1 2 3 891

Did Sheriff Hanlin Know of Christopher Harper Mercer before His Massacre?

I read this passage — from the Sheriff in charge of the investigation into the mass killing by Christopher Harper Mercer the other day — several times.

Douglas County Sheriff John Hanlin told reporters it wouldn’t be strange for someone in the state to have so many weapons.

“In Oregon, this is a hunting state and firearms are possible in most households,” he said.

Investigators said it was too soon to identify a motive, although Hanlin earlier told NBC’s TODAY he wasn’t aware of any “specific red flags” for the shooter.

“He is a local resident and I know personally I haven’t heard of any warning signs coming from this person,” Hanlin said.

Because Hanlin said, “I personally,” I initially believed he meant he personally knew of Harper Mercer. But after re-reading it, I believe, though am not certain, that Hanlin meant only that in the time Harper Mercer has been living in town (about four years, according to reports) he has never come up on the sheriff department’s radar (or more specifically, Hanlin’s personal radar). In a town of 20,000 people, there’d be no reason for Hanlin to know everyone.

Still, I wonder, given Hanlin’s refusal to utter Harper Mercer’s name. Given that both are big gun enthusiasts (though as Hanlin noted, that’s fairly common in the area), it’s possible they’ve met. There’d be no fault in that, nor would Hanlin be at fault for not noticing the guy, because nothing we know of in his history should have tipped anyone but the people who were egging him on on 4Chan. But I bet a guy like Hanlin has a certain idea of who engages in senseless killing and it’s not a guy like Harper Mercer, no matter how much of a loner.

In any case, this passage, from a local editorial, got me wondering about that statement from Hanlin again.

The investigation, led by Hanlin’s office, has only just begun. In press conferences, Hanlin has been urging anyone who might have tips relating to the shootings to call 1-800-CALL-FBI. But as a practical matter, how are people who may have valuable information about Harper-Mercer supposed to call if they never know that he was the shooter?

They’re right: Hanlin’s dictate no one should name Harper Mercer makes it somewhat less likely locals would call in tips of any warning signs.

Add in Hanlin’s fierce belief that guns are under threat — extending even to Newtown trutherism — and I wonder whether he wants to suppress how much like Harper Mercer looks like any other gun enthusiast.

In general, I’m sympathetic to the idea that we ought to celebrate the guy who who tried to save innocents — Chris Mintz — rather than focus on the guy who did the massacre. I very much believe the entire country needs to look at how much it obsesses on these massacres, which encourages fly-by panic and may inspire copy-cats, but which has never led to policy changes.

But I also believe that this country needs to come to grips with the fact that a gun rampage is as likely — statistically more likely — to be committed by a guy like Harper Mercer or Dylann Roof or James Holmes and, especially, Adam Lanza as it is to be committed by a Muslim guy. Only then will we understand the problem is not terrorism, it’s that some young men channel their resentment and loneliness into guns in this country, regardless of what faith or color they are. And coming to that realization takes some details (details Hanlin may find uncomfortable) and a name.

Is Russia Eliminating America’s Material Support for Terrorism Problem

In this post, Moon of Alabama linked to this Jerusalem Post article, which says more plainly what a number of people admit obliquely: Qatar and Saudi Arabia are funding the Nusra Front.

The Nusra Front, the Syrian branch of al- Qaida, which controls 10-15 percent of non-contiguous parcels of Syrian real estate, is of special interest to the IDF. Together with some local militias Nusra is in charge of most of the 100-kilometer border with Israel on the Syria side of the Golan Heights. In recent years, Nusra slightly toned down its militant ideology due to the influence of Qatar and Saudi Arabia, which provide it with financial support.

OK then.

Not only are our Gulf allies funding al Qaeda, but they are sufficiently close to them so as to get them to pretend to moderate their extremism. Which is another way of saying they’re sufficiently close to get them to cooperate to help the Gulf nations snooker their allies.

Of course, the Israelis have an incentive to point to Qatar and Saudi Arabia, so as to avoid admitting they, too, are backing Nusra.

Still, this plain admission raises the same questions I raised back in August when the people inserting DOD-trained rebels into Syria were genuinely surprised that their expectation that Nusra would welcome those rebels, rather than kidnap them, was wrong.

I think it’s quite likely that the US got affirmative HUMINT from one of our partners in the region that Nusra Front would not attack. Both the Saudis and Israelis are real possibilities to have provided this intelligence, given that we rely on the Saudis for a lot of our intelligence on Sunni terrorist groups and the Israelis have been cozying up to the group. And I’m frankly agnostic whether that intelligence would have been offered cynically — again, as a ploy to suck the US further into Syria — or in good faith.

Likewise, I wonder whether we got disinformation from our allies — the material supporter of terrorists — about whether or not Nusra had confiscated a chunk of the weapons and pick-ups from the next batch of rebels we sent into Syria.

All that’s stuff that was readily available. But here’s a detail I did not know. CIA reportedly ended its support for its Syrian rebels earlier this year.

Be that as it may, and regardless of the Russian strategy, it also needs to be emphasized that even though the targeted rebels were not ISIS, they were not secularist “moderates” either. According to most news outlets however, the rebel positions hit by the Russians were part of the “Free Syrian Army”, the armed branch of the allegedly secular opposition. Interestingly, this statement is based on one single testimony made to Reuters by the leader of a group which has been provided with US weapons as part of a covert CIA programme that was ended earlier this year.

If the CIA had stopped outfitting rebels partnering with Qatari and Saudi backed al Qaeda groups, I can see how they’d want to hijack DOD backed rebels to get US arms (and, effectively, bodies).

Which brings me back to this comment John Brennan made at the end of May, asked explicitly in the context of ISIS.

Dealing with some of these problems in the Middle East, whether you’re talking about Iraq, Iran, Syria, Yemen, Libya, others, these are some of the most complex and complicated issues that I’ve seen in my 35 years, working on national security issues. So there are no easy solutions.

I think the president has tried to make sure that we’re able to push the envelope when we can to protect this country. But we have to recognize that sometimes our engagement and direct involvement will stimulate and spur additional threats to our national security interests.

“Sometimes our engagement and direct involvement will stimulate and spur additional threats,” said the CIA director overseeing a covert operation of supporting fighters that ended up having ties to al Qaeda that either had been or would shortly be discontinued.

We’re making a lot of noise about Russia taking out those men the CIA had formerly trained. Is it just noise?

Apparently some Syrians on the ground are already questioning whether the US has sold them out.

The official added that the airstrikes were bolstering the popularity of Jabhat al-Nusra, with its combined message of American duplicity against Muslims and the prospect of fighting an old foe – many of al-Qaida’s veterans once fought the Soviet Union in Afghanistan.

While there are reasons to question the source (really! how many al Qaeda members who fought Russia 20 years ago are left, much less on the ground in Syria?), it’s a good question…

Update: The Daily Beast believes the CIA program is still active.

The rebels attacked by Russian forces on Wednesday and Thursday were in western Syria, alongside al Qaeda affiliates and far from any ISIS positions. That suggests the rebels were not there to fight the self-proclaimed Islamic State, as the Obama administration called the top priority. Instead, they were battling the Assad regime as part of a still-active CIA program for rebels which has run in tandem with the disastrous and now-defunct train and equip Pentagon program.

Saudis and Americans Disagree Over Whether US Is Involved in Targeting in Yemen

I noted earlier that Saudi Arabia had expressed concern about civilian casualties — when Russia caused them.

Which is why the conflict between these two statements is so interesting. Here’s Saudi Foreign Minister (and former Ambassador to the US) Adel al-Jubeir on Wednesday.

“We are very careful in picking targets. We have very precise weapons,” Adel al-Jubeir told CBS News’ Norah O’Donnell. “We work with our allies including the United States on these targets.

Al-Jubeir said collateral damage is “extremely regrettable” and should be avoided.

“But can we prevent it 100 percent? I don’t think you can. This is warfare,” he said. [my emphasis]

Here’s a statement from earlier today from NSC Spokesperson Ned Price.

We are deeply concerned about recent reports of civilians killed in Mokha, Yemen on September 28.  We were also shocked and saddened by the deaths of the Yemen Red Crescent Society volunteers in Taiz on the same day. We take all credible accounts of civilian deaths very seriously and again call on all sides of the conflict in Yemen to do their utmost to avoid harm to civilians and to comply with their obligations under international humanitarian law. The United States has no role in targeting decisions made by the Coalition in Yemen. Nevertheless, we have consistently reinforced to members of the Coalition the imperative of precise targeting. We also have underscored the importance of thoroughly investigating all credible allegations of civilian casualties. We call for an investigation into these reported civilian casualties and for the findings to be reported publicly.

More broadly, these incidents underscore the urgency of seeking a durable solution to the crisis in Yemen through a peaceful political dialogue as soon as possible. [my emphasis]

Whichever it is, it sure is hard to square either one of these comments with the joint statement earlier today expressions shock over Russian inflicted civilian casualties.

Update: I’m curious whether Jubeir’s statement precedes the withdrawal of the Dutch proposal for an outside review in Yemen. The CBS article is time stamped 3:10 PM, which seems late in the day to have influenced the UN action, but the video it includes is timestamped 11:40, which may well have been early enough.

Update: Meanwhile, the US just bombed a Medecins sans Frontieres trauma center in Kunduz, killing at least 9 MSF staffers.

Days after Bombing a Wedding Party and Squelching UN Investigation in Yemen, Saudi Arabia Worries about Civilian Casualties

On Monday, coalition forces in Yemen bombed a wedding party, killing over 130 people.

The death toll from an air strike on a wedding party in Yemen has jumped to 131, medics said on Tuesday, in one of the deadliest attacks on civilians in Yemen’s war that drew strong condemnation from the U.N. secretary-general.


On Tuesday, a medical source at Maqbana hospital, where most of the casualties were taken, said the death toll had climbed to 131 people, including many women and children.

The United Nations and international rights groups have expressed alarm at the escalating number of civilian deaths in Yemen – at least 2,355 out of more than 4,500 people killed from the end of March to Sept. 24, according to figures released by the U.N. human rights office in Geneva on Tuesday.

On Wednesday, Saudi Arabia succeeded in pressuring western governments to withdraw a Dutch resolution to conduct an inquiry into the civilian casualties caused by both sides in Yemen.

In a U-turn at the United Nations Human Rights Council, Western governments dropped plans Wednesday for an international inquiry into human rights violations by all parties in the war in Yemen that has killed thousands of civilians in the last six months.

The change of direction came as the Netherlands withdrew the draft of a resolution it had prepared with support from a group of mainly Western countries that instructed the United Nations high commissioner for human rights to send experts to Yemen to investigate the conduct of the war.


The Dutch resolution also called for the warring parties to allow access to humanitarian groups seeking to deliver aid and to the commercial import of goods like fuel that are needed to keep hospitals running. Deliveries of aid and other goods have been slowed by the coalition’s naval blockade of Yemeni ports.

But in the face of stiff resistance from Saudi Arabia and its coalition partners, and to the dismay of human rights groups, Western governments have accepted a resolution based on a Saudi text that lacks any reference to an independent, international inquiry.

On Friday, Saudi Arabia condemned civilian casualties. Just those caused by Russian airstrikes targeting Saudi backed rebels seeking to overthrown Bashar al-Assad.

As Russia continued striking targets in Syria, the U.S. was joined by the U.K., France, Germany, Qatar, Saudi Arabia and Turkey in saying a bombing campaign begun by Vladimir Putin’s government on Wednesday “led to civilian casualties” and didn’t target Islamic State militants. The statement came hours before Putin was due to meet German Chancellor Angela Merkel and the French and Ukrainian presidents, Francois Hollande and Petro Poroshenko, to discuss a Ukrainian cease-fire pact in Paris.

“These military actions constitute a further escalation and will only fuel more extremism and radicalization,” the countries said in the statement. “We call on the Russian Federation to immediately cease its attacks on the Syrian opposition and civilians and to focus its efforts on fighting ISIL,” according to the statement, which used an acronym for Islamic State. Russia has said it is only targeting “terrorist” groups.

It’s a nice statement. And civilian killings surely do fuel extremism.

But Saudi Arabia — and, for that matter, the US, which has bombed its share of wedding parties (though often because it relies on Saudi intelligence) — is probably not the country that should be condemning civilian casualties right now.

Update: Billmon has been checking and he was only able to find the statement actually posted on Turkey’s Foreign Minister’s website.

Update: Meanwhile, the US (which also claims to be concerned about civilian casualties) told Judge Ellen Hueville that Ali Jaber, whose brother-in-law and nephew a US drone strike killed, does not have standing to ask for an apology.

Update: Lee Fang asked McCain about the Saudis killing Yemenis.

Sen. John McCain, R-Ariz., spent the most time discussing the issue with me. But his answers were perplexing.

“They may be bombing civilians, which is actually not true,” McCain said, when asked about civilian casualties in Yemen.

“Civilians aren’t dying?” I asked.

“No, they’re not,” the senator replied. “Oh, I’m sure civilians die in war. Not nearly as many as the Houthis have executed,” McCain continued, referring to the Shiite militia waging an insurgency against the Sunni government in Yemen.

Asked about the recent reports of Saudi forces bombing a wedding party in Yemen, McCain said, “I’m sure in wars terrible things happen and the Houthis however are an extremist group backed by the Iranians who are slaughtering Yemenis.”

In His Latest “Eat the Journalists for Lunch” Lunch, Jim Comey Flirts with Ferguson Effect

Screen Shot 2015-10-02 at 10.02.46 AMPeriodically, Jim Comey invites a group of select journalists in for lunch and eats them alive with his charisma and unsubstantiated claims. The first I noticed came when Comey made some false claims about National Security Letters, without a single journalist correcting him. More recently, Comey claimed FBI had arrested 10 people with ties to ISIS, only two of whom have every publicly appeared.

In this week’s edition, Comey got passionate about a claimed spike in crime.

And in unusually passionate remarks, the FBI director said he was “very concerned about what’s going on now with violent crime and murder rates across the country,” in cities as disparate as Omaha and Milwaukee.

At least in this instance, journalists are getting less credulous, because most (though not CNN) reported that in fact the crime stats released this week show a decline in crime, not a spike, even while they reported that violent crime in “many” cities has spiked.


Newly released federal data suggest a slight dip in violence across the nation in 2014. But Comey said those numbers may not be capturing what’s happening on the ground today. He’s been hearing similar concerns from police chiefs, he said.


Earlier this week, the FBI released data showing violent crime dropped slightly in 2014, but many big city police departments have reported significant jumps in shootings this year compared with last year.


In 2014, the number [of murders in NYC] had dropped to 328 — the lowest number of murders since the New York City Police Department began collecting statistics in 1963.)

None I saw, however, pointed out that the claim of a spike in “many” cities stems from a persistent propaganda effort that has been debunked as cherry-picking. Yes, there are a few cities with alarming spikes in violence, but they should be examined as cities, not as a trend that the FBI’s own data shows is moving in the opposite direction.

In his comments, Comey didn’t endorse the Ferguson effect. But he did say we need to move slowly on criminal justice reform both because of this alleged spike and because crime has gone down (!?!). Still from the HuffPo:

Comey said he didn’t know whether protests against police violence have made it harder for police to do their jobs, a theory that has been dubbed the “Ferguson effect.” “I’m not discounting it, but I just don’t know,” he said, adding that he was “focused on it, trying to figure it out.”

“Some have said police officers aren’t getting out of their cars and talking to gang-bangers on street corners anymore, but I don’t know,” he said. “What I do know is that a whole lot of people are dying. They are, according to the chiefs, overwhelmingly people of color, and we’ve got to care about that.”

The spike in crime made him want to be “thoughtful” on criminal justice reform, Comey added.

“My strong sense is that a significant portion of the change in our world since I was a prosecutor in New York in 1987 is due to law enforcement, but I’m sure there are lots of other things [going on],” he said.

“I just want to make sure that as we reform — first of all, we’re grateful that we actually have the space and time to think and talk about sentencing better, rehabilitating better, and [that] is a product of hard work over the past 25 years — but as we do it, are very, very thoughtful about where we used to be and how we got from that point to here,” Comey said.

As with encryption back doors, the data is not there (on that issue, DOJ simply doesn’t collect data on how often encryption prevents it from accessing data). But that’s not going to stop him from cautioning against criminal justice reform.

With One Bombing Run Russia Gets the US to Acknowledge CIA’s “Covert” Regime Change Forces

For some time, a number of us have been tracking the collective forgetfulness about CIA’s acknowledged covert forces on the ground in Syria. I often point back to the day two years ago when Chuck Hagel confirmed our covert efforts in Syria in a congressional hearing, as well as Senate Foreign Relations Committee member frustration with their inability to get details on the acknowledged covert ops (that already numbered in the thousands, according to Tom Udall) there. Jim and I have written a slew of other posts about CIA’s covert forces there (one two three four five six seven are just a small sampling).

More recently, Adam Johnson caught NYT and Vox pretending CIA’s efforts don’t exist at all.

This past week, two pieces—one in the New York Timesdetailing the “finger pointing” over Obama’s “failed” Syria policy, and a Vox“explainer” of the Syrian civil war—did one better: They didn’t just omit the fact that the CIA has been arming, training and funding rebels since 2012, they heavily implied they had never done so.

To be fair, some intelligence reporters have done consistently good reporting on CIA’s covert war in Syria. But the policy people — especially the ones reporting how if Obama had supported “moderate” rebels sooner — usually pretend no one knows that Obama did support Qatar and Saudi-vetted liver-eating rebels sooner and they often turned out to be Islamists.

The selective ignorance about CIA’s covert operations in Syria seems to have been eliminated, however, with one Russian bombing run that targeted them.

Russia launched airstrikes in Syria on Wednesday, catching U.S. and Western officials off guard and drawing new condemnation as evidence suggested Moscow wasn’t targeting extremist group Islamic State, but rather other opponents of Bashar al-Assad’s regime.

One of the airstrikes hit an area primarily held by rebels backed by the Central Intelligence Agency and allied spy services, U.S. officials said, catapulting the Syrian crisis to a new level of danger and uncertainty. Moscow’s entry means the world’s most powerful militaries—including the U.S., Britain and France—now are flying uncoordinated combat missions, heightening the risk of conflict in the skies over Syria.

Thus far, of course, US officials are insisting that the anti-Assad troops Russia targeted are wholly distinct from ISIS (even while they remain silent about whether they’re Islamic extremists).

Secretary of State John Kerry met with Russian Foreign Minister Sergei Lavrov and said he raised U.S. concerns about attacks that target regime opponents other than Islamic State, also known as ISIS or ISIL. In Syria’s multi-sided war, Mr. Assad’s military—aided by Iran and the Lebanese Shiite group Hezbollah—is fighting both Islamic State and opposition rebel groups, some of which are supported by the U.S. and its allies.


The U.S. and its allies were angry at the Russians on many scores: that they are supporting Mr. Assad; that they aren’t coordinating their actions with the existing, U.S.-led anti-Islamic State coalition; that they provided terse notice only an hour before their operations; that they demanded the U.S. coalition stay out of Syrian airspace; and that they struck in areas where anti-Assad rebels—not Islamic State—operate.

“It does appear that they were in areas where there probably were not ISIL forces, and that is precisely one of the problems with this whole approach,” said Mr. Carter, the U.S. defense chief.

This attempt to distinguish ISIS from the CIA-backed rebels will quickly lead to an awkward place for the Administration and its allies, not least because making any distinction will require providing details on the vetting process used to select these forces, as well as addressing the evidence of cooperation with ISIS or traditional al Qaeda in the past. Plus, the more the US argues these groups that aren’t entirely distinct from al Qaeda are entirely distinct from ISIS, it will make the Administration’s claim that the 2001 AUMF against Al Qaeda authorizes it to fight ISIS (in related news, DOJ just denied USAT’s FOIA request for 3 OLC documents making that case) really wobbly. Any claim Russia makes that these anti-Assad forces are also Islamic extremists (and therefore entirely legitimate targets in the fight against ISIS) will be based on intelligence that is no more shitty than US intelligence that they’re not, especially given that CentCom admits on the record it can’t even trust (much less vet) the communications it is getting from rebels on the ground about their coordination with al Qaeda. It will devolve into a he-said-she-said about whose claims are more suspect, Assad’s or the Saudis’ who’ve been pushing for regime change long before the Arab Spring gave then an opportunity to push it along.

And all the while, any pretense that CIA’s involvement is covert will grow more and more laughable. Reporting like this — which claims Putin has “hijacked” Obama’s war on ISIS when the content only makes sense if Putin has more urgently hijacked Obama’s regime change efforts against Assad — will become more and more laughable.

Whatever Russia’s entry does for the tactical confrontation (I have no hopes it will do anything but make this conflict even bloodier, and possibly expand it into other countries), it has clarified a discussion the US has always tried to obscure. There are plenty of US backed forces on the ground — which may or may not be Islamic extremists (see Pat Lang on this point) — whose priority is toppling Bashar al-Assad, not defeating ISIS. While there will be some interesting fights about who they really are in coming days (and whether CIA has already acknowledged that it inflamed Islamists with its regime change efforts), American priorities will become increasingly clear.

Make no mistake: I am not defending Russia, Syria, our vetted “moderate” rebels, Saudi Arabia, or anyone else. It’s a volatile situation and none of the outside intervention seems to be helping. But one big reason we’ve been failing is because we’ve been lying publicly about the forces on the ground. Those lies just got a lot harder to sustain.

(As always on the Syrian quagmire, see Moon of Alabama’s latest.)

Compare Hillary’s 5 Phishing Emails with DOD’s 602 Million Spam and Phishing Emails a Month

As usually happens, more journalists are examining the latest tranche of Hillary emails for gotchas than for interesting policy discussions. The latest is AP’s report that Hillary received 5 emails from Russian linked hackers attempting to phish her.

Russia-linked hackers tried at least five times to pry into Hillary Rodham Clinton’s private email account while she was secretary of state, emails released Wednesday show. It is unclear if she clicked on any attachments and exposed her account.

Clinton received the infected emails, disguised as speeding tickets from New York, over four hours early the morning of Aug. 3, 2011. The emails instructed recipients to print the attached tickets. Opening an attachment would have allowed hackers to take over control of a victim’s computer.

BREAKING! Out of almost 20,000 emails released thus far, 5 were phishing attempts.

Compare that to this report on DOD’s spam and phishing woes from earlier this week.

You could be one of the 1.6 million users on Pentagon email systems where only one in seven of the more than half a billion monthly emails received are actually legitimate.

The rest are a mixture of malicious password phishing attempts, chock full of viruses, or the bane of modern humanity’s existence: spam.

“Out of 700 million emails we’ll get in a month, only about 98 million are actually good emails,” said Lt. Gen. Alan Lynn, director of the Defense Information Systems Agency, speaking at a Washington, D.C., area event Wednesday hosted by Defense Systems.

“The rest,” he said, “are spam and worm attacks.”

According to General Lynn, DOD gets 602 million spam and phishing emails a month, with just 14% of their mail actually being real email. Granted, that’s across 1.6 million users. Still that says every user averages 376 junk emails a month.

I’d say Hillary’s 5 phishing emails so far don’t look so bad by comparison.

Apple’s Transparency Numbers Suggest Claims of Going Dark Overblown

Apple recently released its latest transparency report for the period ending June 30, 2015. By comparing the numbers for two categories with previous reports (2H 2013, 1H 2014, 2H 2014)  we can get some sense of how badly Apple’s move to encrypt data has really thwarted law enforcement.

Thus far, the numbers show that “going dark” may be a problem, but nowhere near as big of one as, say, NY’s DA Cy Vance claims.

The easier numbers to understand are the national security orders, presented in the mandated bands.

Screen Shot 2015-09-30 at 4.34.08 PM

Since the iPhone 6 was introduced in September 2014, the numbers for orders received have gone up — one band in the second half of 2014, and two more bands in the first half of this year. Curiously, the number of accounts affected haven’t gone up that much, possibly only tens or a hundred more accounts. And Apple still gets nowhere near the magnitude of requests Yahoo does, which number over 42,000.

Equally curiously, in the last period, Apple clearly received more NatSec orders than accounts affected, which is the reverse of what other companies show (before Apple had appeared close to one-to-one). One thing that might explain this is the quarterly renewal of Pen Register orders for metadata of US persons (which might be counted as 4 requests for each account affected).

In other words, clearly NatSec requests have gone up, proportionally significantly, though Apple remains a tiny target for NatSec requests compared to the bigger PRISM participants.

The law enforcement account requests are harder to understand.

Screen Shot 2015-09-30 at 1.51.47 PM

Note, Apple distinguishes between device requests, which are often users seeking help with a stolen iPhone, and account requests, which are requests for either metadata or content associated with an account (and could even include purchase records). The latter are the ones that represent law enforcement trying to get data to investigate a user, and that what I’ve laid out the latter data here [note, I fully expect to have made some data errors here, and apologize in advance — please let me know what you see!!].

Here, too, Apple has seen a significant increase, of 23%, over the requests it got in the second half of last year. Though, note, the iPhone 6 introduction would not be the only thing that would affect this: so would, probably, the June 2014 Riley Supreme Court decision, which required law enforcement to get a warrant to access cell phones, would also lead law enforcement to ask Apple for data more often.

Interestingly, however, there were fewer accounts implicated in the requests in the last half of the year, suggesting that for some reason law enforcement was submitting requests with a slew of accounts listed for each request. Whereas last year, LE submitted an average of over 6.5 accounts per request, this year they have submitted fewer than 3 accounts per request. This may reflect LE was submitting more identifiers from the same account — who knows?

The percentage of requests where content was obtained has gone up too, from 16% in 2013 to 24% in the first period including the iPhone 6 to 30% last quarter. Indeed, over half the period-on-period increase this period may stem from an increase in content requests (that is, the 107 more requests where content was obtained in the first half of the year, which was a period in which Apple got 183 more requests overall). Still, that number, 107 more successful requests for content this year than the second half of last year, seems totally disproportionate to NYC DA Cy Vance’s claim that the NYPD was unable to access the content in 74 iPhones since the iPhone 6 was established (though note, that might represent 1 request for content from 74 iPhones).

Perhaps the most interesting numbers to compare are the number of times Apple objected (because the agency didn’t have the right kind of legal process or a signed document) and the number of times Apple disclosed no data (which would include all those times Apple successfully objected — which appears to include all those in the first number — as well as those times Apple didn’t have the account, as well as times Apple was unable to hand over the data because a user hadn’t used default iCloud storage for messages. [Update, to put this more simply, the way to find the possible number of requests where encryption prevented Apple from sharing information is to subtract the Apple objected number from the no data number.] In the second half of 2013, Apple did not disclose any data 28.5% of the time. In the first half of this year, Apple did not disclose any data in just 18.6% of requests. Again, there are a lot of reasons why Apple would not turn over any data at all. But in general, cops are getting data more of the time when they give Apple requests than they were a few years ago.

More importantly, for just 65 cases in the first half of this year and 80 cases in the second half of last year did Apple not turn over any data for a request for reasons other than some kind of legal objection — and those numbers are both lower than the two half years preceding them. Each of those requests might represent hundreds of phones, but overall it’s a tiny number. So tiny it’s tough to understand where the NYPD’s 74 locked iPhones (unless they did request data and Apple actually had it).

There’s one more place where unavailable encrypted data might show up in these numbers: in the number of specific accounts for which data was disclosed. But as a percentage, what happened this year is not that different from what happened in 2013. In the second half of 2013, Apple provided some data (and this can be content or metadata) for 57.6% of the accounts specified in requests. In the first half of this year, Apple provided some data for 51.6% of the accounts specified in requests — not that huge a difference. And of course, the second half of last year, which may be an outlier, but during much of which the iPhone 6 was out, Apple provided data for 88.5% of the accounts for which LE asked for data.

Overall, it’s very hard to see where the FBI and other law enforcement agencies are going dark — though they are having to ask Apple for content more  often (which I consider a good thing).

Update: In talking to EFF’s Nate Cardozo about Apple’s most recent report, we agreed that Apple’s new category for Emergency Requests may be one other place where iPhone data is handed over (it doesn’t exist in the reports for previous half year periods). Apple defines emergency content this way:

Table 3 shows all the emergency and/or exigent requests that we have received globally. Pursuant to 18 U.S.C. §§ 2702(b)(8) and 2702(c)(4) Apple may voluntarily disclose information, including contents of communications and customer records, to a federal, state, or local governmental entity if Apple believes in good faith that an emergency involving imminent danger of death or serious physical injury to any person requires such disclosure without delay. The number of emergency requests that Apple deemed to be exigent and responded to is detailed in Table 3.

Given the scale of Apple’s other requests, though not in the scale of cloud requests comparatively, these are significant numbers, especially for the US (107) and UK (98).

Of significant note, Apple may give out content under emergency requests.

This is more likely to be a post-Riley response than an encryption response, but still notable given the number.

TSA Security Still Not Secure But Maybe We Can Keep Our Shoes on Soon

The Senate Appropriations Committee is holding a hearing to discuss results of a still secret IG audit of TSA screening, featuring testimony from both TSA Administrator Peter Neffenger (who was only confirmed in July) and DHS’s IG, John Roth.

While neither will explain the results of the audit, Roth’s testimony makes it clear the audit did not turn out very well.

Our testing was designed to test checkpoint operations in real world conditions. They were not designed to test specific, discrete segments of checkpoint operations, but rather the system as a whole. The failures included failures in the technology, in TSA procedures, and in human error. We found layers of security simply missing.

Neffenger’s testimony provided more details which make it clear TSA had been emphasizing screening speed over security, especially as passenger volume and the incentive to carry on luggage has gone up.

The team’s initial conclusion is that the screening effectiveness challenges noted by the Inspector General were not merely a performance problem to be solved solely by retraining our officers. Officer performance is but one among many of the challenges. TSA frontline officers have repeatedly demonstrated during their annual proficiency evaluations that they have the knowledge and the skill to perform the screening mission well. Nor was this principally a failure of the AIT technology. These systems have greatly enhanced TSA’s ability to detect and disrupt new and evolving threats to aviation. AIT technology continues to perform to specification standards when maintained and employed properly, and we continue to improve its detection capabilities.

The challenge can be succinctly described as a set of multi-dimensional factors that have influenced the conduct of screening operations, creating a disproportionate focus on efficiency and speed in screening operations rather than security effectiveness. These challenges range across six dimensions: leadership, technology, workforce performance, the environment, operating procedures, and system design. Of these six, strong drivers include leadership focus, environmental influences, and system design.

Pressures driven by increasing passenger volume, an increase in checkpoint screening of baggage due to fees charged for checked bags as well as inconsistent or limited enforcement of size requirements for hand-carried bags and the one bag plus one personal item (1+1) standard1 create a stressed screening environment at airport checkpoints. The challenges also include the range of complex procedures that we ask our officers to employ, resulting in cognitive overload and personnel not properly employing the technology or a specific procedure. The limitations of the technology, the systems detection standards, TSA officers’ lack of training on equipment limitations, and procedures that failed to resolve the alarms appropriately all undermined our ability to effectively screen, as noted by the Inspector General’s report.

There’s a lot in both that addresses leadership (and Roth’s testimony makes it clear he kept raising the alarm under former TSA Administrator John Pistole), so hopefully Neffenger will do better at this.

The great news is Neffenger is looking at technology that will both work more efficiently without sacrificing security. Of particular note, he says there is a way to scan for shoe explosives without forcing us to take our damn shoes off.

So maybe we’ll move away from security theater in upcoming months and years?

Someone Tell Bill Nelson Apple Isn’t a Telecom and that Metadata Is Available with Encryption

There were a number of interesting exchanges in the Senate Armed Services Committee on cybersecurity hearing today, which I’ll return to in a bit. But for the moment I wanted to point to this bizarre exchange featuring Bill Nelson.

Nelson: Admiral, I’m concerned about all of these private telecoms that are going to encrypt. If you have encryption of everything, how, in your opinion, does that affect Section 702 and 215 collection programs?

Rogers: It certainly makes it more difficult.

Nelson: Does the Administration have a policy position on this?

Rogers: No. I think we’re still — I mean, we’re the first to acknowledge this is an incredibly complicated issue, with a lot of very valid perspectives. And we’re still, I think, collectively trying to work through what’s the right way ahead, here, recognizing that there’s a lot of very valid perspectives but from the perspective as CyberCommand and NSA as I look at this issue, there’s a huge challenge here that we have got to deal with.

Nelson: A huge challenge? And I have a policy position. And that is that the telecoms better cooperate with the United States government or else … it just magnifies the ability for the bad guys to utilize the Internet to achieve their purposes.

Bill Nelson is apparently very upset by the increasing use of encryption, but seems to believe Apple — which is at the center of these discussions — is a telecom. I’m happy to consider Apple a “phone company,” given that iMessage messages would go through the Internet and Apple rather than cell providers, and I think the IC increasingly thinks of Apple as a phone company. But it’s not a telecom, which is a different legal category.

He also believes that Apple’s encryption would hurt NSA’s Section 215 collection program. And NSA Director Mike Rogers appears to agree!

It shouldn’t. While Apple’s use of encryption will make it harder to get iMessage content, the metadata should still be available. So I’m rather curious why it is that Rogers agreed with Nelson?

In any case, Nelson doesn’t seem very interested in why Rogers immediately noted how complicated this question is — this is, after all, a hearing on cybersecurity and we know the Administration admits that more widespread encryption actually helps cybersecurity (especially since sophisticated hackers will be able to use other available encryption methods).

But I am intrigued that Rogers didn’t correct Nelson’s assertion that encryption would hurt the Section 215 program.

Update: This, from Apple’s transparency report, is one more reason Rogers’ agreement that encryption creates problems for the Section 215 program is so curious.

To date, Apple has not received any orders for bulk data.

1 2 3 891
Emptywheel Twitterverse
emptywheel @dmiller23 Right that "ostensibly" is now a 4-game mystery.
emptywheel @srubenfeld Again. As a Lions fan that's one of the joys I'm getting out of this season.
emptywheel Missed this Jets-Fins game but I'm glad to see the Pats won w/o playing. Is Suh still not playing?
JimWhiteGNV Uh oh. Left Dolphin is having a tough day. https://t.co/GMY6wsTXrF
bmaz @ScottGreenfield @Popehat The kids yes. Bakersfield is harder to see being missed.
bmaz @armandodkos What would the press be insinuating had Hillary entered the 2008 race "to stop Obama" from historical win? Outrage, that's what
bmaz Yes. Of course. Also, #FreeBrady! https://t.co/7kXMWDkjAn
bmaz @all_a_twitt_r @anatadmati @BruceBartlett Ol e!! Long time no see!
bmaz @goodyk Right. Thanks a rot for that!
bmaz @PogoWasRight But the problem is that that is exactly what is being relentlessly pursued as the answer.
bmaz Stupid Shit The Media Can't Stop Saying. https://t.co/evMCYDg8Gi
bmaz Nobody should be surprised Lynch is truly awful on civil rights+reform of militant cops https://t.co/K6jnEfMeVv https://t.co/peh1yESBKw
October 2015
« Sep