramatically if your ancestors aren’t from Europe, since most of the data companies are operating from databases made up mostly of people whose ancestry is from Europe. The article I reference above notes one change that one of the big heritage/DNA testing companies recently made in methodology and datasets that led to dramatically different reports about ancestry for the same DNA samples.

There’s an entirely different problem. Much of the DNA companies’ ancestry methodology is based on the idea that until a few centuries ago, people largely stayed more or less in the same place. Actual history says that’s probably not true, though there’s a lot of debate on this point. South Italy was heavily colonized by people from Greece. Later all of Italy had massive and constant imports of slaves from throughout the Mediterranean world and beyond. The story gets less and less clear the more you dig into it. But let’s stick with the clearest problem with these tests, they involve a lot more uncertainty than they let on and that uncertainty gets dramatically amplified if your ancestors aren’t mainly from Europe.

Scientists and historians using DNA to map history and historical migrations work with archeological DNA increasingly. So not someone who we think has ancestors in the Netherlands going back centuries but the DNA of someone who we know from carbon dating died and was buried near Utrecht in 100 AD.

I raise all this because we’re all used to stories about people who had this or that understanding about their ancestries and then learn the ‘truth’ from a DNA test. If it’s a white nationalist who finds out he has some African ancestry well sick-burn! But other people who choose not to believe their results for less dramatic reasons are similarly written off as denialists. But they may be closer to the truth than we’d like to admit. Relatedly, it’s almost a cliche now when someone finds out about some unknown part of their genealogy and then goes on some quest to find out about their Egyptian or Georgian or Polish past. Except maybe that’s just a quirk of the imperfect data models that will be shifted in a couple years.

Our best guide is always science, even though it’s in a constant process of revision. But when science is wrapped up in commerce and marketing, we need to be a lot more skeptical. I don’t say any of the above to mean that these reports are worthless. They’re likely mostly accurate. But we shouldn’t give them the imprimatur of certainty, the certainty that unsettles identities. The science just doesn’t back that up.

Read the whole story
benzado
10 days ago
reply
New York, NY (40.785018,-73.97
Share this story
Delete

A Republican Party Server Was Hacked in April. Oddly, Though, Nothing Was Leaked.

1 Comment and 2 Shares

From Politico:

The House GOP campaign arm suffered a major hack during the 2018 election, exposing thousands of sensitive emails to an outside intruder, according to three senior party officials. The email accounts of four senior aides at the National Republican Congressional Committee were surveilled for several months, the party officials said. The intrusion was detected in April by an NRCC vendor, who alerted the committee and its cybersecurity contractor. An internal investigation was initiated and the FBI was alerted to the attack, said the officials, who requested anonymity to discuss the incident.

….None of the information accessed during the hack — thousands of emails from senior NRCC aides — has appeared in public, party officials said. And they said there were no attempts to threaten the NRCC or its leadership during the campaign with exposure of the information.

INCOMPETENT DEFENSES! EMBARRASSING TO GET HACKED LIKE THIS. EVERYONE IS SAYING DEM CYBERSECURITY MUCH BETTER.

WHY WASN’T PAUL RYAN NOTIFIED? COVERUP!

WHERE’S THE SERVER? WHY WON’T REPUBLICANS HAND IT OVER TO THE FBI? HAS IT BEEN ACID WASHED?

NO EMAILS LEAKED? DID NRCC MAKE DEAL WITH WIKILEAKS AND ASSANGE? MAYBE!

TOTAL DISGRACE THAT WE’RE ONLY HEARING ABOUT THIS 8 MONTHS AFTER IT HAPPENED!!!

HUGE $$$ PAID TO GOP LOBBYING FIRM TO INVESTIGATE HACK BUT NO RESULTS! WHAT ARE THEY HIDING?

Read the whole story
skorgu
10 days ago
reply
I vaguely recall a lot of email experts having strong opinions in 2016, I wonder where they all are now?
benzado
11 days ago
reply
New York, NY (40.785018,-73.97
Share this story
Delete
Next Page of Stories