[NewsPoster]

Seemingly backing off on statements before Congress, FBI Director James Comey suggested that more court action seeking to circumvent smartphone encryption is likely coming. Speaking with reporters at the agency's Washington DC headquarters yesterday, Comey also claimed that the agency is trying to figure out how to re-utilize the tool that the agency used San Bernardino iPhone 5c in other cases.

Saying that encryption is vital to terrorist groups, Comey said that user encryption such as that in Apple's iOS, and WhatsApp. Specifically referring to WhatsApp encryption, Comey said that "WhatsApp has over a billion customers and they are overwhelmingly good people, but in that billion customers are terrorists and criminals. It's a huge feature of terrorist tradecraft."

The director noted that there was a difference between encryption on the iPhone ("data at rest") and WhatsApp ("data in motion"), as far as law enforcement issues are considered. While not directly saying that he was going to go after Facebook's app in a lawsuit, he said that "whether there is going to be litigation, I don't know" adding that "collision is going to happen, just the way it's happening in data at rest."

Regarding the San Bernardino iPhone 5c tool, that the FBI still claims that they don't own, Comey claims to not only be trying to figure out how to re-use it, but also that he doesn't know the identity of the penetrators. He has a "good sense" of the contractor, but "couldn't give you people's names." He noted that the FBI has examined 4000 devices from all manufacturers since October, and hasn't been able to penetrate 500 of them. He refused to give a break down of manufacturer or operating system.

In the press briefing, Comey also shied away from calling the San Bernardino killers ISIL recruits. He noted that the group has "lost their ability to attract people to the caliphate from the United States" and directly called the shooters in California affected by the group's "poison and propaganda" online.

[Steve Wilkinson]

They'll probably just wait until the general public forgets, and then ram it through in some budget or other bill, hidden somewhere in a big document, maybe under a different name. (like they did with the CISA legislation in the last omnibus bill.)

And, Comey has been talking about this 'data in motion' thing for a long time now, so that's something to watch. All these companies already have indemnity, should they want to comply with that kind of request. In other words, if the data is going through some server somewhere, the FBI wants a feed, and xyz corp could do it, even lie about it, and couldn't ever be held accountable if they got caught. (And, if it's an encrypted stream in/out, but readable in the middle, how would anyone ever know?)