back to article FBI's flawed phone tally blamed on programming error. 7,800 unbreakable mobes? Er, um...

The FBI apparently gilded the lily in its long campaign against consumer cryptography, telling the world it held more locked phones than it did. At issue is the Feds' claim that it has seized 7,000 phones it can't crack because they're encrypted. FBI boss Christopher Wray upped the ante in December 2017, telling a …

  1. This post has been deleted by a moderator

  2. Richard 12 Silver badge

    Counting things that have unique IDs

    Oh my, that's so very difficult. So very difficult indeed.

    Perhaps we have found the cryptography "expert" the FBI used?

    1. Anonymous Coward
      Anonymous Coward

      Re: Counting things that have unique IDs

      It is, I tried counting bar coded sheep once, fell asleep.

      1. TRT Silver badge

        Re: Counting things that have unique IDs

        Baaaaa coded.

        1. Anonymous Coward
          Anonymous Coward

          Re: Counting things that have unique IDs

          Get ewe.

        2. Morten Kristiansen

          Re: Counting things that have unique IDs

          Count them using a lamb-baaa expression

      2. Alister Silver badge

        Re: Counting things that have unique IDs

        Are the Baaa codes lamb-inated?

        1. Lee D Silver badge

          Re: Counting things that have unique IDs

          Are those the ones that go "bleat, bleat, bleat" when you put them through the gate?

        2. Anonymous Coward
          Anonymous Coward

          Re: Counting things that have unique IDs

          @Alister

          They are, so people can't pull the wool over my eyes.

      3. TRT Silver badge

        Re: Counting things that have unique IDs

        The driver for that reader is embedded in the mint source.

  3. Milton Silver badge

    Is it significant ...

    ... that (so far as I'm aware) no one has been identified as the advisers who told FBI (and presumably also various idiot politicians on both sides of the Atlantic) that "good guys only" backdoors were feasible?

    Now of course you can understand why anyone wanting to keep a good name in this business might not want to admit they've been talking rubbish. Guys like Schneier will forensically dissect them and then stack the heads in the Hall of Infamy.

    But surely to heaven, if you're a US TLA wanting advice on crypto, the very first place to ask would be NSA? And whatever political BS that institution may sometimes feel it has to spout, it certainly has experts who will tell the Feds that GGOB just cannot be done. Hell, NSA more or less proved it for themselves over a decade ago.

    What I'm saying is that neither law enforcement, intel or politicians have any excuse not to be getting the very best advice there is. It simply makes no sense that even five years ago, Comey in the US (then FBI chief) and Theresa May (as HomeSec) in the UK were blethering about wanting GGOB—even if May is as ignorant as she appears, there are folks at GCHQ who could have had a timely, quiet word: "What you're asking is plain impossible."

    I have to wonder whether the fundamental problem is one of politics: we know that US and UK politicians are largely ignorant and dishonest, and maybe they choose to get advice only from people who tell them what they want to hear. Perhaps if you pipe up and say "Actually, Minister, that isn't strictly correct—" you get shown the door.

    Given that senior agency posts also tend to involve a lot of politics, perhaps that is why the FBI also repeats this shyte.

    Politics these days seems about as far from intellectual honesty as it's possible to get.

    1. CAPS LOCK Silver badge

      Re: Is it significant ...

      It's called 'expert shopping'. A minister, when they don't like what they hear from an expert in the area, will trawl for another expert with an opinion they like. There's always one to be found. Often academics.

    2. defiler Silver badge

      Re: Is it significant ...

      "What you're asking is plain impossible."

      If you tell them it's impossible, you don't get funds to try to make it work. And if you tell them that it's really, really hard then you get even more funds.

      These people have mortgages to pay and empires to build too, you know?

    3. Velv Silver badge
      Headmaster

      Re: Is it significant ...

      In what universe would a politician be interested in the truth or facts. All they want is buzzwords that the public want to hear so they get re-elected.

    4. Trigonoceps occipitalis

      Re: Is it significant ...

      I've asked this question before and not had a reply. Is there a peer reviewed paper out there that proves safe back doors are impossible?

      Until there is this nonsense will just run and run.

      1. onefang Silver badge

        Re: Is it significant ...

        "Is there a peer reviewed paper out there that proves safe back doors are impossible?"

        Considering that on the subject of encryption backdoors, our Prime Minister was widely reported as saying that Australian laws overrule the laws of maths, I don't think any such paper would make the slightest bit of difference. Not to mention various governments have tried to legislate a simpler value for Pi.

    5. Oengus

      Re: Is it significant ...

      we know that US and UK politicians are largely ignorant and dishonest, and maybe they choose to get advice only from people who tell them what they want to hear.

      What makes you think that this only applies to the UK and US. I thought this was a universal requirement for politicians...

  4. Christoph Silver badge

    The headline scary number is still too big

    Just because they can't unlock those phones doesn't mean that they all have useful information on them that can't be found any other way. They are still pushing the number as high as they can.

    1. chuckufarley

      Re: The headline scary number is still too big

      Did they swear to spread the FUD, the whole FUD, and nothing but the FUD? It seems that way to me.

  5. defiler Silver badge

    Left some numpty with Excel

    Used * instead of + somewhere...

    (No, not sum() - that's too clever.)

    1. Kane Silver badge
      Boffin

      Re: Left some numpty with Excel

      "Used * instead of + somewhere..."

      A1+A2+A3+A4+A5+A6+A7+A8+A9+A10+A11+A12+A13+A14+A15 etc, etc....

      (Yeah, I left in A1, cos you know they'll count the headers...)

  6. Tigra 07 Silver badge
    Big Brother

    Fuck right off...

    "it still wants a solution because “Going Dark remains a serious problem for the FBI, as well as other federal, state, local and international law enforcement partners."

    Did anyone else read this in a kinda "How dare you plebs dare to expect some privacy" way?

  7. Doctor Syntax Silver badge

    “approximately 7,800 mobile devices

    That word "approximately"; I do not think it means what you think it means.

  8. Spacedinvader
    Trollface

    ...an audit could take weeks...

    Surely they can find, hell, even a yank, that can count 1-2k phones in, oh, let's be generous, give them a whole day...?

    1. Whiskers

      Re: ...an audit could take weeks...

      They're probably not counting actual phones at all; rather, a mixed bag of paper and electronic records about phones that are not easily accessible (what with being 'evidence').

  9. Hans 1 Silver badge
    Joke

    News from Lagos

    Dear sir,

    Building a legal backdoor that is open only to law enforcement is very, very, very hard and will require substantive efforts to be made. It has to meet regulatory regulations [sic] in multiple jurisdictions across the globe. For a complete solution, we expect design, development, testing, and release to cost $500 000 (FIVE HUNDRED MILLION US DOLLARS) and take 2 years to deliver.

    Please provide us with $20 000 (TWENTY THOUSAND US DOLLARS) and our attached NDA, signed, in exchange of which we will provide you with a regulation-complying quote, including a cut-down of expenses and expected time-frame of delivery.

    Yours sincerely,

    Lagos Dev Club

    Senator Peter Lawless

    153, Lagos way

    Lagos

    Nigeria

    PS: the person and address data mentioned herein is fictions, for those who cannot parse the joke icon.

  10. kain preacher Silver badge

    Was any one shocked that the number was grossly inflated ? Saying we has 1-200 founds we can't crack does not get the same response as saying we have close to 8,000 phones.

  11. MOH

    That's not a very convincing explanation. Aside from being a vague "blame it on the computer", it fails on basic arithmetic.

    How exactly does counting between 1000-2000 items three times give you 7800?

    1. onefang Silver badge

      "How exactly does counting between 1000-2000 items three times give you 7800?"

      First count, 2000, second count 2000, third count 2000. 2000+2000+2000 = 6000. You are right, they must have counted them four times.

      We can't decrypt 7800 phones, would you believe it? No? Hmmm, would you believe 1000 to 2000? How about two cans and a lengthy bit of very tangled string? OK already, I still haven't figured out how to use my shoe phone.

    2. Mark 85 Silver badge

      Aside from being a vague "blame it on the computer", it fails on basic arithmetic.

      Blame this on the computer, blame other things on "not the computer" and I'll add "computers never make mistakes"... I wonder which argument they really believe*?

      *The probable answer is: "The one that gets us what today, tomorrow's "want" will be a different reason.

  12. Anonymous Coward
    Anonymous Coward

    I wonder how many will turn up missing during the audit. Who would trust these guys with the keys to a backdoor?

    1. Withdrawn

      Who would trust

      Forget trusting them with an audit...if they can't figure out how their counting function works, how can they figure out they've got the right device, or tied the data to the right "suspect"? Seems like these experts should not be allowed anywhere near "evidence" found through software.

  13. Alistair Silver badge
    Windows

    Sounds to me like the FBI may have hired an accountant for this that once worked for Enron.....

  14. herman Silver badge

    The problem is that the agents that had to count the phones ran out of fingers and toes to count on and then got very confused.

  15. Sureo

    MY guess the real number is between 10 and 20.

    FBI: end of the world as we know it

  16. Aedile

    If you start with "a significan number" and you cut it by 75% can you really still call what remins significant? If so, then at what point does it stop being a significant number?

  17. intrigid

    What difference does it make?

    Whether it's 7.8 million phones or 12 phones, shouldn't it be irrelevant? The debate should start and stop at constitutionality and technical feasibility; the imagined benefits to the FBI should not even rise to the level of an afterthought.

    1. Withdrawn

      Re: What difference does it make?

      This is how it goes nowadays. "Sources" make an unsubstantiated claim, and then everyone else in .gov and media ignore the demand for evidence and instead focus on driving opposing factions to argue over the minutia and whether or not it fits their political desires. Before you know it, months have gone by and people are arguing about how we should respond politically to something that no one has even demonstrated to have happened.

  18. Anonymous Coward
    Anonymous Coward

    The irony is that the FBI will imprison you for the same mistake.

    Misstating things like this to the FBI - even accidentally - can get you thrown in prison. To achieve even a modicum of fairness and proportionality, every single person at the FBI responsible for producing and promulgating this number should be convicted and thrown in front of a firing squad. Of course, the FBI doesn't give a flying fuck about fairness, proportionality, justice, or the US Constitution. They do care about things like anybody other than them meddling in US elections.

    1. Withdrawn

      Re: The irony is that the FBI will imprison you for the same mistake.

      Unless you've been head of state but claim to not know what classified markings looking like, or what the law says about transmission and possession of classified information on unauthorized systems.

  19. JohnFen Silver badge

    The thing is...

    The thing is that the number doesn't matter. If they have 10 such phones or 10,000,000, it doesn't change the issues or the calculus around those issues at all.

  20. paulll Bronze badge

    Whether it's >1k or >7k ... it's a *hell* of a coincidence that they were all used by people suspected of violent, emotive, crimes. No white-collar embezzlers, opportunistic insurance fraudsters, harassers, etc

  21. DeKrow
    Holmes

    Things that don't suprise me

    1. Political pronouncements based on FUD not fact

    2. A Government entity is requesting something mathematically impossible (see #1)

    3. A Government entity that's requesting something mathematically impossible would stoop to lying (see #1)

    4. A Government entity can't count

    5. A Government entity doesn't have a system good enough to be able to find the number of encrypted devices involved in their open cases.

    Maybe, before asking for impossible things, they should have systems that provide accurate info. But then, maybe, that's also an impossible thing.

  22. Withdrawn

    A drop in the bucket.

    Even 7800 is insignificant:

    The Federal Bureau of Prisons (BOP) had jurisdiction

    over 196,500 prisoners at yearend 2015.

    So going off the number of KNOWN CONVICTED federal criminals, the feds are only having trouble with access to evidence for 3% of cases. In reality, the number has to be even more insignificant as you begin to count those who have not been charged, local and state cases that use FBI labs, etc. I'm sure someone who truly groks stats could really blow their argument out of the water.

  23. Mike Shepherd
    Meh

    Right to bear arms

    Since the US defines encryption as "munitions", how does that fit with their beloved "right of the people to keep and bear arms"?

  24. mark l 2 Silver badge

    Seem to have just single out phones in this, but no mention of how many PCs and laptops that use encryption they couldn't get access to the data on. Perhaps because it turns out to be just as many or even more than the number of phones.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019