EXPOSED! is a weekly series that decentralize.today runs that looks to unveil the dirty dealings of corporations, individuals and governments, often in collusion with each other. In this edition, we look at recent reports that one of the most technologically advanced law enforcement agencies in the world managed to hit 'delete all'...
From the German news agency, Heise online...
Text messages could play a crucial role in the investigation into the storming of the U.S. Capitol.Apple iMessage prevents that – and for good reason.
Apple iMessage security features are said to be responsible for the disappearance of text messages that could play an important role in clarifying the storming of the US Capitol in January 2021. The Secret Service is therefore considering shutting down the service on all iPhones that have been handed over to their employees by the security authority.
The statement made in July by a representative of the US Department of Homeland Security that messages from January 6, 2021 were deleted, had caused great surprise. Federal laws in the United States usually require authorities to retain written communications. In the current case, it was intended to reconstruct the processes and answer the question of what role the White House and then US President Donald Trump played in the attack on the parliamentary seat.
Central backup was not possible
According to the US political news service Politico, the data loss is the result of a change in the mobile device management system. While other data such as photos and mails can either be stored centrally on servers anyway or can be easily backed up from the device, the messages in Apple iMessage are encrypted and could be unlike SMSMessages are not transferred from a central location to the backup.
Although a manual backup of the data by the respective agents would have been possible - but this was not done in some cases, whereby the messages were lost by the reset of the device. In the past, Apple has repeatedly praised itself for its high level of data protection, including encryption.
What will happen in the future?
For the Secret Service, the question now arises as to how the topic will be dealt with in the future. Disabling iMessage seems to be an obvious solution, but the president’s bodyguards fear that this could hinder communication with other federal agencies and security services in an emergency. Thus, the US Department of Homeland Security does not prohibit its affiliated authorities from using iMessage. The Secret Service also considers technical alternatives.
The Secret Service is considering preventing employees from using iMessage on agency iPhones in the future, with claims the loss of text messages relating to the January 6 Capitol insurrection were due to the way encrypted messages are managed.
Apple's iMessage is considered to be a secure messaging service due to its use of encryption for communications. However, it seems that the secure nature of the system is being blamed for the sudden loss of potential evidence for investigations into the Capitol insurrection.
On July 13, Congress was informed by the DHS inspector general that the Secret Service had lost a number of text messages relating to the 2021 attack. In an update on July 29, the Secret Service is reportedly considering getting rid of iMessage to avoid the problem happening in the future.
"This is actually something we are looking at very closely," Secret Service spokesperson Anthony Guglielmi told Politico:
"Director James Murray has ordered a benchmarking study to further examine the feasibility of disabling iMessage and whether it could have any operational impacts."
It is claimed that the Secret Service's implementation of a new mobile device management platform may have caused the problem. While the platform could be used to manage emails, images, and other data centrally, the use of encryption of iMessages meant communications were stored on devices but couldn't be backed up automatically.
Since many agents failed to manually back up data themselves before the erasure and reconfiguration of the new management platform, those device-stored iMessage communications were deleted.
"We want to make sure whatever policy action we take does not adversely impact our protective or investigative missions"
said Guglielmi, and that the agency is:
"looking at other technological solutions"
While iMessage may be receiving scrutiny due to being too secure, other elements of Apple's ecosystem has been more assistive in tracking down and prosecuting participants in the insurrection. In May, one participant pleaded guilty due to evidence surfacing in his iCloud account, after he threw his iPhone into an ocean.