Sunday, 1 September 2024

The FBI's Exaggerated Claims of Going Dark: A Closer Look


 The FBI has often claimed that its ability to fight crime is being hampered by "going dark"—a term used to describe the challenges law enforcement faces when encrypted communications prevent them from accessing crucial evidence. According to former FBI Director James Comey on page 5 of the House Homeland Security Committee report titled: "Going Dark, Going Forward: A Primer on the Encryption Debate", “Going Dark” refers to the phenomenon in which law enforcement personnel have the “legal authority to intercept and access communications and information pursuant to court order,” but “lack the technical ability to do so.”

While encryption is an important tool for protecting privacy, the FBI's assertions of going dark have been criticized as exaggerated.

The FBI argues that encryption impedes investigations into serious criminal activities, from terrorism to child exploitation. They suggest that tech companies' refusal to create backdoors for law enforcement is creating a significant barrier to solving these crimes. This stance has fueled public debates and legislative efforts to mandate decryption capabilities.

However, critics argue that the FBI's claims are overstated. For one, there's little evidence that encryption has directly prevented major investigations. Many successful cases have been solved without requiring direct access to encrypted communications. One of such cases is the recent indictment of Seth Herrera for transportation, receiving and possession of child pornography.

According to Nate Anderson who writes for Ars Technica:

“I've never seen anyone who, when arrested, had three Samsung Galaxy phones filled with "tens of thousands of videos and images" depicting CSAM (child sexual abuse material), all of it hidden behind a secrecy-focused, password-protected app called "Calculator Photo Vault." Nor have I seen anyone arrested for CSAM having used all of the following: Potato Chat ("Use the most advanced encryption technology to ensure information security.") Enigma ("The server only stores the encrypted message, and only the users client can decrypt it.") nandbox [presumably the Messenger app] ("Free Secured Calls & Messages.") Telegram ("To this day, we have disclosed 0 bytes of user data to third parties, including governments.") TOR ("Browse Privately. Explore Freely.") Mega NZ ("We use zero-knowledge encryption.") Web-based generative AI tools/chatbots”

The indictment did not state in details exactly how Seth’s criminal activities were discovered. However, according to the indictment, Seth’s criminal conduct was finally uncovered after he tried to access a link containing apparent CSAM.  This link described CSAM  depicting  prepubescent  minor  females  around  the  same  age  as  Seth’s young daughter.

Anderson also observed that: “Presumably, this "apparent" CSAM was a government honeypot file or web-based redirect that logged the IP address and any other relevant information of anyone who clicked on it. In the end, given that fatal click, none of the "I'll hide it behind an encrypted app that looks like a calculator!" technical sophistication accomplished much.”

Despite Seth’s use of encrypted messaging applications such as Potato Chat, Enigma, nandbox, and Telegram, he was still found out by law enforcements presumably using honeypot file or web-based redirect that logged the IP address and any other relevant information of Seth Herrera when he clicked on it.

Therefore, Seth’s indictment clearly shows that in spite of the use of encryption messaging applications by criminals, there are still many other ways of unearthing their criminal activities without breaking encryption, therefore the “going dark” claim by the FBI can be said to be an exaggeration of the true state of affairs.

Also, the prosecution being cagey in the indictment, about exactly how the alleged criminal acts of Seth were discovered, reminds me of the Nigerian Police Force who, when announcing the arrest of some notorious criminals, would simply say they acted on "credible intelligence". They would rarely disclose the details of how and what was done that led to the arrest with the use of credible intelligence.

The going dark debate highlights a broader tension between national security and individual privacy. While it's crucial to support law enforcement in their efforts to combat crime, it's equally important to consider the potential risks of compromising encryption standards. Balancing these needs requires careful consideration and a nuanced approach to both technology and security policy.