More like this

Security

Gartner to FBI: Stop bullying Apple and the tech industry

Big Data applied to metadata is a lesser evil than back doors, analyst argues

Gartner veep and distinguished analyst Avivah Litan has told the FBI to “stop bullying Apple and the technology industry around” with regard to that iPhone.

Litan writes that San Bernardino killer Syed Farook is known to have destroyed two private phones, so is unlikely to have sloppily left evidence on his work iPhone.

She also says a former intelligence officer has suggested to her that using carriers' metadata would likely be a better source of evidence than anything on that iPhone, which she theorises would have been on Farook's person at the same time as he carried his private phones. Carrier records, she writes, would therefore record which cell towers all three of the killer's phones touched, making it possible to track his movements without cracking the iPhone. Metadata listing the numbers Farook called from his private phones would yield information about any associates. Times when the private phones disappeared from the network – presumably to stop making metadata – would also give investigators hints.

“Intelligence has become a data science job,” she writes. “Here’s how my colleague summed it up: 'the daily challenge of the modern intelligence officer is to link data coming from human intelligence, signal intelligence, visual intelligence, financial intelligence, cyber intelligence… in part to make up for gaps that encrypted data communications and lack of associated metadata creates'.”

Litan doesn't offer proof that the FBI isn't using such techniques, but nonetheless concludes that “There’s plenty of data out there for the FBI to work with.”

“I wish they would stop bullying Apple and the technology industry around and spend their time and energy instead on figuring out how to rise to the challenge.”

Around the world, metadata retention regimes are advanced with arguments that metadata is an essential investigation tool. Litan clearly agrees with that, suggesting it preferable to backdoor-able devices. What do you think? ®

Sponsored: Global DDoS threat landscape report