With Congress and President Trump at a budget impasse, funding for significant portions of the US Federal government ended midnight Friday, December 18, 2018. Historically, government employees are not paid on time but are retroactively paid after the new budget is implemented. The same is not true for government contractors.
Government contractors compete against each other to provide a wide range of services such as computer programming, construction, security guards, cafeterias, janitorial services, technical experts, maintenance workers, and much more. When the government shuts down, contractor staff are not needed or can’t do their work. But they are real companies and people who suffer. Long-term, it’s bad for US taxpayers.
Our Contract with Amtrak is Suspended
We have a government contract with Amtrak which was suspended by this letter:
This contract provides help for Microsoft Access database programming and is relatively small. We do not have dedicated staff for the contract, so we are not really affected as our people will work on other projects.
Unfortunately, we have colleagues who are government contractors or in businesses more dependent on the government who are significantly impacted by the shutdown. This is especially true for companies who provide staff to work at government facilities that are now closed. Most are hesitant to speak publicly about their experiences in fear their government clients would be offended, so we’d like to share our experiences and theirs.
Very Tough Situation and Decisions for Government Contractors and Their Employees
Since government contractors are unlikely to be repaid when the budget is finally resolved, government contractors with dedicated staff for those contracts need to decide whether to pay their employees for time they never expected to not charge to the government. The impact is somewhat offset by the Christmas and New Year’s holidays, and maybe they can force employees to take vacation days. But as the shutdown lasts longer, contractors will have to pay their employees from their own funds. Not paying them runs the risk that the employees leave and won’t be available once the budget is resolved. One cannot expect employees to remain loyal if they aren’t paid. Meanwhile, employees are dusting off their resumes and seeking alternative employers.
Small businesses are especially vulnerable since many contracts have small profit margins, so without significant cash and lines of credit, a cash flow problem can quickly bankrupt a company. Even generous owners who try to do the “right thing”, may not be able to if their cash is depleted. That would lead to fewer government contractors in the future and higher costs to taxpayers.
A friend of mind who owns a firm completely focused on servicing the federal government shared:
“As contractors, our employees still get paid and yet we are unable to bill. Cash is king and small companies like mine live and die by cash. This is the worst.”
On December 26th, we sent a Twitter message with the letter we received from Amtrak and the sympathy we feel for government contractors and their employees.
“Business owners who have [dedicated] staff are making the decision: Do we pay people or not, even though we won’t get paid by the government? Either you force people to take vacation, or you pay them, to be a good company ― but depending how long it drags on, one may not have a choice.”
Self-Inflicted Wound that Should be Resolved Promptly
Eventually the budget will be resolved. We hope the parties come to their senses and do it sooner rather than later because innocent people who’ve dedicated their firms and lives to providing a professional service to US taxpayers are at risk and feeling real pain. That’s terrible for them now and our country long-term.
FMS President Luke Chung was invited on the Sean Hannity Show to discuss the technology behind text messages: how they work and how they are archived.
Below is the transcript from the interview followed by some comments on the story and how to avoid problems with data backup and disaster recovery.
The FBI claimed to lose backups of text messages between FBI agent Peter Strzok and FBI lawyer Lisa Page between December 14, 2016 and May 17, 2017.
On January 22, 2018, Luke Chung was on the radio show with Sean Hannity and Andrew Ziem. The three of them discussed the technology behind the ability to retrieve text messages that were deleted. Luke commented specifically on:
How text messages are stored on a sender’s/receiver’s device, unlike emails which are stored on a central server.
The ability to retrieve an email that has been deleted is more likely than trying to retrieve a text.
Here’s the audio from the show:
Luke’s segment starts at the 3:28 mark to about 5:18. The discussion wraps up around the 7:12 mark.
Sean Hannity [0:01 – 2:34]: The bigger story today… how do we retrieve five months’ worth of text? Andrew Ziem’s the founder and lead developer of BleachBit. Luke Chung is the president of FMS inc and both are well-versed in the retrieval in the forensics of getting information back that is quote “been deleted”. Thank you both for being with us. Andrew Ziem it sounds like maybe a little bit of BleachBit was used here. Is that possible to use on an electronic device?
Andrew Ziem: BleachBit itself isn’t compatible with a mobile device but there are tools that are similar to that. And even regardless of using that tool, just the fact that so many months have gone by, I know it’s been it’s been well over half a year since May 2017. Even just using the device on a daily basis is going to slowly erase text messages by overriding the data.
Sean Hannity: Well I want to, Luke Chung we’ve talked to you many many times before. Why is it this very critical five-month period they’re missing all those texts? Considering you know this is the crucial period of time. Does that sound like an accident to you? It doesn’t to me.
Luke Chung [3:28]: Well thank you very much for having me back on-again Sean. The technology here is different from emails. Emails are stored in a central server and are much more permanent. Text messages are on the sender’s device. They go to a Telecom company, which then forwards to the recipient’s [Telecom company and] device. Usually, the Telecom throws it away soon after they make that connection. So, there’s no permanent centralized storage with text messages.
Sean Hannity: So, if they subpoena the Telecom company it will probably be a waste of time.
Luke Chung [3:55]: Right, because they have no reason to store billions of text messages. Once you get it on your phone, why would they ever need to hold it for you? It’s not like an email.
Sean Hannity: So, how, what are they usually saved for? Three days in rotation?
Luke Chung [4:05]: It is usually saved to the extent that they send a message through. So, for instance, if the recipient’s phone is off, the text message isn’t lost. You know, Verizon or AT&T or whoever is holding on to that message waiting until it can send it through. And once you connect, it gives you the message. Some services may provide a way to deal with text messages on their website so you don’t even need a phone. So that would depend on what those people are doing.
Sean Hannity: But the likelihood that the Telecom company has all those are negligible, you’re saying.
Luke Chung [4:33]: I would presume so, because there’s no reason why they would want to keep it. Once they send it through, why would they? mean it’s just a waste of space for them.
Sean Hannity: What about forensically the phone itself or the device itself?
Luke Chung [04:45]: Correct, so the phones, the sender’s phone and the recipient’s phone would have those messages to the extent that they don’t delete them.
Sean Hannity: Okay, if they delete them?
Luke Chung [4:52]: If they delete them, then they would/could be on the little hard disk, for as mentioned before, they would probably overwritten over time.
Sean Hannity: And over time means that probably long gone considering the time period that were talking about is 12/14/16 to May 2017.
Luke Chung [5:07]: Right. I mean they probably have different phones.
Sean Hannity: What about we keep hearing from Bill Binney and others that every text every email that we send is metadata stored in places like Salt Lake City. Is that possible?
Luke Chung [5:18]: Well you can ask the NSA what they store, I would not know what they store.
Sean Hannity: Alright, Andrew what if they erased it on their phone but they have the phone. Would it be retrievable?
Andrew Ziem: Yes, step one would be trying to get access to both of those phones. Making sure we’ve got the password or whatever to unlock the phone. While it is still not super likely that every single message is there. It’s possible and likely if they didn’t intentionally wipe them clean with something like BleachBit, it’s possible that some of the messages are there. So, I think it’s definitely worth a shot to do forensic analysis on the phones.
Sean Hannity: Well, they had to get all the other text messages and then they… As soon as the special counsel was appointed on May 17th. Boom. They find the text again. It literally was gone in this crucial… it sounds like Watergate and what was it, the missing 18 minutes of erase tape.
Andrew Ziem: It’s super fishy.
Sean Hannity: It’s super fishy. What about emails? Is it the same, Luke? With email servers like you use Gmail, or MSN, or AOL, whatever. I mean do those emails get saved by those providers?
Luke Chung [6:12]: Emails get saved by those providers because they are running a server type solution. You can get your email from multiple devices, so it’s not [just] stored on the individual device. It is stored centrally.
Sean Hannity: And how long do they keep them for?
Luke Chung [6:23]: Well, they can keep them, I mean if you don’t delete an email message, they’ll keep them forever. Often times, even if you delete a message like Gmail, they would still store it and have it available in the [trash folder]…
Sean Hannity: They store it in perpetuity?
Luke Chung [6:36]: That’s the agreement that you make with Google. What they do with it is kind of their business.
Sean Hannity: So, the answer is we don’t know if they’d be able to retrieve an email.
Luke Chung [6:44]: Right. An email would be much more likely to be retrievable, because you can go to the server and get it. There’s no such thing as a text message server.
Sean Hannity: But considering it’s the five critical months in question here. That these that the text messages are missing and then they just mysteriously reappeared the day after the special counsel’s appointed. Do any of you, does that pass the smell test for any of you ’cause it doesn’t for me.
Andrew Ziem: It’s hard to explain another way Sean.
Sean Hannity: In other words, it was an 18-minute Gap in the Watergate tapes. It doesn’t meet the smell test that they weren’t erased on purpose, does it?
Luke [7:12]: I mean I would need, you know, I don’t have the data to be able to look at that. I guess they’re two parts of this. One would be to see who owns those phones. Are those FBI phones and were similar things happening to other FBI phones at the time or was it specific to these two people’s phones, right?
Sean Hannity: Yeah, it’s unbelievable. Alright, I want to thank you both. Andrew, thank you. Luke, thank you. Good to talk to you again.
Follow Up Notes
The FBI disclosed that the text backups they were making depended on software installed on each smartphone which encountered problems as the app and smartphone operating systems were updated. The backups were lost for a large number of FBI devices, and not just these two individuals.
Later, the FBI were able to recover the messages.
Data backup is critical to most organizations and may be required by law. Unfortunately, people don’t realize system administration tasks like data backup and disaster recovery aren’t working until they need it. Backups may seem like they are successfully running for weeks, months and years without someone verifying everything is working.
Failures could be intentional, but it’s usually a process breakdown or human error. Sometimes, it’s a budget driven issue since old backups (tapes, hard disks, etc.) get reused and older backups get overwritten.
Defining an acceptable data retention policy
Designing the processes to implement it
Budgeting the resources to support it
Testing the scenarios to validate the processes are working
Hannity traveled to London to interview Julian Assange at the Ecuadorian Embassy where he’s seeking asylum. They discussed an overview of Assange’s role as founder of WikiLeaks, and their obtaining and publishing the emails from the Democratic National Committee the weeks before the US Presidential election. Some people attribute Hillary Clinton’s loss to the revelations in those emails especially from John Podesta, the former White House Chief of Staff and Chairman of the Clinton campaign. They are also accusing the Russians for hacking (stealing) and providing the data to Assange so Donald Trump could win the election.
On January 4, 2017, I was on the radio show with Sean Hannity and Brigadier General Eli Ben Meir, former Israeli Military Intelligence chief. The three of us discussed the WikiLeaks disclosures. I commented specifically on:
Cyber attacks and the security breach at OPM disclosed non-classified government employees and by omission who were covert at American Embassies globally.
Noting Julian Assange’s careful word choices to exclude Russia as source without excluding them as the ultimate source of his sources.
The need for WikiLeaks’ to keep their sources confidential and how they amplified the data from Bradley Manning and Edward Snowden.
Different approaches to preventing cyber attacks depending on the cause. “It’s one thing when someone steals your car because they broke into it. It’s another thing when someone steals your car because you left your keys in the ignition.”
Here’s the audio of the show:
My segment starts at the 6:50 mark. Sean and General Meir speak first, then I start around 9:25. Final comments at 14:15 and it wraps up by 14:50.
Only a limited amount of information can be discussed in such a short interview. Some additional issues to consider are:
Securing data over the internet and inside organizations is very challenging. Threats may come from:
External hacks that need to be monitored and defeated
Internal people who unintentionally leave the front door unlocked
Internal people who intentionally leak information
Different solutions are required for each type of threat. Some are at the software vendor, design, and developer level, while others involve end-user training, background checks, and monitoring.
Applications can be built so that simply disclosing a user name and password doesn’t compromise the whole system by require two-factor authentication and registering devices that can use those credentials.
Unfortunately, many systems were built well before today’s cyber threats existed. The cost of making those systems more secure without breaking their existing functionality will be daunting and expensive. In many cases, the original source code, development environment and/or vendor are long gone, so the only option is to replace them which is also very expensive and time consuming.
Julian Assange and WikiLeaks are Not Heroes
We need to keep in mind that the WikiLeaks exposed top secret US information by publishing the disclosures from Manning and Snowden. Lives were put at risk and lives may have been lost because of those publications. The Arab Spring was inflamed in part by the disclosure of diplomatic communications and one could argue the human tragedy in Syria is tied to this as well. While Republicans are celebrating and defending Assange and WikiLeaks now for the DNC emails, the tables may turn very quickly.
Data That’s Not Exposed May be More Dangerous
While many are focused on the DNC emails, it’s not unreasonable to assume the people who hacked that also got the RNC emails. Data can be power, and in the wrong hands, data can be used for nefarious purposes such as blackmail.
If the RNC data were compromised, we should be extremely worried if the hackers discovered it was more valuable to keep private than public. Whether they use it directly or sell it to another party or country, the information can make victims puppets by threatening the exposure of their personal data. It’s not uncommon during E-discovery of an email server to discover all sorts of inappropriate language, behavior and activity conducted by individuals in an organization. Disclosures of affairs, homosexual activity, underage sex, bribery, unethical business dealings, breeches of confidentiality, collusion, and actual crimes are often found in email threads and can be used for blackmail.