DOJ Describes Its Use Of Malware As 'Augmenting Content' As It Pushes For Great Ability To Hack Computers
from the augment-that-content dept
Over at the Wall Street Journal, there’s a good article about the DOJ’s push for greater powers to use malware and to hack into computers in pursuit of criminals. The key issue, as the DOJ sees it, is that it normally needs a warrant from a local judge in order to make use of a malware exploit — and when you’re talking about networked computers, it’s not always clear what’s local. Thus, at least one warrant request for installing malware has been rejected over privacy concerns when the physical location of a computer was unknown (other courts, however, have approved such warrants). Given that, the DOJ is seeking to expand the rules making it easier to use malware (and to use it across multiple computers, rather than just a single computer per warrant).
The article points to a massive 402 page document to the rule making body of the courts, in which it explains how it has used malware to find criminal suspects. Of course, this is the DOJ that we’re talking about, so it’s not going to come right out and say “hey, here’s the malware we used and how we use it.” Instead, as noted by the ACLU’s Christopher Soghoian, the DOJ hides its description of malware on page 201 (smack dab in the middle of such a giant document) in a single paragraph using some rather incredible language:
In the normal course of operation, websites send content to visitors. A user’s computer downloads that content and uses it to display web pages on the user’s computer. Under the NIT authorized by this warrant, the website would augment that content with some additional computer instructions. When a computer successfully downloads those instructions from Website A, the instructions are designed to cause the “activating” computer to deliver certain information to a computer controlled by or known to the government. That information is described with particularity on the warrant (in Attachment B of this affidavit), and the warrant authorizes obtaining no other information. The NIT will not deny the user of the “activating” computer access to any data or functionality of that computer.
As Soghoian notes, if you blink, you might miss it. The DOJ calls its malware insertion man-in-the-middle attack by describing it as “augmenting” the content sought by the user “with some additional computer instructions.” That’s certainly one way to look at it, but you have to assume that less than technologically savvy judges aren’t likely to understand what this means at all.