FBI Admits Overestimating Number of Encrypted Phones it Cannot Access

Written by

The FBI has admitted that “programming errors” led to it significantly over-estimating the number of locked devices which it can’t access for investigations because of strong encryption.

Director Christopher Wray claimed in January that the Bureau was unable to access the content of 7775 devices, using the example to argue as his predecessor had done for new laws or changes in policy at Apple and other tech firms enabling the FBI to access such phones with a court order.

He described the situation as an “urgent public safety issue” and has referred to the figure several times since when discussing in public the challenge facing law enforcers of “going dark.”

However, in a statement seen by the Washington Post, the FBI now claims that it made its calculations from three different databases, leading to some duplicates being counted.

“The FBI’s initial assessment is that programming errors resulted in significant over-counting of mobile devices reported,’’ it admitted.

A new audit could take weeks to complete but it is thought the real figure could be closer to 1000 devices.

The FBI has been locked in a stand-off with Apple and the tech community for years over access to encrypted devices. Whilst the Feds claim backdoor-ing phones isn’t required, its demands would amount to exactly that, say tech experts.

In February, a group of world-renowned cryptography experts signed an open letter backing a senator’s demands that the FBI explain the technical basis for its repeated claims encryption backdoors can be engineered without impacting user security.

These experts included Bruce Schneier, Paul Kocher, Steven Bellovin, and Martin Hellman — the latter winning the 2015 Turing Award for inventing public key cryptography.

The EFF claimed it was “not surprised” by the revelations.

“The scope of this problem is called into doubt by services offered by third-party vendors like Cellebrite and Grayshift, which can reportedly bypass encryption on even the newest phones,” it claimed.

“The Bureau’s credibility on this issue was also undercut by a recent DOJ Office of the Inspector General report, which found that internal failures of communication caused the government to make false statements about its need for Apple to assist in unlocking a seized iPhone as part of the San Bernardino case.”

What’s hot on Infosecurity Magazine?