The top cop in the United States recently likened a dead terrorist’s seized iPhone to a house, and its encryption system to a fearsome canine. “Essentially we’re asking Apple to take the vicious guard dog away, let us try and pick the lock,” Federal Bureau of Investigation Director James Comey said.
Should the FBI win its public fight to get past the guard dog, the house will soon be searched by the software equivalent of a CSI squad. This expertise is known as digital forensics, and often these days, it arrives to police forces on a USB stick shipped out of Ontario.
That’s because Magnet Forensics, a Waterloo company, sells digital-forensics software on a thumbdrive to the FBI and many of its peers. Nearly 3,000 government agencies located in 90 countries are now said to be using this product. The company claims that its “Internet Evidence Finder” tool makes short work of strip-mining evidence from all manner of seized phones and laptops.
The IEF software specializes in finding online chat “artifacts” – the leftover Facebook, Twitter, Skype, Tinder and other digital conversations that can exist in a computer’s memory, even if users think they’re gone. And it’s been used in high-profile prosecutions, such as the Boston Marathon bomber case.
“Good tools come into play because you can’t do it all yourself. The smartest [police] examiner only has so much time because that backlog is always there,” explains Jad Saliba, Magnet’s founder and chief technology officer. “A big part of what we do is managing the changes that come to all the apps we support … It’s a lot of work to stay on top of the apps.”
He ought to know. The 35-year-old is an earnest former police officer who came to the software world wanting to solve problems for his peers. “The two areas I care most about are combatting terrorism and child exploitation,” he says, adding that he hopes to keep his company on the side of the angels. “We spend a lot of time validating who we sell to … We sell to people who are going to use it ethically.”
At times, it is a struggle to get Mr. Saliba to tell his story – he has a timeworn professional tendency to never say more than he feels he should, and to let the other guy at the table sweat it out and fill up the spaces in conversation. But when he does talk, it’s quite a tale.
We are speaking at the Wildcraft Grill, a large Waterloo restaurant that markets itself on “comfortable suburban approachability,” but which, back in the day, was dubbed “the RIM cafeteria,” because so many executives at that company favoured it for meetings. Times have changed. BlackBerry, and its privacy-protecting messaging apps, are not what they were. But market agony is giving rise to reinvention.
Back in the mid-2000s, Mr. Saliba was not what you would call a tech guy. Rather, he was a Waterloo Regional Police constable spending his Saturday nights looking in on bar brawls and domestic disputes. And, at five-foot-nine, and 210 pounds, he found he could handle most of the trouble that came his way. Then he was diagnosed with Hodgkin’s lymphoma. Just as he was starting a career and a family, Mr. Saliba was facing malignant tumours and looming mortality, sidelined by a battle with Stage 4 cancer.
During the year his body was treated with radiation and chemotherapy, he began to wonder: What else should he be doing with his short life? Supposing that he even survived?
After he rejoined the police force, Mr. Saliba got a spot on its digital-forensics unit. This was not a glory assignment; it was jut three guys in a back office figuring out how to manage a growing pile of computers and mobile phones dropped off by detectives. But it was a sort of homecoming for Mr. Saliba.
We’re only here for a short time, so do something meaningful. And take chances – because you don’t want to look back and wonder what may have been.
His father had worked as an engineer, his mother as an architect. As a kid, he discovered he too had a knack for taking things apart or building them up. But he would achieve this by looking under the hood of his PC. He would write programs to automate things, such as updating an operating system. Sometimes he would give his software away on the bulletin boards that predated the modern Internet.
“It was interesting to me you could write code and it could process things way faster,” says Mr. Saliba who, before enlisting in police college, studied computer science at Mohawk College in Hamilton.
As he orders a kale chicken Caesar salad, he looks every bit the young tech entrepreneur he is these days, wearing scrubby designer jeans, a hoodie and sneakers. His stocky physique is about the only physical trait that betrays a hint of his past life as a cop.
“It was 2009 and Facebook was starting to get really popular,” recalls Mr. Saliba, explaining his company’s origins and harking back to in-house dealings with Waterloo Regional detectives. “They said, ‘We brought you the computer. Can you get us Facebook chat messages? I said ‘No, it’s in the browser, and if you close the window it’s gone.’ ”
But was it though?
“I went home that day and I said ‘I wonder if it actually is gone?’ And I started doing some research and found that a lot of it gets left behind.”
And with that realization, Mr. Saliba dusted off his software-writing skills, and started spending his off hours figuring out how to automate the quest for communications artifacts hidden on seized devices.
Calling his prototype “ JADsoftware,” he started giving it away to police departments far and wide. “All of a sudden I had people from all over the world e-mailing to get a copy of it,” he says.
Before long, it occurred to him he could improve the software and sell it for a licensing fee. That way, police, prosecutors, and eventually juries, could have a standard and intuitive way of being presented with telltale messages found in the memory of a seized device.
In 2011, as Mr. Saliba was thinking about striking out on his own, he met his future business partner, Adam Belsher, then a BlackBerry vice-president.
“I’m looking to make a move … looking to buy a company,” Mr. Belsher, a 13-year BlackBerry employee, recalled in an interview. He canvassed his contacts for opportunities. “My accountant came back and said there’s a guy; he’s a police officer, but he’s developed this software on weekends and evenings …”
Young, driven, and having recently started families, the two men in their 30s became fast friends. On BlackBerry Messenger, and in local chain restaurants such as Turtle Jacks, they spoke about joining forces. Mr. Belsher liked what he saw in Mr. Saliba’s idea so much he invested his own money.
“His wife would be every day FedExing the product on a USB thumbdrive to agencies around the world,” Mr. Belsher says. “He was basically working around the clock. When he was done his police work, he’d be coding the software, or dealing with customer service.”
Mr. Belsher also respected that his new business partner knew first-hand “the psychological drain of being an investigator” – particularly in the soul-searing field of child-exploitation investigations.
“I thought this guy has got some extreme character.”
(For a fuller sense of that character, have a look at Mr. Saliba’s blog. In 2014, he described how he was handcuffed at gunpoint, while volunteering on his vacation to serve in an undercover sting operation. At the time, he was in the Dominican Republic with a group of retired U.S. federal agents, who were posing as sex tourists in a bust arranged with local authorities. Several pimps were arrested and 26 young women, including underaged ones, were rescued.)
Before leasing space for its 100 employees in an old BlackBerry building, Magnet Forensics got its start in Waterloo’s Accelerator Centre, a local hub for startups that aims to provide mentorship and pathways to financing. Magnet makes a point of saying it hasn’t needed any venture capitalist investors to date – because it has been mostly bankrolling itself.
In December, Magnet announced it got funding from In-Q-Tel, a non-profit entity that acts as an investment arm of U.S. intelligence agencies wanting next-generation tools. The precise nature of the partnership is murky, but it does highlight how the company’s clients are not just police – intelligence agencies, tax officials, border guards, militaries, and a litany of other security agents all want efficient ways to pull communications data off of computers.
The Canadian software has turned up in some famous cases. Court filings show it was used in the U.S. prosecution against Dzhokhar Tsarnaev, the Boston Marathon bomber. More than 1,000 U.S. federal police – finding no digital guard dogs in the way – pulled nearly seven terabytes of data off of more than 30 seized devices. One of several tools used, IEF helped find “e-mail remnants, Skype activity, cellphone backups, text messages, Twitter remnants, Facebook remnants, and Internet chat remains,” according to a prosecution document. On one laptop alone, the software grabbed some 1,500 hidden files deemed to have had a potential nexus to terrorism or weaponry.
Cracking cases like that is not just good business; the work helps give life meaning, according to Mr. Saliba.
“If someone would say: ‘If you could go back, and not get cancer would you?’ And as weird as it sounds, I don’t know,” he says.
Beating cancer gave him a new perspective, he says.
“We’re only here for a short time, so do something meaningful. And take chances – because you don’t want to look back and wonder what may have been.”