In his recent Medium article, Jeff Bezos indicated that he has appointed personal security expert Gavin de Becker to ascertain how the National Enquirer tabloid obtained “intimate texts” sent by Bezos to his partner, Lauren Sanchez. Amongst the texts are said to be photos of Bezos and Sanchez in varying states of nudity. It is reported that Bezos’ team believes a government entity may have obtained the messages.
How would an investigation of this nature be conducted?
Well, an investigation of this type is likely to be exclusionary process whereby possible explanations are examined until they can be discounted. The logical first step is to determine whether there is evidence of compromise of Bezos and Sanchez’s devices or accounts. Presumably, the texts were sent by an SMS service or a similar application from a mobile device. Provided the mobile devices used are still in the possession of the protagonists, they should be subject to a forensic examination.
In the course of a forensic examination, it should be possible to determine whether malware was or currently is in operation on any of the devices involved. Malware can be installed on a device by a user in possession of the device or possibly by a remote user who tricks the normal user into installing the application.
The existence of malware would explain how data on a smartphone, for example, was accessed by another person. In this instance however, given Bezos’ team’s beliefs around the source of the compromise, malware may not be involved.
Another possibility is that a device to which the subject device is connected is compromised. If a device on which messages were originally sent or received is synced to another device, some messaging applications will upload messages to the secondary device and/or to a cloud storage application. A forensic examination of any secondary devices is therefore also warranted.
In addition to an examination of the devices, if Bezos or Sanchez used an application other than SMS to send the messages or if they screenshot or saved photos, then any relevant online account/s should be examined. There are means by which email accounts can be examined for signs of compromise for example and some other types of accounts record log in data and the like.
The investigative methods discussed above are not necessarily comprehensive and, if Bezos’ suspicions that a government entity was responsible is correct then this opens up another can of worms entirely.
Who is Responsible?
Telecommunications companies appear to retain the content of SMS messages for a limited time only, if at all. Theoretically, government agencies would require a warrant to access any data stored by telecommunications companies or travelling over telecommunications networks. We know however that the NSA broke the law and collected much more telecommunications data than was permitted. We also know that the five eyes intelligence agencies share information with one another so, it’s possible that Australia, the UK, Canada or NZ have been utilised by US government agencies to scoop up US citizens’ data to skirt constitutional hurdles. Sound like a long shot? Read this. Taking into account the Australian government’s new ability to break encryption, maybe a persuasive, pro-Trump element within the NSA convinced an Australian agency to access encrypted data stored on an account belonging to Bezos or Sanchez. Or perhaps the NSA or China just gets a readout of everything typed out on a machine with a compromised chip which, for all we know, could be every digital device produced in the last 20 years. Interestingly, Amazon purchased the company that was reported to have been subject to Chinese hardware hacking.
We already know that Bezos’ Amazon is a CIA contractor and we know from Wikileaks that the CIA has developed its own iPhone hacking technologies. Bezos reportedly uses an iPhone. Could this therefore be a case of the chickens coming home to roost for Mr Bezos? Bezos was happy to work with the CIA in the era of the establishment-oriented administrations of Bush and Obama era but, taking into account the above, and given the apparent enmity between Trump and Bezos, it is conceivable that someone sympathetic to Trump within an intelligence agency has ultimately used Amazon technology against Bezos and leaked the private texts. This could of course have been done without any direction from the Trump administration.
It will take more than investigative work on the part of Bezos’ team to uncover the truth most likely. Unless there is a slip up or an admission from within an intelligence agency, to uncover any useful evidence it’s going to be necessary for court-ordered discovery of some description and/or an internal investigation within the relevant agencies to shed any light on what actually happened. Taking into account the level of transparency we can likely expect from a US security agency, my guess is we won’t find out the truth.