Apple Vs FBI: We tried to help the FBI but someone changed phone's iCloud password

Sun Feb 21 10:02:06 PST 2016

Digitalfolklore wrote:
> remember the apartment was never secured...maybe the password was
> written down on the back of a receipt that got tossed out when the
> apartment was over run by press
>
> VH
>
Or something stoopid like that.

A few years ago when I was still writing news copy for an alt radio news
personality I was personally following the Waxman investigation into
Blackwater. Publicly over the Nisoor Square shooting, but they were
going to cover other issues behind closed doors such as Blackwater's
gun-running  (CPA Glocks w/o serial numbers to Turkish city crime gangs
for a start), which had been followed by McClatchy news service, and I
was using their copy on my blogger posts.

One morning, right before the hearings were about to begin, I was
checking my site counter and discovered a hit from PentagonMil on one of
those posts... What? Me worry?

But what followed next should disturbing to anyone who thought the feds
understood infosec or had someone on payroll who understands.

Apparently the person who viewed it first saved it to their desktop
complete with the site counter jscript, and the next few hits after
that, instead of showing a typical http path, showed the path through
pentagonmil to the desktop names of people the original viewer had
passed the page around to. The pentagon was letting my saved blog page
'phone home'. They hadn't blocked outgoing script action.

Pretty pitiful hunh?

RR
"Through counter-intelligence it should be possible to pinpoint potential trouble-makers ... And neutralize them, neutralize them, neutralize them"

>
>> -------- Original Message --------
>> Subject: Apple Vs FBI: We tried to help the FBI but someone changed
>> phone's iCloud password
>> Local Time: February 21, 2016 6:08 am
>> UTC Time: February 20, 2016 7:08 PM
>> From: Rayzer at riseup.net
>> To: cypherpunks at cpunks.org
>>
>> Transliteration... The feds tampered with the phone and apparently
>> fucked up their own investigation.
>>
>> > The idea was to force the iPhone 5C to auto-backup to Farookâs
>> > iCloud account. With a legal court order, Apple can and does turn over
>> > iCloud data. For some reason, Farook had not backed up the phone for
>> > roughly six weeks prior to the attack. The executive said Apple does
>> > not know whether the auto-backup was disabled or enabled, but he did
>> > say that the previous iCloud backups, which were handed over to
>> > investigators, were sporadic.
>> >
>> > Apple suggested that the FBI take the iPhone 5C, plug it into a wall,
>> > connect it to a known Wi-Fi network and leave it overnight. The FBI
>> > took the phone to the San Bernardino County Health Department, where
>> > Farook worked prior to the December 2, 2015 attack.
>> >
>> > When that attempt did not work, Apple was mystified, but soon found
>> > out that the Apple ID account password had been changed shortly after
>> > the phone was in the custody of law enforcement, possibly by someone
>> > from the county health department. With no way to enter the new
>> > password on the locked phone, even attempting an auto-backup was
>> > impossible. Had this iCloud auto-backup method actually functioned,
>> > Apple would have been easily able to assist the FBI with its
>> > investigation.
>> >
>> > The executive only revealed this detail to reporters now because it
>> > had thought it was under a confidentiality agreement with the
>> > government. Apple seems to believe this agreement is now void since
>> > the government brought it up in a public court filing.
>> >
>> http://arstechnica.com/tech-policy/2016/02/apple-we-tried-to-help-fbi-terror-probe-but-someone-changed-icloud-password/
>>
>>

-- 

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <http://lists.cpunks.org/pipermail/cypherpunks/attachments/20160221/f08f5e8b/attachment-0002.sig>