Feb 07

Missing FBI Text Messages: Sean Hannity Radio Show

Introductionsean-hannity-radio

FMS President Luke Chung was invited on the Sean Hannity Show to discuss the technology behind text messages: how they work and how they are archived.

Below is the transcript from the interview followed by some comments on the story and how to avoid problems with data backup and disaster recovery.

Backgroundfbilogosmall

The FBI claimed to lose backups of text messages between FBI agent Peter Strzok and FBI lawyer Lisa Page between December 14, 2016 and May 17, 2017.

Radio Show

On January 22, 2018, Luke Chung was on the radio show with Sean Hannity and Andrew Ziem. The three of them discussed the technology behind the ability to retrieve text messages that were deleted. Luke commented specifically on:

  • How text messages are stored on a sender’s/receiver’s device, unlike emails which are stored on a central server.
  • The ability to retrieve an email that has been deleted is more likely than trying to retrieve a text.

Here’s the audio from the show:

Luke’s segment starts at the 3:28 mark to about 5:18. The discussion wraps up around the 7:12 mark.

Sean Hannity [0:01 – 2:34]: The bigger story today… how do we retrieve five months’ worth of text? Andrew Ziem’s the founder and lead developer of BleachBit. Luke Chung is the president of FMS inc and both are well-versed in the retrieval in the forensics of getting information back that is quote “been deleted”. Thank you both for being with us. Andrew Ziem it sounds like maybe a little bit of BleachBit was used here. Is that possible to use on an electronic device?

Andrew Ziem: BleachBit itself isn’t compatible with a mobile device but there are tools that are similar to that. And even regardless of using that tool, just the fact that so many months have gone by, I know it’s been it’s been well over half a year since May 2017. Even just using the device on a daily basis is going to slowly erase text messages by overriding the data.

Sean Hannity: Well I want to, Luke Chung we’ve talked to you many many times before. Why is it this very critical five-month period they’re missing all those texts? Considering you know this is the crucial period of time. Does that sound like an accident to you? It doesn’t to me.

Luke Chung [3:28]: Well thank you very much for having me back on-again Sean. The technology here is different from emails. Emails are stored in a central server and are much more permanent. Text messages are on the sender’s device. They go to a Telecom company, which then forwards to the recipient’s [Telecom company and] device. Usually, the Telecom throws it away soon after they make that connection. So, there’s no permanent centralized storage with text messages.

Sean Hannity: So, if they subpoena the Telecom company it will probably be a waste of time.

Luke Chung [3:55]: Right, because they have no reason to store billions of text messages. Once you get it on your phone, why would they ever need to hold it for you? It’s not like an email.

Sean Hannity: So, how, what are they usually saved for? Three days in rotation?

Luke Chung [4:05]:
It is usually saved to the extent that they send a message through. So, for instance, if the recipient’s phone is off, the text message isn’t lost. You know, Verizon or AT&T or whoever is holding on to that message waiting until it can send it through. And once you connect, it gives you the message. Some services may provide a way to deal with text messages on their website so you don’t even need a phone. So that would depend on what those people are doing.

Sean Hannity: But the likelihood that the Telecom company has all those are negligible, you’re saying.

Luke Chung [4:33]: I would presume so, because there’s no reason why they would want to keep it. Once they send it through, why would they? mean it’s just a waste of space for them.

Sean Hannity: What about forensically the phone itself or the device itself?

Luke Chung [04:45]: Correct, so the phones, the sender’s phone and the recipient’s phone would have those messages to the extent that they don’t delete them.

Sean Hannity: Okay, if they delete them?

Luke Chung [4:52]: If they delete them, then they would/could be on the little hard disk, for as mentioned before, they would probably overwritten over time.

Sean Hannity: And over time means that probably long gone considering the time period that were talking about is 12/14/16 to May 2017.

Luke Chung [5:07]: Right. I mean they probably have different phones.

Sean Hannity: What about we keep hearing from Bill Binney and others that every text every email that we send is metadata stored in places like Salt Lake City. Is that possible?

Luke Chung [5:18]: Well you can ask the NSA what they store, I would not know what they store.

Sean Hannity: Alright, Andrew what if they erased it on their phone but they have the phone. Would it be retrievable?

Andrew Ziem: Yes, step one would be trying to get access to both of those phones. Making sure we’ve got the password or whatever to unlock the phone. While it is still not super likely that every single message is there. It’s possible and likely if they didn’t intentionally wipe them clean with something like BleachBit, it’s possible that some of the messages are there. So, I think it’s definitely worth a shot to do forensic analysis on the phones.

Sean Hannity: Well, they had to get all the other text messages and then they… As soon as the special counsel was appointed on May 17th. Boom. They find the text again. It literally was gone in this crucial… it sounds like Watergate and what was it, the missing 18 minutes of erase tape.

Andrew Ziem: It’s super fishy.

Sean Hannity: It’s super fishy. What about emails? Is it the same, Luke? With email servers like you use Gmail, or MSN, or AOL, whatever. I mean do those emails get saved by those providers?

Luke Chung [6:12]: Emails get saved by those providers because they are running a server type solution. You can get your email from multiple devices, so it’s not [just] stored on the individual device. It is stored centrally.

Sean Hannity: And how long do they keep them for?

Luke Chung [6:23]: Well, they can keep them, I mean if you don’t delete an email message, they’ll keep them forever. Often times, even if you delete a message like Gmail, they would still store it and have it available in the [trash folder]…

Sean Hannity: They store it in perpetuity?

Luke Chung [6:36]: That’s the agreement that you make with Google. What they do with it is kind of their business.

Sean Hannity: So, the answer is we don’t know if they’d be able to retrieve an email.

Luke Chung [6:44]: Right. An email would be much more likely to be retrievable, because you can go to the server and get it. There’s no such thing as a text message server.

Sean Hannity: But considering it’s the five critical months in question here. That these that the text messages are missing and then they just mysteriously reappeared the day after the special counsel’s appointed. Do any of you, does that pass the smell test for any of you ’cause it doesn’t for me.

Andrew Ziem: It’s hard to explain another way Sean.

Sean Hannity: In other words, it was an 18-minute Gap in the Watergate tapes. It doesn’t meet the smell test that they weren’t erased on purpose, does it?

Luke [7:12]: I mean I would need, you know, I don’t have the data to be able to look at that. I guess they’re two parts of this. One would be to see who owns those phones. Are those FBI phones and were similar things happening to other FBI phones at the time or was it specific to these two people’s phones, right?

Sean Hannity: Yeah, it’s unbelievable. Alright, I want to thank you both. Andrew, thank you. Luke, thank you. Good to talk to you again.


Follow Up Notes

The FBI disclosed that the text backups they were making depended on software installed on each smartphone which encountered problems as the app and smartphone operating systems were updated. The backups were lost for a large number of FBI devices, and not just these two individuals.

Later, the FBI were able to recover the messages.

Lessons Learned

Data backup is critical to most organizations and may be required by law. Unfortunately, people don’t realize system administration tasks like data backup and disaster recovery aren’t working until they need it. Backups may seem like they are successfully running for weeks, months and years without someone verifying everything is working.

Failures could be intentional, but it’s usually a process breakdown or human error. Sometimes, it’s a budget driven issue since old backups (tapes, hard disks, etc.) get reused and older backups get overwritten.

We recommend:

  • Defining an acceptable data retention policy
  • Designing the processes to implement it
  • Budgeting the resources to support it
  • Testing the scenarios to validate the processes are working

Keep in mind there’s a difference between data backup/recovery versus business continuity and disaster recovery. See or paper on Creating a Backup and Disaster Recovery Plan for Microsoft Access Database Applications for some ideas.

Additional Resources

Apr 28

Microsoft Access Video on VBA Programming with Luke Chung at Access DevCon 2017

FMS President Luke Chung was a presenter at the Microsoft Access DevCon 2017 in Vienna, Austria in early April.

Before giving two conference presentations, he was sat down and spoke with Philipp Stiefel of codekabinett.com of Germany. Philipp is creating a series of videos discussing VBA development.

Luke shares the history of how FMS Inc. began working with MS Access and how we now offer 12 products for the Access community, including Total Access Analyzer, Total Access Emailer, Total Visual CodeTools, and Total Visual SourceBook.

They talked about:

  • VBA Best Practices
  • How end-users migrate from Excel to Access, then learn how to code
  • Why people are hesitant to purchase third party products and how FMS overcomes that by showcasing the value we offer
  • Using tools like Total Access Analyzer to catch errors before shipping and learning best practices
  • Using the module code in Total Visual SourceBook to address problems we’ve already solved so you can focus on the unique issues in your applications
  • The value of creating consistent, quality code
  • How to improve code for developers of all backgrounds
  • Being in constant “growth” mode to look for ways to become a better developer

FMS Inc. is proud of the quality of products we have produced for the past 30 years. We are honored to continuously be regarded as a leading expert in the Access community. Thank you for supporting us and we hope you enjoy the 20 minute interview!

 

Aug 17

Total Access Emailer Version X.7 for Microsoft Access 2013, 2010, and 2007

Microsoft Access Email BlasterTotal Access EmailerMicrosoft Access Email

With the recent release of Total Access EmailerTotal Access Emailer for Microsoft Access 2016, we are pleased to release updates of earlier versions to include the many new features:

  • Total Access Emailer 2013, Version 15.7
  • Total Access Emailer 2010, Version 14.7
  • Total Access Emailer 2007, Version 12.7

Total Access Emailer is the most popular email blaster for Microsoft Access. Easily send personalized emails directly from your Access database. Quickly communicate with every email address in your table or query. Use fields from your data source to customize each subject and message. Attach files from disk and also attach reports as PDF files filtered for each recipient.

The new X.7 version includes many new features since their previous version:

  • email-validationEmail Validation to check the syntax of the values in your email field so you can flag invalid emails in your table before you send your blast
  • Save Attached Files to Disk. This lets you document the attached files sent to all your contacts without using blind cc (Bcc).
    • This can also be used independent of sending emails as a way to distribute files and PDF reports to disk. You can even create folder names based on field values.
  • Preview Saving Files to Disk
  • New VBA Function to Preview Email Blasts with Save Files
  • Code Generator Supports Preview Email with Save Folder
  • Support for Office365 and other SMTP Services using TLS
  • Enhanced setup for Windows 10 and 64-bit installations
  • Updated user manual and help file
  • Complete list and additional details of new features in Total Access Emailer X.7.

download-trial-blueDownload the free trial version and send your own personalized emails from Microsoft Access.

Create multiple email blasts in your database and run them at any time through the Total Access Emailer add-in Wizard:

Main Screen of Total Access Emailer 2016

Jul 01

Microsoft Office365 Exchange Online Service Performance Degradation and SMTP Problems

office365A few years ago, we migrated our email service to Microsoft’s Office365 cloud service. Overall, it’s been very reliable and eliminated the challenges we had hosting Exchange ourselves. It let us get to our emails using Outlook installed on Windows, any internet browser, and smartphones. Office365 also offered other Office product online (Access Web Apps, Excel, Word, etc.), SharePoint and OneDrive Business.

Unfortunately, on the morning of June 30th, we discovered:

  • Delays sending and receiving emails
  • Some emails were bouncing back from recipients who couldn’t validate our Office365 Exchange Server’s SMTP (protection.outlook.com) with our domain name. That meant the Exchange SMTP server was no longer considered a trusted sender of emails from the @fmsinc.com domain.
  • Our use of the Office365 SMTP server to send emails with our Total Access Emailer product was also failing to authenticate against the server

The problems began the evening before. Needless to say, we aren’t happy about this experience which impacted us and our clients using Office365. Reports are that it affects Office365 customers across North America.

exchangeContacting Microsoft, they confirmed problems with the health of their Office365 Exchange Server. Throughout the day, problems lessened but persisted. We hope the problems are resolved soon and that we’ll understand what went wrong once we overcome the immediate crises.

These are the reports we’ve received from Microsoft. We’ll keep you updated as we learn more:


Exchange Online Service Degraded

This is what the Office365 Admin portal shows for Service Health:

Office365Issues

Office365Health


EX71628 – E-Mail and calendar access – Restoring Service

Jun 29, 2016 12:11 PM

CURRENT STATUS

Our investigation determined that an existing transport feature which is designed to expedite the delivery of email messages became degraded, which caused impact to email delivery for a subset of users. We’re bypassing the affected feature to restore service

User Impact

Users may be unable to send email messages through the Exchange Online service. Email messages may appear to be stuck in the Drafts or Outbox folders.

Scope of Impact

A few customers have reported this issue, and our analysis indicates that for most customers, it’s unlikely that many users would report impact related to this event.

  • Start Time: Thursday, June 23, 2016, at 3:00 PM UTC

Preliminary Root Cause

An existing transport feature that is designed to expedite the delivery of email messages became degraded, which caused impact to email delivery for a subset of users

EX71628 – E-Mail and calendar access – Extended recovery

Jun 30, 2016 2:18 PM

Current Status

We’ve developed an additional fix to address the underlying cause of the issue. We’re preparing to deploy the fix to the affected environment to ensure that the issue does not reoccur.

User Impact

Users may be unable to send email messages through the Exchange Online service. Email messages may appear to be stuck in the Drafts or Outbox folders.

Scope of Impact

A few customers have reported this issue, and our analysis indicates that for most customers, it’s unlikely that many users would report impact related to this event.

  • Start Time: Thursday, June 23, 2016, at 3:00 PM UTC

Preliminary Root Cause

An existing transport feature that is designed to expedite the delivery of email messages became degraded, which caused impact to email delivery for a subset of users.

Next Update by: Saturday, July 2, 2016, at 7:00 PM UTC


EX71674 – E-Mail timely delivery – Service restored

Jun 30, 2016 7:35 PM

Final Status

We’ve confirmed that the remaining message queues have now drained after implementing a configuration change to optimize message filtering.

User Impact

Users were experiencing delays when sending and receiving email messages. Affected users may have received Non-Delivery Reports (NDR) when sending email messages.

Scope of Impact

Customer reports indicated that many users likely experienced impact related to this event. Our analysis indicates that this issue may potentially have affected any of your users attempting to send or receive mail.

  • Start Time: Thursday, June 30, 2016, at 2:30 PM UTC
  • End Time: Thursday, June 30, 2016, at 11:30 PM UTC

Preliminary Root Cause

The infrastructure responsible for processing Exchange Online Protection (EOP) message filtering became degraded.

Next Steps

  • We’re analyzing performance data and trends on the affected systems to help prevent this problem from happening again.
  • We’re reviewing our code for optimizations and automated recovery options.
  • We’ll publish a post-incident report within five business days.

EX71674 – E-Mail timely delivery – Service restored

Jul 1, 2016 12:08 AM

Final Status

We’ve rolled out the fix and confirmed that service is restored. Any meeting requests created during the outage will need to have the conference room calendar removed and readded to book the room.

User Impact

Users that attempted to create a meeting request with a conference room calendar were unable to successfully book a conference room. This lead to conference rooms being booked by multiple resources.

Scope of Impact

A few customers reported this issue, and our analysis indicated that this may have affected any users attempting to use this feature.
  • Start Time: Monday, June 27, 2016, at 6:00 PM UTC
  • End Time: Friday, July 1, 2016, at 2:54 AM UTC

Preliminary Root Cause

A recent update affected the ability for calendar invite requests to successfully book conference rooms.

Next Steps

  • We’re reviewing our deployment and provisioning procedures to help prevent this kind of problem in the future.
  • We’ll publish a post-incident report within five business days.

Jun 13

Total Access Emailer Ships for Microsoft Access 2016

Microsoft Access Email BlasterTotal Access EmailerMicrosoft Access Email

Total Access EmailerTotal Access Emailer is the most popular email blaster for Microsoft Access. Easily send personalized emails directly from your Access database. Quickly communicate with every email address in your table or query. Use fields from your data source to customize each subject and message. Attach files from disk and also attach reports as PDF files filtered for each recipient.

Total Access Emailer is now available for Microsoft Access 2016. Total Access Emailer 2016 includes many enhancements since the prior release for Access 2013:

  • Supports Access 2016
    • 32 and 64-bit versions
    • Add-in and VBA Runtime libraries in the Professional Version
  • email-validationEmail Validation to check the syntax of the values in your email field so you can flag invalid emails in your table before you send your blast
  • Save Attached Files to Disk. This lets you document the attached files sent to all your contacts without using blind cc (Bcc).
    • This can also be used independent of sending emails as a way to distribute files and PDF reports to disk. You can even create folder names based on field values.
  • Preview Saving Files to Disk
  • New VBA Function to Preview Email Blasts with Save Files
  • Code Generator Supports Preview Email with Save Folder
  • Enhanced setup for Windows 10 and 64-bit installations
  • Updated user manual and help file
  • Complete list and additional details of new features.

download-trial-blueDownload the free trial version and send your own personalized emails from Microsoft Access.

Easily Run and Manage the Email Blasts You’ve Created in Your Database

Main Screen of Total Access Emailer 2016