FBI's Hacking Tool Found To Have Compromised Dozens Of Computers In Austria

from the because-someone-in-Virginia-inadvertently-said-it-could-do-this dept

The FBI is already having problems here at home with the hacking tool it deployed during its dark web child porn investigation. A few judges have ruled that the warrant used to deploy the Network Investigative Technique (NIT) was invalid because the FBI’s “search” of computers around the United States violated Rule 41(b)’s jurisdictional limits.

Now, we’ll get to see how this stacks up against international law. It’s already common knowledge that the FBI obtained user information from computers around the world during its two weeks operating as the site administrator for the seized Playpen server. More information is now coming to light, thanks (inadvertently) to a foreign government’s inquiries into domestic anti-child porn efforts. Joseph Cox of Motherboard has the details:

Earlier this year, Austrian MPs sent a letter to the country’s parliament, asking for more information on child pornography and sex tourism cases. In response, politician Johanna Mikl-Leitner wrote that Austrian authorities cooperated in Operation Pacifier, showing for the first time that the FBI hacked computers in the country.

According to her letter, a list of 50 Austrian IP addresses were evaluated by a federal intelligence unit and used to pursue suspects of possession and distribution of child pornography. The IP addresses led investigators to “countless child pornography files,” according to a translation of the letter, which is dated March 2016. “Extensive investigations are still underway,” it continues.

Local law enforcement appears to be unconcerned that the FBI has exceeded its Rule 41(b) grasp. It took the tips delivered to it by the FBI’s NIT and has carried out investigations of its own, collaborating with Europol. Apparently, the FBI’s lack of explicit permission — either from the local US magistrate judge or from foreign governments — isn’t considered problematic when used to scoop up offenders few are willing to defend. Europol and the FBI have refused to comment on how far the Playpen/NIT net was cast, but it apparently includes Greece, Chile, Denmark, and Colombia — along with possible (but unconfirmed) Playpen users located in Turkey and the UK.

Obviously, the Virginia magistrate who signed the FBI’s warrant application had no idea how far its NIT would reach. To be fair, the FBI likely had no idea either, as it was dealing exclusively with users whose originating locations had been obscured by the Tor browser. That being said, the FBI gave no indication in its affidavit that it would possibly be carrying out extraterritorial searches, traveling far beyond the magistrate’s jurisdiction and into computers located in multiple foreign countries.

To “fix” this limitation, the FBI is firmly behind the current, mostly-downhill push to strip jurisdictional limits from Rule 41, leaving it free to perform this hacking without being second-guessed by federal judges during prosecutions. That other countries are more than happy to partake in the results of possibly illegal actions doesn’t say much about their willingness to protect their own citizens from US law enforcement overreach. Or, at least, it shows there are certain suspects they’re not interested in protecting — even if it means creating a slippery slope they may regret later, when the FBI starts coming after alleged criminals not so universally reviled.

Filed Under: , , , , , ,

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “FBI's Hacking Tool Found To Have Compromised Dozens Of Computers In Austria”

Subscribe: RSS Leave a comment
Anonymous Coward says:

We are already well on the way down that slippery slope. While I agree these people deserve no sympathy at all, this sort of thing can used in far less egregious cases. The US is already doing this in cases that would best be described as secondary copyright infringement (jaywalking stuff, basically). Just look at Megupload and KAT and ask yourselves why the US should be given the time of day in cases like this. New Zealand and Poland have local laws that are well up to the task, and it seems likely no New Zealand or Polish laws were broken. That CP is used as the thin end of the wedge to erode national laws is every bit as repugnant as CP itself.

Anonymous Coward says:

Re: Not just the US, but Russia and China too?

So, if Russia and China are caught red-handed hacking into US computers will they now be able to justify it by claiming that they were just investigating reports of possible child porn? I mean, if the FBI can do it, then why not the FSB?

So that’s what the hack of the DNC’s email accounts was actually all about…

Anonymous Coward says:

Re: Re:

The concerned Citizens view this as a problem. Those handling the prosecutions do not. Putting away innocent people and letting the guilty escape are NOT the objectives here.

They literally do not give a fuck about who gets what so long as they have their over/under statistics right where they need them for their next promotion or political gas bagging.

Quiet Lurcker says:

What a great tool for parallel construction. Let someone else dig up the evidence and when your defendant challenges it, well, you couldn’t turn over anything raw data even if you wanted. The tools, methods, and data are all in the control of a foreign government. And if the defendant makes application through the Hague Convention(tm) and sovereign immunity, well the case could drag out for years and you could bury the defendant with enough frivolous litigation that he’ll cop guilty plea just to have done with it.

Rich Kulawiec (profile) says:

Evidence from hacked systems should be inadmissable

Here’s the reasoning:

1. If the system has been hacked (let’s say by custom malware) then there is proof on the table (a) that it’s insecure and (b) that it’s been successfully infiltrated by at least one entity.

2. Since (a) is true, there is no way to know that any actions taken by that system or any data stored or transiting that system is the responsibility of its putative owner.

3. Since (b) is true, there is no way to know that it hasn’t been previously or subsequently infiltrated by someone else.

Let me pause to note that anyone familiar with bots and botnets can point to a few hundred million examples of (2) and (3).

4. Because (2) and (3) are true, there is no way to establish a definitive connection between any evidence gathered on the system and the owner of the system. This doesn’t mean that the evidence isn’t factual, e.g., “File F was found on this system” or “This system participated in a DDoS attack” and similar assertions may be true. But there is no way to leap from those to “The owner placed file F on this system” or “The owner participated in a DDoS attack”. And that leap can’t be made, because the act of hacking made it impossible: it’s spoliation writ large.

Rekrul says:

Re: Evidence from hacked systems should be inadmissable

Evidence from hacked systems should be inadmissable

You overlook the fact that this case is about child pornography, which is treated much like witchcraft and heresy were during the dark ages. They consider it better to incriminate 100 innocent people than let even one guilty one go free.

Bill says:

First they came for the Socialists, and I did not speak out—
Because I was not a Socialist.

Then they came for the Trade Unionists, and I did not speak out—
Because I was not a Trade Unionist.

Then they came for the Jews, and I did not speak out—
Because I was not a Jew.

Then they came for me—and there was no one left to speak for me.

– Martin Niemöller

Rekrul says:

What would happen if someone hacked an electronic billboard in Times Square and played a child porn video? Would the FBI arrest every single person who stopped to look? I mean, they’ve gone after people who have had as few as two thumbnail images in their browser’s cache, people who have porn with young-looking actresses and even people who have had cartoon porn. If the obsession over arresting people who have viewed child porn is so great, wouldn’t they have to arrest everyone who doesn’t immediately turn their back on such a display?

Add Your Comment

Your email address will not be published.

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...