The FBI Doesn't Want To Share Details On The Exploit It Deployed While Running A Child Porn Site
from the we'll-let-you-know-what-you-can-'discover' dept
The FBI will not be talking about the Network Investigative Technique (NIT) it used to obtain information about anonymous visitors to the child porn site it seized and ran for two weeks while the NIT did its work. A recently-filed declaration (uploaded by USA Today’s Brad Heath and pointed out by the ACLU’s Chris Soghoian) by the FBI tells the court the defense will learn nothing from being provided details on the NIT’s inner workings, especially since the agency isn’t willing to turn these details over to Jay Michaud’s lawyers.
As Special Agent Daniel Alfin explains it, the defense’s tech expert has misrepresented the NIT’s form and function to the court.
I have also reviewed the declaration of Mr. Tsyrklevich, the defense expert, dated January 13, 2016 and noted a number of statements that are inaccurate and/or require clarification. I will address several of these in great detail below but will begin by noting one overarching misconception in that declaration. Specifically, Tsyrklevich attempts to redefine the NIT as something containing multiple components. The NIT, however, consists of a single component — that is, the computer instructions delivered to the defendant’s computer after he logged into Playpen that sent specific information obtained from his computer back to the FBI.
This is hardly surprising, considering the tech expert hasn’t had an opportunity to examine the FBI’s software. But because the defense is wrong about the NIT, the FBI argues it shouldn’t be allowed to figure out how wrong it is — or figure out what it may have gotten right by examining other evidence.
Tsyrklevich claims that he requires access to the government’s “exploit” to determine if the government “executed additional functions outside the scope of the NIT warrant.” He is wrong. Discovery of the “exploit” would do nothing to help him determine if the government exceeded the scope of the warrant because it would explain how the NIT was deployed to Michaud’s computer, not what it did once deployed.
This is the FBI playing games with words, albeit words perhaps poorly chosen by Michaud’s lawyer. The FBI is claiming the only “exploit” was the delivery of the NIT payload, but not the payload itself. Michaud would like access to details on the latter (the payload), but the FBI is claiming the defense expert is only seeking details on the former.
Continuing in that vein, the FBI agent says additional info on the exploit would do nothing to help determine whether the NIT exceeded the scope of the warrant because all the “exploit” did was allow the FBI to access information about Michaud’s computer. It’s circular reasoning that allows the FBI to skirt questions about the information it pulled from the computers it attached itself to while running the Playpen website.
The FBI’s declaration then goes even further, stating that all the information Michaud’s lawyer needs can be found in the information the agency has already handed over. The FBI doesn’t want to discuss its “server component” (where information exchanged with suspects’ computers was stored). Agent Alfin claims the defense can verify the legitimacy of the FBI’s claims about data supposedly originating from Michaud’s computer by comparing the information already handed to it by the agency with what will presumably be another copy of the same information previously handed to it by the agency.
Specifically, the government has offered to provide a copy of the data stream sent by Michaud’s computer to the government as a result of the execution of the NIT. Tsyrklevich can compare the information sent to the government by the NIT to the information provided in discovery to verify that what the government recorded from Michaud’s computer is in fact what was sent by Michaud’s computer.
And how will Michaud know this new copy of the information isn’t just a reprint of the old copy? Well, apparently because the FBI agent says it’s totally legit.
I have reviewed that data stream and, as explained below, confirmed that the information sent by Michaud’s computer as a result of the NIT matches the information that is stored on the government’s servers.
Feel better?
The FBI obviously isn’t going to hand over information on its means and methods without a fight, making its NITs just another tech component it won’t talk about in court. It has managed to keep discussions of Stingrays out of court for several years and now it’s doing everything it can to protect more recently-discovered innovations — even if it means cutting defendants and judges out of the loop.The FBI could hand these details over to the defense and judges without having to hand them over to the general public (via in camera presentations, sealed submissions or the use of redactions) but it would rather keep even those components of the justice system in the dark.
Filed Under: fbi, jay michaud, nit
Comments on “The FBI Doesn't Want To Share Details On The Exploit It Deployed While Running A Child Porn Site”
If this isn’t a rogue agency, then it is obviously the basis of a perfectly good police state.
Re: Re:
No, it’s definitely a terrorist organisation.
Just look to the actions.
so, i must be wrong, then, in thinking that when accused of some crime, the accusers, whether private persons, an attorney or a security force, the defendant was entitled to know what evidence has supposedly been gathered and is being used against him/her? how can any person be convicted if he/she is unaware of the evidence, the charges or what and how evidence has been collected? it’s like telling someone you own a gun, you fired it a week ago, now your neighbor is dead from a bullet wound received yesterday! any excuse to make sure that someone, anyone pays for the FBI or whoever and the time supposedly spent on getting that ‘someone’ to court! what the hell is going on in the USA?
Re: Re:
oblig: https://youtu.be/s5_kqijQHv4
Re: Re:
how can any person be convicted if he/she is unaware of the evidence, the charges or what and how evidence has been collected?
One explanation comes to mind:
Welcome to Cardassia!
Re: Re:
what the hell is going on in the USA?
Devolving from the land of the free into a police state?
Ultimatum time it would seem
‘Provide the evidence, provide the full details regarding how you got it, or don’t bring it into my court-room.’
Every judge should operate off of the above idea, because once you start to allow secret evidence or evidence where the defense is not allowed to check to make sure it was acquired legally the purpose of a court goes from justice to convictions.
I rather doubt the prosecution would allow ‘secret’ evidence being presented by the defense to demonstrate their client’s innocence, evidence that the prosecution can neither check or challenge, and in turn the prosecution shouldn’t be allowed to present such evidence either. If they really want to keep a particular trick or technique secret then they can request that it be filed under seal, but not allowing the defense to examine it at all shouldn’t be acceptable in the slightest, and should result in the evidence in question being barred from being used in the case.
Picky picky
This line of inquiry is all just NIT picking.
Even if Jay Michaud is guilty of whatever charges (and he may be just a case of wrong place and wrong time) the defense should have access to the data. Because others caught in the net could actually be cases of ip spoofing, people (mis)using their machine to do whatever or even forged data to achieve a conviction (be it the Government doing the forging or others). That’s how a country that really values democracy and freedom should work. With transparency so there is no space for forging or injustice.
Re: Re:
When I was a kid, the justice system was explained like this – “We’d rather let 100 guilty go free than to accidentally put one innocent in prison.” Now it turned all around – they would rather 100 innocent go to prison than take the chance that one guilty goes free.
Re: Re: Re:
WE need a sad but true button.
Re: Re: Re: Re:
[Sad but True]
The fact that goes overlooked here is that the FBI ran a child pornography site. Not a fake child pornoigraphy site. A REAL child pornography site with real child porn and the NIT was probably based on tracking the REAL child porn that people were downloading.
Re: Re:
Sadly there is no oversight and they are treated as above the laws they inflict on everyone else
Re: Re:
…tracking the REAL child porn that people were downloading…
I’m more concerned about the UPloaders. Did any get caught in this scheme? Unlike prostitution a significant number of the “models” are NOT participating of their own free will.
Re: Re: Re:
I’m more concerned about the UPloaders.
The up-loaders were probably government agents.
They are using this to go after Free Talk Live, a voluntaryist/libertarian radio show that has been a big advocate of Ed Snowden/Ross Ulbricht and isn’t shy about their contempt for .gov, especially the NSA and FBI.
https://www.freetalklive.com/news/free-talk-live-studios-were-raided
The guy could be guilty of everything he’s charged with but if the FBI won’t show their work then non of that evidence they obtained with the exploit should be allowed to be used in court. It’s bad enough they were allowed to actually run a child porn site but then being allowed to hide how they obtained their “evidence” on people and just tell everyone to trust us it’s accurate is just beyond words.
I thinks we’re all missing an opportunity here.
We should be calling encryption “Digital Rights Management.” Which it is, of course; it’s only a matter of who manages the rights to the encrypted data.
That way, powerful people who have declared jihad against encryption would be declaring jihad against DRM.
Defendant has the right to face their accuser
In this case, the NIT is the accuser because that is what “claims to prove” what the defendant supposedly did.
Do the ends justify the means?
Completely aside of the this article’s intent to focus on the governments obfuscation of the method it used to track the defendants, I find it utterly abhorrent and reprehensible that the FBI ran a child porn website for *ANY* length of time! Everyone involved in this, from the decision makers to the techs, should be brought up on distributions charges. Disgusting!
Re: Do the ends justify the means?
Especially as the FBI has rules (or at least they did at one time) that say that when someone is accused of having child porn on their computer, an image copy of the hard drive can’t be given to an independent expert hired by the defendant, because doing so would risk the images/videos being further distributed. The data can only be examined by an expert in a secure FBI facility under the watchful eye of FBI agents.
FBI: Just trust us...
A hollow show-trial will do.
The FBI loves child pornography.
I don’t think people are really grasping the deeper issues here. The FBI in this particular case is likely balking about the likelihood of revealing how it was done making it back to the perv community who can (and will) work on an effective countermeasure.
The users in question had to create an account and/or login to Playpen (which lets not forget had graphic child pornography all over). When said users connected the FBI’s NIT backtraced and loaded into their systems (so no, a VPN wouldn’t matter here, there is no “mistaken ID”). In the case of Free Talk Live, it would mean one (or more) of their members was accessing the site from their offices.
Really, people seem to wildly underestimate just how soul shreddingly hard it is to catch these guys. Law enforcement has been struggling for years with stuff like this, you can read a bit about it in the book One Child at a Time: Inside the Police Hunt to Rescue Children from Online Predators (it tries to end on a positive note, but the reality is anything but). Finding these sites in the first place can be extremely difficult, then there’s trying to track the users who use VPN’s, mobile servers, and anonymizing tools. If the sites taken down, they scatter to the wind and make new sites.
Playpen had been up for less than a year and had already been hitting 100k users in 15 days (the time the FBI kept it running), and these aren’t just people trading pictures like baseball cards, were talking manufacturer’s, how-to guides, “enthusiasts”, etc. Now keep in mind that Playpen was just one site out of thousands, hiding in a miriad of different ways all over the deep web, dark net, and any other shadowed crack you can think of. The FBI and law enforcement aren’t going to say anything about it for the same reason Apple doesn’t want people thinking too hard about the security flaws in their iPhones, because their afraid that if people find out just how screwed they are they’ll go nuts.
I understand and agree with the need to “show your homework” in order for the case to be properly prosecuted, but this issue isn’t going to go away any time soon and its something were all going to have to have a serious talk about eventually.
Re: Re:
What you say has merit, but the point being raised is that an office of the government was actively involved in this practise. It doesn’t matter what reasons they use to justify their actions, their actions are unjustifiable.
Remember that these activities which we hold as being so bad and destructive of lives were considered socially acceptable in times past. In many areas of the world today, it is still considered acceptable.
If you want to stamp out such activities (which you cannot ever do completely), you don’t then actively promote these activity on the pretence of catching and prosecuting others involved. You find other methods of dealing with it. If you cannot find other methods, you still don’t any justification to actively promoting such activity.
Re: Re: Re:
To say that such things were (and are) socially acceptable in some parts of the world is somewhat disengenuous. Slavery, racism, sexism, torture, murder, these things are all still in modern society, and while they may be accepted to varying degrees, I doubt anyone has ever considered them “good”. Its part of our instinct to protect our offspring and each other to ensure both our survival and prosperity, there are a miriad of reasons why people may become twisted or motivated towards such behavior and our approach as a society to mitigating this definitely needs rethinking, but we need to be able to have that conversation in the first place for any solution to be found.
I also understand that regardless of whatever justifications may be given, running that site wasn’t right and that there should be consequences. But to be fair they didn’t make the site (this time anyway), nor did they approach others or do any direct (or indirect) advertising or coercion. Its far from perfect and I doubt they consider it right either, but the notion that if you can’t find a solution you should just sit on your hands and watch is emotionally and realistically absurd. Do you know what the average burnout rate for Child Exploitation officers is?
3 years: [Emotional Impact on Officers Investigating Child Exploitation].
You can’t comb through terabytes of infants/toddlers being violently raped and tortured day after day and not have any kind of emotional impact, not take it personally that its not somehow your fault and responsibility, that if only there was some way, some clue, that could lead you to them you wouldn’t have to watch their next R rated birthday party.
Taking that in context, they may rationalize their actions as the lesser of two evils. Do they shut the site down and keep people from distributing those nightmarish images of abuse past and present? Or do they keep it running for a little while in the hopes of reaching some of the children still actively being abused for “fresh” content? It’s a Kobayashi Maru.
Re: Re: Re: Re:
The fact is these things are acceptable in many parts of the world. Are they good – personally, not or your nelly.
Read your history of Rome and even Greece. It was the right of a father in Rome to choose whether or not a child (by his loins) was to be accepted as his or not. If found to be not acceptable (for whatever reason), it suffered the consequences of that. such children could well find themselves being placed in brothels and if male, could easily face the prospect of castration for the pleasure of the brothel customers.
This instinct to protect our offspring is not very high, we are quite happy as a society to ensure that a women can terminate a pregnancy as she wishes. I am not making a judgement here, just stating a simple fact. This instinct is not strong.
What we call “twisted” in one age, can be completely socially acceptable in another. Unless there is an absolute standard by which to measure these things, then relativism requires that no judgements be made as all ways of life are equally acceptable.
Nothing to be fair about, they were wrong. It shouldn’t have happened in the first place. They are as culpable as those they are prosecuting. But, they will not face any lasting consequences, will they?
In these days, why, oh, why would they personally comb through this garbage? Yes, there are consequences with working in law enforcement. However, many of these consequences are created by the LEO’s themselves. Who will actively trust a LEO with anything because they “know” that the LEO will turn on them for being cooperative, this includes the victims?
Treat it like blackberry or brambles. You can try an poison it, but the most effective means is to just destroy it wholesale. Mow it, burn it, rip it out and burn it. This could probably be a good use of NSA resources to seek out and destroy all such sites.
Automated pattern matching algorithms can be used to match up images, without a single person having to actively look through them all. But to continue running a site on the off-chance that they may, perhaps, might possibly find a child to set free while more are being enslaved is the sheerest of stupidities.
Re: Re: Re:2 Re:
I can see the argument for eschewing practicality over idealism, which is often an unfortunate but necessary reality. But that doesn’t mean that the ideal should still not be pursued, even in those other parts of the world.
True, instinct is a bit of a catchall phrase encompassing a variety of impulses that can hardly be considered an absolute. Perhaps a more accurate definition would be contextual and emotional logic. A woman who becomes pregnant through rape logically may not want the child because of the constant emotional reminder and association with a deeply traumatic experience it would present (basically PTSD on speed dial), but even in our society the topic of abortion is still hotly debated (one of the reasons politicions do not want to talk about it is because of the shit show it causes). But as a matter of practicality, any faetus that cannot survive outside of its host (less than 5 months) is grudgingly accepted by most.
I’m familiar with the histories of Rome, and its fairly safe to assume that the children (and slaves) in question did not enjoy said lifestyle. As with all such power dynamics it calls into question the definition of “acceptable”, acceptable for the minority in power? Yes. Acceptable for the majority subject to their whims? No. Its not uncommon for people to favor practicality over idealism in oppressive situations, which leads to them favoring the more familiar (abusive) system over unknown freedom (stockholm syndrome), a dynamic we can see in play even today in places like Syria up to the Arab Spring uprising (and its tragic results). If such an abusive culture was acceptable in Syria all along for all those involved, surely the uprising wouldn’t have happened?
Curious, first you talk of the mercurial nature of moral relativism, then discuss the moral absolutism as to their culpability and lack of any justification for their actions? I’m to assume perhaps that we are talking in the context of our own societal values and subjective views. And no, I’m doubtful they’ll be held accountable by government or law enforcement in the manner we expect either, but the public majority holding them accountable is a different matter.
It is required by law to catalog all material obtained in an investigation, both for cataloging into digital databases for future reference and for building cases to effectively and accurately show the scope of the crime in its entirety, as well as to separate cases of possesion and manufacture. Pattern Matching also will not help determine the whereabouts of the victim’s or their abusers, something that can only be (currently) done manually through forsensic analysis in an attempt to isolate with whom, or where such events took place. They do infact use Pattern Matching algorithm’s however (provided by the likes of Microsoft), but such software can be known for degree’s of mismatches and inaccuracies. In order to ensure a complete match either they need to search only for existing hashes of cataloged images (which they need to comb through for those that don’t match and add them), or use a general pattern matching algorithm and comb through all the results manually for mismatches.
If they make a deal to allow a perpetrator to walk it corrodes the publics trust in them as they may very well be putting others at future risk as a result, and the public in general expects some form of punishment for such behavior (or vigilantism may occur). If they don’t make/honor deals, then nobody will trust them anyway. This can be especially difficult if their faced with a victim who is themselves an abuser. How we approach and deal with such abuse is one of the things that requires re-evaluation, its not enough to simply throw them in a dark cell and call it a day, as emotionally satisfying as that may be. As horrifying as it is, such abuse isn’t (typically) murder and would benefit from a far greater level of psychological treatment and analysis. As to whether the public would accept that is a different question.
Automated pattern matching isn’t 100% accurate unless your using a pre-vetted database which can otherwise result in collateral damage (assuming the target in question has been cataloged), and not all sites/databases are online 100% of the time. You can see the results of that kind of thinking with software piracy, it boils down to a game of whack a mole where sites are put up faster than the time it takes to find and take them down, let alone prosecute them. Then you get into obfustication, where they alter their content to bypass filters and pattern recognition software, or the use of Steganography to encrypt and embed images and files into other media compounding the possibility of collateral damage and increasing the difficulty of revealing them. The NSA aren’t wizards anymore than Apple are, and these groups are running some very sophisticated redundant networks in a variety of form’s. Not only that but their budgets and manpower are also many times greater than that of law enforcement and aren’t hindered by legalities.
No, they should never have run that site. But it may speak in part to the emotional and logisticial strain and desperation they endure that they would even think something like that would be anywhere near acceptable. Its that strain I think that needs to be included in the wider discussion, as technology and fear from terrorism has grown over the years both the public and government have passively assumed law enforcement can maintain the peace with no thought as to whether they (or anyone) can handle the burden of that task.
Re: Re: Re:2 Re:
I’m sorry. I really shouldn’t be blowing out these kinds of discussions on threads like this, so I’m not going to come back here again. It’s just, I feel that people are too quick to jump to conclusions without taking a moment to consider what it must be like for them (LEOs), and why they might do such things. No, there not perfect, but we should try to work it out, shouldn’t we? People are free to disagree (it is a complex issue!), maybe i’m just too much of an optimist of sorts.
Either way, thank you, at least, for taking the time to talk. I Hope you have a good day.
Child porn-collecting FBI partner on track to dodge jail
“Child porn-collecting FBI partner on track to dodge jail”, by Levi Pulkkinen, Seattle Post-Intelligencer, Apr 6, 2016
Re: Judge: FBI-tied child porn collector 'not a danger' to school [was Child porn-collecting FBI partner on track to dodge jail]
“Judge: FBI-tied child porn collector ‘not a danger’ to school”, by Levi Pulkkinen, Seattle Post-Intelligencer, Apr 8, 2016
Re: Re: Seattle FBI chief weighs in on sentencing of child pornography offender [was: Judge: FBI-tied child porn collector 'not a danger' to school]
“Seattle FBI chief weighs in on sentencing of child pornography offender”, by Levi Pulkkinen, Seattle Post-Intelligencer, Apr 8, 2016