FMS President Luke Chung was invited on the Sean Hannity Show to discuss the technology behind text messages: how they work and how they are archived.
Below is the transcript from the interview followed by some comments on the story and how to avoid problems with data backup and disaster recovery.
The FBI claimed to lose backups of text messages between FBI agent Peter Strzok and FBI lawyer Lisa Page between December 14, 2016 and May 17, 2017.
On January 22, 2018, Luke Chung was on the radio show with Sean Hannity and Andrew Ziem. The three of them discussed the technology behind the ability to retrieve text messages that were deleted. Luke commented specifically on:
How text messages are stored on a sender’s/receiver’s device, unlike emails which are stored on a central server.
The ability to retrieve an email that has been deleted is more likely than trying to retrieve a text.
Here’s the audio from the show:
Luke’s segment starts at the 3:28 mark to about 5:18. The discussion wraps up around the 7:12 mark.
Sean Hannity [0:01 – 2:34]: The bigger story today… how do we retrieve five months’ worth of text? Andrew Ziem’s the founder and lead developer of BleachBit. Luke Chung is the president of FMS inc and both are well-versed in the retrieval in the forensics of getting information back that is quote “been deleted”. Thank you both for being with us. Andrew Ziem it sounds like maybe a little bit of BleachBit was used here. Is that possible to use on an electronic device?
Andrew Ziem: BleachBit itself isn’t compatible with a mobile device but there are tools that are similar to that. And even regardless of using that tool, just the fact that so many months have gone by, I know it’s been it’s been well over half a year since May 2017. Even just using the device on a daily basis is going to slowly erase text messages by overriding the data.
Sean Hannity: Well I want to, Luke Chung we’ve talked to you many many times before. Why is it this very critical five-month period they’re missing all those texts? Considering you know this is the crucial period of time. Does that sound like an accident to you? It doesn’t to me.
Luke Chung [3:28]: Well thank you very much for having me back on-again Sean. The technology here is different from emails. Emails are stored in a central server and are much more permanent. Text messages are on the sender’s device. They go to a Telecom company, which then forwards to the recipient’s [Telecom company and] device. Usually, the Telecom throws it away soon after they make that connection. So, there’s no permanent centralized storage with text messages.
Sean Hannity: So, if they subpoena the Telecom company it will probably be a waste of time.
Luke Chung [3:55]: Right, because they have no reason to store billions of text messages. Once you get it on your phone, why would they ever need to hold it for you? It’s not like an email.
Sean Hannity: So, how, what are they usually saved for? Three days in rotation?
Luke Chung [4:05]: It is usually saved to the extent that they send a message through. So, for instance, if the recipient’s phone is off, the text message isn’t lost. You know, Verizon or AT&T or whoever is holding on to that message waiting until it can send it through. And once you connect, it gives you the message. Some services may provide a way to deal with text messages on their website so you don’t even need a phone. So that would depend on what those people are doing.
Sean Hannity: But the likelihood that the Telecom company has all those are negligible, you’re saying.
Luke Chung [4:33]: I would presume so, because there’s no reason why they would want to keep it. Once they send it through, why would they? mean it’s just a waste of space for them.
Sean Hannity: What about forensically the phone itself or the device itself?
Luke Chung [04:45]: Correct, so the phones, the sender’s phone and the recipient’s phone would have those messages to the extent that they don’t delete them.
Sean Hannity: Okay, if they delete them?
Luke Chung [4:52]: If they delete them, then they would/could be on the little hard disk, for as mentioned before, they would probably overwritten over time.
Sean Hannity: And over time means that probably long gone considering the time period that were talking about is 12/14/16 to May 2017.
Luke Chung [5:07]: Right. I mean they probably have different phones.
Sean Hannity: What about we keep hearing from Bill Binney and others that every text every email that we send is metadata stored in places like Salt Lake City. Is that possible?
Luke Chung [5:18]: Well you can ask the NSA what they store, I would not know what they store.
Sean Hannity: Alright, Andrew what if they erased it on their phone but they have the phone. Would it be retrievable?
Andrew Ziem: Yes, step one would be trying to get access to both of those phones. Making sure we’ve got the password or whatever to unlock the phone. While it is still not super likely that every single message is there. It’s possible and likely if they didn’t intentionally wipe them clean with something like BleachBit, it’s possible that some of the messages are there. So, I think it’s definitely worth a shot to do forensic analysis on the phones.
Sean Hannity: Well, they had to get all the other text messages and then they… As soon as the special counsel was appointed on May 17th. Boom. They find the text again. It literally was gone in this crucial… it sounds like Watergate and what was it, the missing 18 minutes of erase tape.
Andrew Ziem: It’s super fishy.
Sean Hannity: It’s super fishy. What about emails? Is it the same, Luke? With email servers like you use Gmail, or MSN, or AOL, whatever. I mean do those emails get saved by those providers?
Luke Chung [6:12]: Emails get saved by those providers because they are running a server type solution. You can get your email from multiple devices, so it’s not [just] stored on the individual device. It is stored centrally.
Sean Hannity: And how long do they keep them for?
Luke Chung [6:23]: Well, they can keep them, I mean if you don’t delete an email message, they’ll keep them forever. Often times, even if you delete a message like Gmail, they would still store it and have it available in the [trash folder]…
Sean Hannity: They store it in perpetuity?
Luke Chung [6:36]: That’s the agreement that you make with Google. What they do with it is kind of their business.
Sean Hannity: So, the answer is we don’t know if they’d be able to retrieve an email.
Luke Chung [6:44]: Right. An email would be much more likely to be retrievable, because you can go to the server and get it. There’s no such thing as a text message server.
Sean Hannity: But considering it’s the five critical months in question here. That these that the text messages are missing and then they just mysteriously reappeared the day after the special counsel’s appointed. Do any of you, does that pass the smell test for any of you ’cause it doesn’t for me.
Andrew Ziem: It’s hard to explain another way Sean.
Sean Hannity: In other words, it was an 18-minute Gap in the Watergate tapes. It doesn’t meet the smell test that they weren’t erased on purpose, does it?
Luke [7:12]: I mean I would need, you know, I don’t have the data to be able to look at that. I guess they’re two parts of this. One would be to see who owns those phones. Are those FBI phones and were similar things happening to other FBI phones at the time or was it specific to these two people’s phones, right?
Sean Hannity: Yeah, it’s unbelievable. Alright, I want to thank you both. Andrew, thank you. Luke, thank you. Good to talk to you again.
Follow Up Notes
The FBI disclosed that the text backups they were making depended on software installed on each smartphone which encountered problems as the app and smartphone operating systems were updated. The backups were lost for a large number of FBI devices, and not just these two individuals.
Later, the FBI were able to recover the messages.
Data backup is critical to most organizations and may be required by law. Unfortunately, people don’t realize system administration tasks like data backup and disaster recovery aren’t working until they need it. Backups may seem like they are successfully running for weeks, months and years without someone verifying everything is working.
Failures could be intentional, but it’s usually a process breakdown or human error. Sometimes, it’s a budget driven issue since old backups (tapes, hard disks, etc.) get reused and older backups get overwritten.
Defining an acceptable data retention policy
Designing the processes to implement it
Budgeting the resources to support it
Testing the scenarios to validate the processes are working
Microsoft Access is celebrating its 25th year this month. It’s an amazing accomplishment for a software product to be so successful for so many years. We at FMS were there since the beginning.
Read our first hand, historical account of watching Microsoft Access take over the Windows desktop database market, and how we became the world’s leading 3rd party developer of Microsoft Access products.
Discover how we watched MS Access rise from nothing to the leading Windows desktop database application. This directly caused the implosion of Borland International which previously dominated the desktop database industry. Witnessing this in person was an amazing experience of how quickly technology can change established, large software businesses.
The video is from the November 1992 COMDEX conference where a very young Bill Gates personally announced the debut of Microsoft Access. He remains a big fan of Access and was actively involved in its design and development.
FMS Inc. founder and president, Luke Chung, was invited to speak at the Access developer’s convention in Vienna, Austria April 1-2. Luke provided his insight on:
The Access Challenges that developers like himself face
How Access has changed and evolved over the years,
Demonstrations of many of FMS Inc.’s products and their features.
Along with Luke’s presentations, DevCon saw Microsoft Access Team members Michal Bar and Mike Sullivan, who gave overviews of Access 2016 and what is coming in the future. Thomas Pfoch, from picoware, showed new features relating to treeview customization. Peter Bryant, from Corylus Business Systems, provided insight in communicating with JSON Services. Microsoft Access MVP, Juan Soto, spoke about Optimizing Access with SQL Server. Danish Microsoft Access MVP Andres Ebro provided techniques and tricks to help with image handling, classes, and using reports inside a form. Paul Rohorzka of TechTalk presented automated testing of Access applications. Kevin Bell of COMC shared his thoughts on tools to extend Access development.
The conference was a great, informative success! The event, organized by Microsoft Access MVP Karl Donaubauer, was sold out! FMS Inc. was grateful for the opportunity to meet and present for all of those in attendance.
Additionally, due to the enormous success of the event this year, 2018 will host the 2nd Access DevCon Vienna on April 7-8. To stay updated on the event for next year, make sure to check out Karl’s page about the event! Access DevCon 2018
How end-users migrate from Excel to Access, then learn how to code
Why people are hesitant to purchase third party products and how FMS overcomes that by showcasing the value we offer
Using tools like Total Access Analyzer to catch errors before shipping and learning best practices
Using the module code in Total Visual SourceBook to address problems we’ve already solved so you can focus on the unique issues in your applications
The value of creating consistent, quality code
How to improve code for developers of all backgrounds
Being in constant “growth” mode to look for ways to become a better developer
FMS Inc. is proud of the quality of products we have produced for the past 30 years. We are honored to continuously be regarded as a leading expert in the Access community. Thank you for supporting us and we hope you enjoy the 20 minute interview!
You can quickly create surveys with Excel and make them available online with all results saved in the spreadsheet hosted in Office365. Just create an Excel spreadsheet in Office365 and choose the Survey item on the ribbon to design it.
A link is provided to share with people to respond. They don’t need to have Excel or Office365. Just a web browser. Try our sample by clicking the image below:
Shorten the URL
Excel provides a very long URL to share your survey. By using a site like bit.ly, you can create a shorter one to email to your contacts. This is important to avoid problems when URLs get word wrapped in emails. For instance, this survey is shortened to https://bit.ly/2qmSweG.
Results in Your Spreadsheet
The results go directly into your spreadsheet with each submission as a separate row:
Having the ability to create a survey and see the results in a spreadsheet in minutes, is a terrific tool to help your projects!
We are pleased to introduce new versions of Total Access Statistics for Microsoft Access 2007 and 2003; versions 12.9 and 11.9 respectively. They include the many features we introduced with the latest Access 2016 version.
Total Access Statistics is an add-in that is the most powerful data analysis program for Microsoft Access. It extends the power of Access queries to analyze the data in your local or linked tables. It generates results in tables you can view or include in other queries, forms, and reports. It offers a wide range of statistical functions such as:
Financial Cash Flow Calculations
Running Totals and Moving Averages
Group Analysis (t-Tests and ANOVA)
Record Analysis and Rankings
Additional percentile types can be assigned to a field in your table
Enhanced data formatting
Improved financial calculations for IRR and XIRR
Updated user manual
Support for Windows 8 and 10
New Add-in and Runtime Library Files
Version 12.9 and 11.9 include new files for the Access add-in. It also has new runtime library files.
A digitally signed MDE library for MDB databases that support users of Access 2016, 2013, 2010, 2007 and 2003.
The Access 2007 version includes an ACCDE runtime library for ACCDB databases for Access 2016, 2013, 2010 and 2007 users
The Access 2003 version includes a runtime library for Access 2000 and 2002 users
We are excited to announce our release of Total Access Admin 2016! Total Access Admin is our administrator tool to help you monitor the users going in and out of your Microsoft Access databases (ACCDB and MDB formats) in real-time:
See who is currently connected to your Microsoft Access database (you can manage multiple databases from one screen)
Monitor up to 150 databases at one time
Keep a log of users entering and exiting each database
Identify workstations or users disconnecting in a suspect manner which may be the source of database corruption
Compact your database when all users exit it
Prevent new users from logging into your database
Log off idle users
Communicate with your users in real-time
Total Access Admin 2016 is an update from the 2013 version and includes these enhancements:
Monitors ACCDB and MDB format databases created by Microsoft Access 2016 (32 or 64-bit version) and earlier versions of Access
Works in environments where Access 32 or 64-bit versions is installed, including installations from Microsoft Office365
Does not require Microsoft Access to be installed on the machine
Up to 150 databases can be monitored at one time (up from 100)
Setup program supports Windows 8 and 10, Server 2012 and later, with an option to launch the program after its installed
Hannity traveled to London to interview Julian Assange at the Ecuadorian Embassy where he’s seeking asylum. They discussed an overview of Assange’s role as founder of WikiLeaks, and their obtaining and publishing the emails from the Democratic National Committee the weeks before the US Presidential election. Some people attribute Hillary Clinton’s loss to the revelations in those emails especially from John Podesta, the former White House Chief of Staff and Chairman of the Clinton campaign. They are also accusing the Russians for hacking (stealing) and providing the data to Assange so Donald Trump could win the election.
On January 4, 2017, I was on the radio show with Sean Hannity and Brigadier General Eli Ben Meir, former Israeli Military Intelligence chief. The three of us discussed the WikiLeaks disclosures. I commented specifically on:
Cyber attacks and the security breach at OPM disclosed non-classified government employees and by omission who were covert at American Embassies globally.
Noting Julian Assange’s careful word choices to exclude Russia as source without excluding them as the ultimate source of his sources.
The need for WikiLeaks’ to keep their sources confidential and how they amplified the data from Bradley Manning and Edward Snowden.
Different approaches to preventing cyber attacks depending on the cause. “It’s one thing when someone steals your car because they broke into it. It’s another thing when someone steals your car because you left your keys in the ignition.”
Here’s the audio of the show:
My segment starts at the 6:50 mark. Sean and General Meir speak first, then I start around 9:25. Final comments at 14:15 and it wraps up by 14:50.
Only a limited amount of information can be discussed in such a short interview. Some additional issues to consider are:
Securing data over the internet and inside organizations is very challenging. Threats may come from:
External hacks that need to be monitored and defeated
Internal people who unintentionally leave the front door unlocked
Internal people who intentionally leak information
Different solutions are required for each type of threat. Some are at the software vendor, design, and developer level, while others involve end-user training, background checks, and monitoring.
Applications can be built so that simply disclosing a user name and password doesn’t compromise the whole system by require two-factor authentication and registering devices that can use those credentials.
Unfortunately, many systems were built well before today’s cyber threats existed. The cost of making those systems more secure without breaking their existing functionality will be daunting and expensive. In many cases, the original source code, development environment and/or vendor are long gone, so the only option is to replace them which is also very expensive and time consuming.
Julian Assange and WikiLeaks are Not Heroes
We need to keep in mind that the WikiLeaks exposed top secret US information by publishing the disclosures from Manning and Snowden. Lives were put at risk and lives may have been lost because of those publications. The Arab Spring was inflamed in part by the disclosure of diplomatic communications and one could argue the human tragedy in Syria is tied to this as well. While Republicans are celebrating and defending Assange and WikiLeaks now for the DNC emails, the tables may turn very quickly.
Data That’s Not Exposed May be More Dangerous
While many are focused on the DNC emails, it’s not unreasonable to assume the people who hacked that also got the RNC emails. Data can be power, and in the wrong hands, data can be used for nefarious purposes such as blackmail.
If the RNC data were compromised, we should be extremely worried if the hackers discovered it was more valuable to keep private than public. Whether they use it directly or sell it to another party or country, the information can make victims puppets by threatening the exposure of their personal data. It’s not uncommon during E-discovery of an email server to discover all sorts of inappropriate language, behavior and activity conducted by individuals in an organization. Disclosures of affairs, homosexual activity, underage sex, bribery, unethical business dealings, breeches of confidentiality, collusion, and actual crimes are often found in email threads and can be used for blackmail.
FMS Inc., a leader in software database development and design, is proud to announce it is joining the Microsoft Enterprise Cloud Alliance.
Celebrating 30 years in software development, FMS has a long track record of building mission-critical solutions for a wide range of organizations around the world. From desktop to web and mobile solutions, FMS serves tens of thousands of customers in over 100 countries ranging from small to large commercial organizations, non-profits, educational institutions, and government agencies.
The Microsoft Enterprise Cloud Alliance offers an innovative way for FMS Inc. to integrate its innovative products and services with Microsoft Corp.
“We’ve helped many organizations create and deploy database applications on the Microsoft Azure cloud,” said Luke Chung, President and Founder of FMS, Inc. “With Microsoft’s cloud center, our solutions are hosted on an enterprise quality infrastructure platform that’s highly scalable and reliable. It eliminates the headaches of managing our own hardware and connectivity, and best of all, it’s a fraction of the cost compared to doing it ourselves. That translates to quicker time to market and lower costs for our customers.”
Since 1986, FMS has created innovative software solutions for commercial and government organizations. A Microsoft partner since 1992, FMS is a leading provider of products for Microsoft Access and Microsoft Office. Our Professional Solutions Group offers custom solutions on Windows, web and mobile platforms. Our Advanced Systems Group created Sentinel Visualizer, an advanced link analysis and data visualization product for the intelligence, defense and law enforcement communities. For 30 years, FMS has helped over 50,000 customers in more than 100 countries make better data-driven decisions.