This is a compilation of some of the most compelling stories of the week.
Learn more about your ad-choices at https://www.iheartpodcastnetwork.com
See omnystudio.com/listener for privacy information.
Mark as Played
Transcript
Episode Transcript
Available transcripts are automatically generated. Complete accuracy is not guaranteed.
Speaker 1 (00:04):
Welcome to the Daily Dive Weekend Edition. I'm Oscar Ramirez,
and every week I explored the top stories making waves
in the news and some that are just playing interesting.
I'll connect you with the journalists and the people who
know the story and bring you news without the noise
so you can make an informed decision. You can catch
a new episode of The Daily Dive every Monday through Friday,
and it's ready when you wake up. On the weekend edition,
(00:27):
I'll be bringing you some of the best stories from
the week. Throughout the pandemic, nursing homes have been under
more scrutiny as outbreaks were happening in these facilities that
were understaffed, and how some of our most vulnerable citizens
in California death and neglect was found inside a troubled
nursing home chain called Renewed Health. Their CEO applied to
(00:48):
operate nine new facilities and was denied because of all
the other violations at the other facilities she operated. But
in a weird twist, she was still operating these very
facilities because of license seeing loopholes. For more on the
flawed system that allows us to happen, will speak to
l e U investigative reporter at KPCC and Elias dot com. Yeah,
(01:09):
I think the pandemic really sort of shed light into
conditions at nursing homes that were happening even way before
the pandemic, as you're mentioning. I first started looking into
this company when I did a story over the summer
about an outbreak at another facility in Los Angeles UM.
I had heard that management had changed earlier in the
(01:29):
year and a company called for New Health had been involved,
and that story involved family members telling me that there
was delayed testing at the facility and there were several
deaths related to COVID nineteen and so I started digging
into this company a little bit more and found out
that it was connected to at least twenty six nursing
homes across state as either owner, operator, management, or an administration.
(01:52):
And we found out that last year state health officials
denied for News founder and CEO, Crystal Saliers, on a
licenses to take over nine existing nursing homes. State officials
sited a serious violations at the chains facilities, including alleged
rape and substandard care, and even concerns about sellers on
his character. But we found out that due to what
(02:13):
advocates call it quote completely exploded licensing process, sellers on
his businesses are still actually operating those nursing homes today. Yeah,
I think that was one of the most kind of
surprising things that we kind of learned from going through
your piece. So let's talk about some of the track
red because I want to get into that licensing thing,
but I want to set the stage for that first.
Let's talk about some of these red flags that were
(02:34):
popping up at these renew nursing homes. There was a
number of citations, a lot of infractions known as immediate jeopardies,
which are just some of the worst things that you
can do. They classified things that can cause or have
caused death, harm to the patients all that. So the
track record for them was not very good. Over a
three year period beginning in February, regulators documented a hundred
(02:58):
and twenty federal vio lations at these nursing homes, including
more than a dozen in the category that you mentioned,
immediate jeopardy, which is one of the most severe. One
expert told us a hundred and twenty violations. That's way
off the curve. We also did some analysis that the
facilities connected to this chain provide care for one in
fifty of the state's nursing home residents, but they're responsible
(03:21):
for nearly one in ten immediate jeopardies in California since
So that's some of the things that we found. I mean,
I had mentioned there was that one incident of certified
nursing assistant accused of graping a fifty two year old patient.
There was another facility where a patient with schizophrenia had
gone missing for weeks. So these are some of the
(03:42):
violations that state regulators had cited to this. Crystal sellers
on o that renews owner about why they denied her
those nine licenses. Yeah, and when it comes to the COVID,
across the twenty six facilities, nearly two hundred people died
from COVID. More than hundred had become infected. So it
was tough and there was a lot of stories, you know,
(04:03):
focusing on the COVID thing, where family members of patients
and all were saying, well, we'd see staff people walking
around without mask with without the proper ppe. You know,
you spoke to a lot of people connected to these
facilities and even workers there said the same thing. For
inspections and whatnot. They'd break out a bunch of PP
and then they lock it away in an office and
wouldn't make it available, which just seems pretty ridiculous. He
(04:25):
spoke to several former employees at a couple of these facilities.
I think the incident that you mentioned. We spoke with
a former housekeeper, Devon Green, and he later actually spoke
to investigators about his experience at Orendic Care Center. It's
a nursing home in the Bay Area. He told us
that he would have to reuse PPE. He had a
(04:46):
box that he would put his mask in and that
he would have to bring it in day after day,
and said that also before inspectors had arrived, that the
center had stage PP throughout the facility. But investigators have
found that there was a number of issues, including short
staffing at the facility, and that nursing home workers like
(05:08):
Devon Green, had said that there was a lack of PPE. Okay,
so now that we've kind of set the stage about
a lot of the problems at this particular group of
nursing homes owned by Crystal Sarlazano, talk to me a
little bit about these nine nursing homes that she had
applied to take over and kind of the way the
rules are set up, because this is one of the
most outlandish things, like as I mentioned that that I've heard,
(05:29):
you know, you have to apply to take these over,
you have to have your license, but in these cases,
you can kind of operate these nursing homes on the
license of the previous owner. You don't really have to
have a license in place set up just yet. And
this is the way she was able to take over
these nursing homes. They denied her requests. She's actually still
operating those nursing homes despite that the appeals process, which
(05:52):
she you know, initiated, could take years to work itself out.
So they denied her these but she's still operating them.
Like how prey Department Public Health explained it to us
this way, It said that you know, new owners, aspiring
owners of nursing homes can enter manage brand agreements with
the previous owners while the new owners license applications are
(06:14):
still pending. So you can take over a nursing home
facility without having gotten your own license by the California
Department of Public Health first, and even if your license
application is denied which has happened in this case with
Sellers Ono. You can continue running the nursing homes while
your appeals process plays out, and sometimes that can take years.
(06:34):
So you know, the state has deemed an operator unfit
by denying a license to them, but you can still
continue operating them while your appeals are processing. You know,
in your reporting you found out you know that a
lot of the rejection rate is very low. I think
it was only five percent that have been denied, and
there wasn't any applications that were denied between until these
(06:58):
nine from schoolers Ono, So those numbers kind of barrel
that they found a lot of issues at the facilities
that she was operating already, and then they also cast
out a little bit on her character. As you mentioned earlier,
there was this issue where I guess she might have
submitted some false documents with regards to some of her credentials.
On all of this, and you mentioned you kind of
(07:18):
got win to this story about a lack of testing
or withholding of testing for COVID. On social media, Solazano
was posting things that were casting down on vaccines and
the nursing homes in California at least were some of
the first places to be getting allotments of vaccine. But
on the social media that she was posting, she was
sharing just a lot of misinformation. So the California Department
(07:40):
of Public Health had charged that when solars On applied
to be a nursing home administrator, she submitted a fraudulent
college transcript. That's one of the reasons why they denied
her the licenses to take over the facilities. And then
and further in our reporting, we saw in her Instagram
stories that in December she had posted a series of
posts that spread misinformation about the COVID vaccine. One post
(08:03):
reputed the falsehood that the vaccine changes your d n A,
which has been repeatedly debunked by medical experts. Another post
said quote the COVID vaccine should be avoided at all costs.
And she has about eleven thousand followers, so she had
shared a number of posts to her followers. And when
we shared these social media posts with Dr Michael Wasserman,
(08:25):
who's part of the California Vaccine Advisory Committee, he told
us that it's unconscionable that someone who's in the leadership
position in a nursing home or nursing home chain would
do this. So as you said, I mean nursing home
residents were among the first to be able to get
the vaccine when it was first okayed by the f D. A. Yeah,
I mean it's been a quick rise for Crystal Soldersano
(08:46):
and renew Health Group and you know, amassing these twenty
six facilities right now that they're responsible for. And you know,
we've kind of talked to all this stuff. Obviously, this
is the story that we're focusing on for right now,
but there's just kind of the theme that we've kind
of put forward. Nursing homes have been in the spotlight
throughout this pandemic and a lot of these problems have
been highlighted on what's going on. So you know, this
(09:08):
story obviously, you know, highlights bad actors in the game.
But also to talk about reforms, you know, there is
some reform coming in Sacramento and on the California side,
you know, something to do with this issue of these
licensing borrowing licenses. So tell us, you know what kind
of action is being taken there. There's a bill introducing
the state legislature this year that would really address this
(09:29):
issue of being able to take over a nursing home
before getting your license, so that it would banned that practice.
It would require nursing home operators to get approval to
get a license first from the state to be able
to start operating a nursing home, and then it would
also ban this practice of quote unquote borrowing licenses from
previous owners. That bill is currently in a committee, but
(09:53):
we've been told by legislators that it's a two year bill,
so it will be tabled until next year. Yeah, that's
fifteen o two. But uh, it only kind of makes
sense that you would need those proper licensing to take
over a facility, especially, as I mentioned, these are our
most vulnerable citizens here and things need to be on
(10:14):
the up and up. These nursing homes have a history,
unfortunately of not always taking care of them, and you know,
then you hear stories and actors like this and people
kind of shake their head at it. So hopefully, you know,
these stories highlight that, hopefully the action gets taken and
you know, we'll see what happens on that front. Ellie,
you investigative reporter for l AS and KPCC. Thank you
(10:34):
very much for joining us. Thanks for having finally for
this week an update to the terrorist attack in Sanborndino,
California in December. In the aftermath of that attack, an
iPhone five C was recovered that belonged to one of
the shooters, and what kicked off after that was a
fight between the d O J and Apple to unlock
(10:56):
that phone. Now years later, we're finding out that the
FBI turned to a little known Australian firm which she
used an exploit chain to finally get into that iPhone.
For more on who helped and how this iPhone is
finally unlocked, will speak to Read Albergatti, technology reporter at
the Washington Post. For five years, people have kind of
batted around ideas about who it might be, and there's
(11:18):
been a couple of names in the in the media
a lot, but those rumors have been wrong, and the
firm was actually called Asimuth Security, which is based in Australia,
founded by a guy named Mark Dowd who's a very
well known Australian cybersecurity expert or you can call him
a hacker. And the exploit which actually unlocked that phone
(11:40):
for the FBI was written by another hacker who worked
for Asimuth named David Wong and Um. He was also
very well known in cybersecurity circles, especially for his work
on iOS and jail breaking phones. Do you remember, you know,
in the early days of the iPhones, people used to
remove the software restrictions on their iPhones, which is called jailbreaking,
(12:02):
to install unauthorized software on their iPhone, and he would
work on those sorts of things. So both really brilliant
people who you know, well known in the security world.
There probably no one outside of that world has heard
of them. There behind this, you know, we go back
to what was going on back then. You know, a
lot of things just kind of kept furthering the story.
(12:23):
We found out that the FBI ended up paying this company,
as a myth, nine thousand dollars to do it, so
a lot of money there. But as I mentioned also
the fight between the Department of Justice and Apple. You know,
Apple was refusing to do this, and at the time
people were like, why wouldn't you help them? This is
a terrorists phone, we need this information. But they didn't
want to do it because they didn't want to create
(12:43):
this back door that could later be abused by whoever else.
So that that was kind of the moral fight I
guess you could say that was going on at the time,
that's right, And you know, there was a court case.
The FBI actually did get a court order forcing Apple
to unlock the phone or help the FBI unlock the phone,
and Apple apparently did have that capability at the time.
(13:06):
So this case was on track to be a precedent
setting case, which who knows how it would have ended up,
But a lot of people thought that the FBI did
have a good argument here legally, maybe not policy wise.
I mean, there were lots lots of debate about whether
this was good policy, but legally they may have won,
and it may have actually said a precedent where the
(13:26):
FBI and other law enforcement agencies would be able to
just force Apple to break into these phones whenever they
had a warrant. So in a way, as a myth,
really kind of saved Apple from this outcome, because once
the FBI was able to unlock the phone, they really
had no choice but to go to the court and say, look,
we have to withdraw this this plea because we've already
(13:49):
unlocked the phone. So it kind of delayed it and
for the last five years we haven't heard much about
this debate, and I think that's in part because there
are a lot of firms out there, like Asmuth who
are able to break into these phones without Apple's help.
There's sort of this balance where if the FBI wants
to do this for a criminal case, they need to
(14:11):
get a warrant, and once they use one of these
exploits that you know, like you said, can cost a
lot of money, that exploit it's more vulnerable to being
discovered by Apple or other software companies that might patch
it and then make that exploit useless to the FBI.
So they have to use these exploits sparing ly. So
we kind of have this equilibrium. Now maybe equilibrium is
(14:33):
a bad term, but we have a we have a
system of checks and dounces. They're sort of built in
without having this built in back door that the FBI
had wanted. And in the end it was a little anticlimactic,
you know, they unlocked the phone. There was nothing of
real significance in there. There was no other links to
foreign terrorists or plots or anything like that, so it
(14:54):
was a bust in that sense. But tell us a
little bit about those exploits and how they actually did it,
because they had to chain a few different exploits together.
They ended up calling it Condor, which you know, it's
a little code name for it. But you know, as
you mentioned, you know, they deal in these little bugs
in the iPhone, and one bug does one thing, the
other bug does something else. You put them together and
then you're able to get into the phone. So how
(15:16):
did they actually do it? That's right, And you mentioned
earlier that the phone had this restriction where if you
type the pass code in more than ten times, it
would erase the phone. So what this hack actually does
is disables the requirement to this feature that erases the
phone after ten pass code attempts and allows them to
just brute force the password, just essentially guess the password.
(15:40):
It was a four digit password, so it didn't take
very long using you know, sophisticated computers to guess it.
But the way it started was long before I don't
exactly know how long before, but before the San Berndino attack.
Mark Dowd, you know, the founder of asimuth, had actually
discovered this bug in Mozilla code. It was open source
(16:01):
code that Apple was using to interface with external hardware devices,
and he hadn't done much with it. But then after
these attacks, the FBI was looking for this way to
a mock the phone, and Asimuth had already been working
with the FBI on other projects, so they said, you know,
we're actually about and we have this. We have this bug.
(16:21):
We're probably ninety of the way there to finding an
exploit that will work on this phone. Why don't we try?
And David Wong took that bug and figured out how
to starting with bypassing that lightning port, you know, turning
that bug into an exploit for the lightning port, then
sort of taking it the next level and escalating privileges
(16:43):
with another exploit. In the end, there were three exploits
that allowed as a Meth's full chain to essentially remove
that password requirement. Then they went over and tested it
at FBI headquarters and it worked. The FBI did further
testing on other phones to make sure that it you know,
it works of the time, and then they unlocked the
(17:07):
terrorists phone and then went to the court and withdrew
that court case. Interestingly, and this is also a new
information in this article. Pretty soon after like a month
or two after the FBI unlocked the phone, Mozilla actually
patched that bug and made that worthless. So the FBI
paid a lot of money for this and didn't get
to use it much. They were only able to use
(17:28):
it the once. Yeah, that's crazy. And you know, just
for frame of reference, you know, I live in California,
very close to San Bernardino. You know, it's all southern
California right here for us, So this story was very
close to home and we were you know, all the
local media out here was very much into the story
and the conversation, the fight over opening that iPhone was
so intense, with people on both sides, you know, privacy
(17:51):
advocates and then people just saying, hey, we need to
stop terrorists at all costs. So it was just an
interesting debate on that front. And up until this point,
that's why it's significant, we didn't know who it was,
and we didn't know exactly how they did it, what
the exploits were that they were able to get there.
And the last thing too, it's just the last bit
of the story is that obviously, as you mentioned, Apple
wants to know who these actors were, who were the
(18:11):
people that finally broke their system there, and they came
pretty close to finding out about it because they sued
the company that was co founded by one of these
hackers that was involved in this, so they almost got
there without, you know, having to go through all of this.
That's right, that's right. Apple is suing the security research
toolmaker called Karelian and Correllium was co founded by David
(18:35):
wong um An. Apple actually after the San Bernardino unlock,
actually tried to hire David and then they tried to
acquire Karelian. So it's really interesting how close Apple was
to this the whole time and continues to be. And
I think the reason for that is, I mean, one,
it's the security research field is kind of small when
(18:59):
you get to these very high levels of white I
would call them white hat hackers, you know, good guy
hackers who work with government. It's it's kind of small,
and Apple really likes to hire them because it helps
Apple improve their own security. There are questions about, you know,
why don't they catch these things, and the truth is
they can't. It's too big and complicated to fix every hole.
(19:23):
Read Albergatti, technology reporter at the Washington Post. Thank you
very much for joining us, absolutely thanks for having me.
That's it for this weekend. Be sure to check out
the Daily Dive every Monday through Friday. Join us on
social media at Daily Dive pod on Twitter and Daily
Dive Podcasts on Facebook. Leave us a comment, give us
(19:45):
a rating, and tell us the stories that you're interested in.
Although The Daily Dive and I Heart Radio or subscribe
wherever you get your podcast. This episode of The Daily
Dive has been engineered by Tony Sorrentina. I'm Oscar Ramirez
in Los Angeles and this was your Daily Dive weekend edition.
M
Welcome to the Daily Dive Weekend Edition. I'm Oscar Ramirez,
and every week I explored the top stories making waves
in the news and some that are just playing interesting.
I'll connect you with the journalists and the people who
know the story and bring you news without the noise
so you can make an informed decision. You can catch
a new episode of The Daily Dive every Monday through Friday,
and it's ready when you wake up. On the weekend edition,
(00:27):
I'll be bringing you some of the best stories from
the week. Throughout the pandemic, nursing homes have been under
more scrutiny as outbreaks were happening in these facilities that
were understaffed, and how some of our most vulnerable citizens
in California death and neglect was found inside a troubled
nursing home chain called Renewed Health. Their CEO applied to
(00:48):
operate nine new facilities and was denied because of all
the other violations at the other facilities she operated. But
in a weird twist, she was still operating these very
facilities because of license seeing loopholes. For more on the
flawed system that allows us to happen, will speak to
l e U investigative reporter at KPCC and Elias dot com. Yeah,
(01:09):
I think the pandemic really sort of shed light into
conditions at nursing homes that were happening even way before
the pandemic, as you're mentioning. I first started looking into
this company when I did a story over the summer
about an outbreak at another facility in Los Angeles UM.
I had heard that management had changed earlier in the
(01:29):
year and a company called for New Health had been involved,
and that story involved family members telling me that there
was delayed testing at the facility and there were several
deaths related to COVID nineteen and so I started digging
into this company a little bit more and found out
that it was connected to at least twenty six nursing
homes across state as either owner, operator, management, or an administration.
(01:52):
And we found out that last year state health officials
denied for News founder and CEO, Crystal Saliers, on a
licenses to take over nine existing nursing homes. State officials
sited a serious violations at the chains facilities, including alleged
rape and substandard care, and even concerns about sellers on
his character. But we found out that due to what
(02:13):
advocates call it quote completely exploded licensing process, sellers on
his businesses are still actually operating those nursing homes today. Yeah,
I think that was one of the most kind of
surprising things that we kind of learned from going through
your piece. So let's talk about some of the track
red because I want to get into that licensing thing,
but I want to set the stage for that first.
Let's talk about some of these red flags that were
(02:34):
popping up at these renew nursing homes. There was a
number of citations, a lot of infractions known as immediate jeopardies,
which are just some of the worst things that you
can do. They classified things that can cause or have
caused death, harm to the patients all that. So the
track record for them was not very good. Over a
three year period beginning in February, regulators documented a hundred
(02:58):
and twenty federal vio lations at these nursing homes, including
more than a dozen in the category that you mentioned,
immediate jeopardy, which is one of the most severe. One
expert told us a hundred and twenty violations. That's way
off the curve. We also did some analysis that the
facilities connected to this chain provide care for one in
fifty of the state's nursing home residents, but they're responsible
(03:21):
for nearly one in ten immediate jeopardies in California since
So that's some of the things that we found. I mean,
I had mentioned there was that one incident of certified
nursing assistant accused of graping a fifty two year old patient.
There was another facility where a patient with schizophrenia had
gone missing for weeks. So these are some of the
(03:42):
violations that state regulators had cited to this. Crystal sellers
on o that renews owner about why they denied her
those nine licenses. Yeah, and when it comes to the COVID,
across the twenty six facilities, nearly two hundred people died
from COVID. More than hundred had become infected. So it
was tough and there was a lot of stories, you know,
(04:03):
focusing on the COVID thing, where family members of patients
and all were saying, well, we'd see staff people walking
around without mask with without the proper ppe. You know,
you spoke to a lot of people connected to these
facilities and even workers there said the same thing. For
inspections and whatnot. They'd break out a bunch of PP
and then they lock it away in an office and
wouldn't make it available, which just seems pretty ridiculous. He
(04:25):
spoke to several former employees at a couple of these facilities.
I think the incident that you mentioned. We spoke with
a former housekeeper, Devon Green, and he later actually spoke
to investigators about his experience at Orendic Care Center. It's
a nursing home in the Bay Area. He told us
that he would have to reuse PPE. He had a
(04:46):
box that he would put his mask in and that
he would have to bring it in day after day,
and said that also before inspectors had arrived, that the
center had stage PP throughout the facility. But investigators have
found that there was a number of issues, including short
staffing at the facility, and that nursing home workers like
(05:08):
Devon Green, had said that there was a lack of PPE. Okay,
so now that we've kind of set the stage about
a lot of the problems at this particular group of
nursing homes owned by Crystal Sarlazano, talk to me a
little bit about these nine nursing homes that she had
applied to take over and kind of the way the
rules are set up, because this is one of the
most outlandish things, like as I mentioned that that I've heard,
(05:29):
you know, you have to apply to take these over,
you have to have your license, but in these cases,
you can kind of operate these nursing homes on the
license of the previous owner. You don't really have to
have a license in place set up just yet. And
this is the way she was able to take over
these nursing homes. They denied her requests. She's actually still
operating those nursing homes despite that the appeals process, which
(05:52):
she you know, initiated, could take years to work itself out.
So they denied her these but she's still operating them.
Like how prey Department Public Health explained it to us
this way, It said that you know, new owners, aspiring
owners of nursing homes can enter manage brand agreements with
the previous owners while the new owners license applications are
(06:14):
still pending. So you can take over a nursing home
facility without having gotten your own license by the California
Department of Public Health first, and even if your license
application is denied which has happened in this case with
Sellers Ono. You can continue running the nursing homes while
your appeals process plays out, and sometimes that can take years.
(06:34):
So you know, the state has deemed an operator unfit
by denying a license to them, but you can still
continue operating them while your appeals are processing. You know,
in your reporting you found out you know that a
lot of the rejection rate is very low. I think
it was only five percent that have been denied, and
there wasn't any applications that were denied between until these
(06:58):
nine from schoolers Ono, So those numbers kind of barrel
that they found a lot of issues at the facilities
that she was operating already, and then they also cast
out a little bit on her character. As you mentioned earlier,
there was this issue where I guess she might have
submitted some false documents with regards to some of her credentials.
On all of this, and you mentioned you kind of
(07:18):
got win to this story about a lack of testing
or withholding of testing for COVID. On social media, Solazano
was posting things that were casting down on vaccines and
the nursing homes in California at least were some of
the first places to be getting allotments of vaccine. But
on the social media that she was posting, she was
sharing just a lot of misinformation. So the California Department
(07:40):
of Public Health had charged that when solars On applied
to be a nursing home administrator, she submitted a fraudulent
college transcript. That's one of the reasons why they denied
her the licenses to take over the facilities. And then
and further in our reporting, we saw in her Instagram
stories that in December she had posted a series of
posts that spread misinformation about the COVID vaccine. One post
(08:03):
reputed the falsehood that the vaccine changes your d n A,
which has been repeatedly debunked by medical experts. Another post
said quote the COVID vaccine should be avoided at all costs.
And she has about eleven thousand followers, so she had
shared a number of posts to her followers. And when
we shared these social media posts with Dr Michael Wasserman,
(08:25):
who's part of the California Vaccine Advisory Committee, he told
us that it's unconscionable that someone who's in the leadership
position in a nursing home or nursing home chain would
do this. So as you said, I mean nursing home
residents were among the first to be able to get
the vaccine when it was first okayed by the f D. A. Yeah,
I mean it's been a quick rise for Crystal Soldersano
(08:46):
and renew Health Group and you know, amassing these twenty
six facilities right now that they're responsible for. And you know,
we've kind of talked to all this stuff. Obviously, this
is the story that we're focusing on for right now,
but there's just kind of the theme that we've kind
of put forward. Nursing homes have been in the spotlight
throughout this pandemic and a lot of these problems have
been highlighted on what's going on. So you know, this
(09:08):
story obviously, you know, highlights bad actors in the game.
But also to talk about reforms, you know, there is
some reform coming in Sacramento and on the California side,
you know, something to do with this issue of these
licensing borrowing licenses. So tell us, you know what kind
of action is being taken there. There's a bill introducing
the state legislature this year that would really address this
(09:29):
issue of being able to take over a nursing home
before getting your license, so that it would banned that practice.
It would require nursing home operators to get approval to
get a license first from the state to be able
to start operating a nursing home, and then it would
also ban this practice of quote unquote borrowing licenses from
previous owners. That bill is currently in a committee, but
(09:53):
we've been told by legislators that it's a two year bill,
so it will be tabled until next year. Yeah, that's
fifteen o two. But uh, it only kind of makes
sense that you would need those proper licensing to take
over a facility, especially, as I mentioned, these are our
most vulnerable citizens here and things need to be on
(10:14):
the up and up. These nursing homes have a history,
unfortunately of not always taking care of them, and you know,
then you hear stories and actors like this and people
kind of shake their head at it. So hopefully, you know,
these stories highlight that, hopefully the action gets taken and
you know, we'll see what happens on that front. Ellie,
you investigative reporter for l AS and KPCC. Thank you
(10:34):
very much for joining us. Thanks for having finally for
this week an update to the terrorist attack in Sanborndino,
California in December. In the aftermath of that attack, an
iPhone five C was recovered that belonged to one of
the shooters, and what kicked off after that was a
fight between the d O J and Apple to unlock
(10:56):
that phone. Now years later, we're finding out that the
FBI turned to a little known Australian firm which she
used an exploit chain to finally get into that iPhone.
For more on who helped and how this iPhone is
finally unlocked, will speak to Read Albergatti, technology reporter at
the Washington Post. For five years, people have kind of
batted around ideas about who it might be, and there's
(11:18):
been a couple of names in the in the media
a lot, but those rumors have been wrong, and the
firm was actually called Asimuth Security, which is based in Australia,
founded by a guy named Mark Dowd who's a very
well known Australian cybersecurity expert or you can call him
a hacker. And the exploit which actually unlocked that phone
(11:40):
for the FBI was written by another hacker who worked
for Asimuth named David Wong and Um. He was also
very well known in cybersecurity circles, especially for his work
on iOS and jail breaking phones. Do you remember, you know,
in the early days of the iPhones, people used to
remove the software restrictions on their iPhones, which is called jailbreaking,
(12:02):
to install unauthorized software on their iPhone, and he would
work on those sorts of things. So both really brilliant
people who you know, well known in the security world.
There probably no one outside of that world has heard
of them. There behind this, you know, we go back
to what was going on back then. You know, a
lot of things just kind of kept furthering the story.
(12:23):
We found out that the FBI ended up paying this company,
as a myth, nine thousand dollars to do it, so
a lot of money there. But as I mentioned also
the fight between the Department of Justice and Apple. You know,
Apple was refusing to do this, and at the time
people were like, why wouldn't you help them? This is
a terrorists phone, we need this information. But they didn't
want to do it because they didn't want to create
(12:43):
this back door that could later be abused by whoever else.
So that that was kind of the moral fight I
guess you could say that was going on at the time,
that's right, And you know, there was a court case.
The FBI actually did get a court order forcing Apple
to unlock the phone or help the FBI unlock the phone,
and Apple apparently did have that capability at the time.
(13:06):
So this case was on track to be a precedent
setting case, which who knows how it would have ended up,
But a lot of people thought that the FBI did
have a good argument here legally, maybe not policy wise.
I mean, there were lots lots of debate about whether
this was good policy, but legally they may have won,
and it may have actually said a precedent where the
(13:26):
FBI and other law enforcement agencies would be able to
just force Apple to break into these phones whenever they
had a warrant. So in a way, as a myth,
really kind of saved Apple from this outcome, because once
the FBI was able to unlock the phone, they really
had no choice but to go to the court and say, look,
we have to withdraw this this plea because we've already
(13:49):
unlocked the phone. So it kind of delayed it and
for the last five years we haven't heard much about
this debate, and I think that's in part because there
are a lot of firms out there, like Asmuth who
are able to break into these phones without Apple's help.
There's sort of this balance where if the FBI wants
to do this for a criminal case, they need to
(14:11):
get a warrant, and once they use one of these
exploits that you know, like you said, can cost a
lot of money, that exploit it's more vulnerable to being
discovered by Apple or other software companies that might patch
it and then make that exploit useless to the FBI.
So they have to use these exploits sparing ly. So
we kind of have this equilibrium. Now maybe equilibrium is
(14:33):
a bad term, but we have a we have a
system of checks and dounces. They're sort of built in
without having this built in back door that the FBI
had wanted. And in the end it was a little anticlimactic,
you know, they unlocked the phone. There was nothing of
real significance in there. There was no other links to
foreign terrorists or plots or anything like that, so it
(14:54):
was a bust in that sense. But tell us a
little bit about those exploits and how they actually did it,
because they had to chain a few different exploits together.
They ended up calling it Condor, which you know, it's
a little code name for it. But you know, as
you mentioned, you know, they deal in these little bugs
in the iPhone, and one bug does one thing, the
other bug does something else. You put them together and
then you're able to get into the phone. So how
(15:16):
did they actually do it? That's right, And you mentioned
earlier that the phone had this restriction where if you
type the pass code in more than ten times, it
would erase the phone. So what this hack actually does
is disables the requirement to this feature that erases the
phone after ten pass code attempts and allows them to
just brute force the password, just essentially guess the password.
(15:40):
It was a four digit password, so it didn't take
very long using you know, sophisticated computers to guess it.
But the way it started was long before I don't
exactly know how long before, but before the San Berndino attack.
Mark Dowd, you know, the founder of asimuth, had actually
discovered this bug in Mozilla code. It was open source
(16:01):
code that Apple was using to interface with external hardware devices,
and he hadn't done much with it. But then after
these attacks, the FBI was looking for this way to
a mock the phone, and Asimuth had already been working
with the FBI on other projects, so they said, you know,
we're actually about and we have this. We have this bug.
(16:21):
We're probably ninety of the way there to finding an
exploit that will work on this phone. Why don't we try?
And David Wong took that bug and figured out how
to starting with bypassing that lightning port, you know, turning
that bug into an exploit for the lightning port, then
sort of taking it the next level and escalating privileges
(16:43):
with another exploit. In the end, there were three exploits
that allowed as a Meth's full chain to essentially remove
that password requirement. Then they went over and tested it
at FBI headquarters and it worked. The FBI did further
testing on other phones to make sure that it you know,
it works of the time, and then they unlocked the
(17:07):
terrorists phone and then went to the court and withdrew
that court case. Interestingly, and this is also a new
information in this article. Pretty soon after like a month
or two after the FBI unlocked the phone, Mozilla actually
patched that bug and made that worthless. So the FBI
paid a lot of money for this and didn't get
to use it much. They were only able to use
(17:28):
it the once. Yeah, that's crazy. And you know, just
for frame of reference, you know, I live in California,
very close to San Bernardino. You know, it's all southern
California right here for us, So this story was very
close to home and we were you know, all the
local media out here was very much into the story
and the conversation, the fight over opening that iPhone was
so intense, with people on both sides, you know, privacy
(17:51):
advocates and then people just saying, hey, we need to
stop terrorists at all costs. So it was just an
interesting debate on that front. And up until this point,
that's why it's significant, we didn't know who it was,
and we didn't know exactly how they did it, what
the exploits were that they were able to get there.
And the last thing too, it's just the last bit
of the story is that obviously, as you mentioned, Apple
wants to know who these actors were, who were the
(18:11):
people that finally broke their system there, and they came
pretty close to finding out about it because they sued
the company that was co founded by one of these
hackers that was involved in this, so they almost got
there without, you know, having to go through all of this.
That's right, that's right. Apple is suing the security research
toolmaker called Karelian and Correllium was co founded by David
(18:35):
wong um An. Apple actually after the San Bernardino unlock,
actually tried to hire David and then they tried to
acquire Karelian. So it's really interesting how close Apple was
to this the whole time and continues to be. And
I think the reason for that is, I mean, one,
it's the security research field is kind of small when
(18:59):
you get to these very high levels of white I
would call them white hat hackers, you know, good guy
hackers who work with government. It's it's kind of small,
and Apple really likes to hire them because it helps
Apple improve their own security. There are questions about, you know,
why don't they catch these things, and the truth is
they can't. It's too big and complicated to fix every hole.
(19:23):
Read Albergatti, technology reporter at the Washington Post. Thank you
very much for joining us, absolutely thanks for having me.
That's it for this weekend. Be sure to check out
the Daily Dive every Monday through Friday. Join us on
social media at Daily Dive pod on Twitter and Daily
Dive Podcasts on Facebook. Leave us a comment, give us
(19:45):
a rating, and tell us the stories that you're interested in.
Although The Daily Dive and I Heart Radio or subscribe
wherever you get your podcast. This episode of The Daily
Dive has been engineered by Tony Sorrentina. I'm Oscar Ramirez
in Los Angeles and this was your Daily Dive weekend edition.
M
The Daily Dive News
Popular Podcasts
Stuff You Should Know
If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks, then look no further. Josh and Chuck have you covered.
24/7 News: The Latest
The latest news in 4 minutes updated every hour, every day.
Crime Junkie
Does hearing about a true crime case always leave you scouring the internet for the truth behind the story? Dive into your next mystery with Crime Junkie. Every Monday, join your host Ashley Flowers as she unravels all the details of infamous and underreported true crime cases with her best friend Brit Prawat. From cold cases to missing persons and heroes in our community who seek justice, Crime Junkie is your destination for theories and stories you won’t hear anywhere else. Whether you're a seasoned true crime enthusiast or new to the genre, you'll find yourself on the edge of your seat awaiting a new episode every Monday. If you can never get enough true crime... Congratulations, you’ve found your people. Follow to join a community of Crime Junkies! Crime Junkie is presented by audiochuck Media Company.