A recent Justice Department memo revealed by CNET shows law enforcement’s frustration with Apple’s encrypted iMessage software The internal memo, sent by the Drug Enforcement Administration, calls iMessages “a challenge to DEA intercept” and notes that messages sent between two Apple devices — the ones that turn blue in users’ chat windows — cannot be captured by monitoring devices. That poses problems for law enforcement, the memo says, because text message records are sometimes used to link suspects to known criminals.
This isn’t a new problem — Apple introduced what it called “secure end-to-end encryption” with iO5 two years ago. End-to-end encryption theoretically means that no one, not even Apple, can ever access a users’ texts. In reality, numerous tech writers and analysts have questioned how the secretive, complicated technology actually works.
Last August, Johns Hopkins cryptographer Matthew Green called for Apple to release more details out of concern that glitches “could seriously reduce the security of the protocol.” And over at AnandTech, the extremely technical gadget blog, a team of writers and engineers wondered how law enforcement would work with iMessage when the encryption was announced.
This is not the first time that law enforcement has struggled with iMessage encryption. Unlike other phones, iPhone text messages and attachments cannot be retrieved once deleted — a feature that recently became problematic during the Steubenville rape trial, when prosecutors tried to reconstruct the crime using social media posts and text messages.
In transcripts from a pretrial hearing, the analyst who extracted cellphone information for that case explained she could not retrieve deleted iPhone messages because each came with its own random, automatically generated encryption key. When the file is deleted, the key is also deleted, and overwritten, so it can’t be found again.
“Dumb question, can you pull everything off of a cellphone?” The prosecutor asked during the hearing.
“Sometimes you can and sometimes you can’t,” the analyst responded. If it’s an iPhone with a later-generation operating system, “I can’t do it.”
Apple has not responded to this complaint. But the country’s top law enforcement agencies have begun to take action, according to CNET: Last year, FBI director Robert Mueller said he pushed the Obama administration to address what he called “the going dark problem” — the difficulty of conducting surveillance on new forms of communication, such as social networks, instant messaging, e-mail, Internet phone and text messaging.
Skype — which, until July, was almost as encrypted as Apple — bowed to law enforcement pressure last year when it changed its architecture to make the service more monitor-friendly. The move horrified many activists, who worried it set a risky precedent.
“The issue is, to what extent are our communications being purpose-built to make surveillance easy?” Lauren Weinstein, co-founder of People for Internet Responsibility, told The Washington Post. “When you make it easy to do, law enforcement is going to want to use it more and more. If you build it, they will come.’’
Sources: WP, CNet, Apple