Menu
  • Home
  • Brett's Blog
  • My Books
  • Courses
  • About Me
  • Contact
  • Home
  • Brett's Blog
  • My Books
  • Courses
  • About Me
  • Contact

Brett Shavers | Ramblings

Brett's Ramblings

Subscribe to blog
Unsubscribe from blog
Settings
Sign In
If you are new here, Register
  • Forget Username
  • Reset Password
Font size: + –
Subscribe to this blog post Unsubscribe
Report
Print
3 minutes reading time (546 words)

Leaking information isn’t the same as sharing information.

Digital Forensics
Brett Shavers
Friday, 27 July 2018
3483 Hits
0 Comments

On a couple of private (mostly LEO) email lists that I am on, it seems that emails on the lists are being provided to media outlets, specifically those that relate to breaking into the iPhone. There is not any suspicion as if this is being done, because as I read the articles, I see the actual emails that I have seen in the email lists.  Someone is leaking the emails from the lists. This is different from another email list that I am on where the emails were actually hacked and posted online a few years back.

In this current instance, someone on the list is sending copies of emails to the media, in nearly real-time.

https://www.forbes.com/sites/thomasbrewster/2018/07/26/apple-ios-security-boost-not-stopping-cops-hacking-iphones/#d43899171294

Side note: I’m not getting into how to hack iPhones.

My Opinion of the content of these leaks:
--Who cares?
--There are no “juicy” emails.
--Any information that a government employee creates is already a public record anyway.
--You can divulge every secret known to law enforcement and the intelligence communities, and the methods will still work.
 

However, in this instance of leaking emails to the media, I also don’t think it is a cool thing to do. There isn’t any whistleblower type of information that the public must know; it is just vendor stuff, and the vendors are private companies. If nothing else, the vendors are just gaining more marketing since media is reporting on the companies (see above leaked email as an example).

Plus, it is not cool to leak emails from a list that is intended to share information with those needing the information to work important cases. As someone who worked in military intel, and then investigating violent offenders and terrorists, I know that these cases are important and information needs to be shared in order to be effective.  When a murder needs to be solved, a child must be recovered, or violence prevented, it is the sharing of investigative methods that will solve these cases. Leaks for no good reason only result in less sharing, resulting in fewer cases being resolved, and potentially, more victims being harmed. The fear that answering a question via email will end up on Motherboard means that few will be answering questions. The fear is not that the answer is top secret, but that public scrutiny for the sake of gaining readership is not worth sharing information to most people.

I’m all for public records requests and transparency in government, but for those who make it unnecessarily more difficult to do these jobs…that is not cool at all.  But these email lists do not fall under public records anyway.

As for me, I'll keep sharing because I know as a fact, that one small piece of advice, one small bit of how-to, or a few words of encourgement to keep looking will make a world of difference to a victim by having their case solved. Solving a case doesn't just mean arresting someone. It means the difference of whether or not a family is reunited, whether or not a domestic violence victim can feel safe, and make the difference as to if a victim can finally sleep at night without waking to nightmares of being victimized again.

Shame on anyone who makes it this work harder than it already is.

Tweet
Share on Pinterest
0
Low-Hanging Fruit Report
A skill you need in DFIR, but won’t find DFIR cour...

About the author

Brett Shavers

Brett Shavers

 

Comments

No comments made yet. Be the first to submit a comment
Guest
Wednesday, 29 June 2022

Captcha Image

By accepting you will be accessing a service provided by a third-party external to https://brettshavers.com/

direct link

DFIR Training

Be sure to check out my DFIR Training website for practically the best resources for all things Digital Forensics/Incident Response related.


Brett's blog

© 2022 Brett Shavers