FBI's Hacking Tool Found To Have Compromised Dozens Of Computers In Austria
from the because-someone-in-Virginia-inadvertently-said-it-could-do-this dept
The FBI is already having problems here at home with the hacking tool it deployed during its dark web child porn investigation. A few judges have ruled that the warrant used to deploy the Network Investigative Technique (NIT) was invalid because the FBI’s “search” of computers around the United States violated Rule 41(b)’s jurisdictional limits.
Now, we’ll get to see how this stacks up against international law. It’s already common knowledge that the FBI obtained user information from computers around the world during its two weeks operating as the site administrator for the seized Playpen server. More information is now coming to light, thanks (inadvertently) to a foreign government’s inquiries into domestic anti-child porn efforts. Joseph Cox of Motherboard has the details:
Earlier this year, Austrian MPs sent a letter to the country’s parliament, asking for more information on child pornography and sex tourism cases. In response, politician Johanna Mikl-Leitner wrote that Austrian authorities cooperated in Operation Pacifier, showing for the first time that the FBI hacked computers in the country.
According to her letter, a list of 50 Austrian IP addresses were evaluated by a federal intelligence unit and used to pursue suspects of possession and distribution of child pornography. The IP addresses led investigators to “countless child pornography files,” according to a translation of the letter, which is dated March 2016. “Extensive investigations are still underway,” it continues.
Local law enforcement appears to be unconcerned that the FBI has exceeded its Rule 41(b) grasp. It took the tips delivered to it by the FBI’s NIT and has carried out investigations of its own, collaborating with Europol. Apparently, the FBI’s lack of explicit permission — either from the local US magistrate judge or from foreign governments — isn’t considered problematic when used to scoop up offenders few are willing to defend. Europol and the FBI have refused to comment on how far the Playpen/NIT net was cast, but it apparently includes Greece, Chile, Denmark, and Colombia — along with possible (but unconfirmed) Playpen users located in Turkey and the UK.
Obviously, the Virginia magistrate who signed the FBI’s warrant application had no idea how far its NIT would reach. To be fair, the FBI likely had no idea either, as it was dealing exclusively with users whose originating locations had been obscured by the Tor browser. That being said, the FBI gave no indication in its affidavit that it would possibly be carrying out extraterritorial searches, traveling far beyond the magistrate’s jurisdiction and into computers located in multiple foreign countries.
To “fix” this limitation, the FBI is firmly behind the current, mostly-downhill push to strip jurisdictional limits from Rule 41, leaving it free to perform this hacking without being second-guessed by federal judges during prosecutions. That other countries are more than happy to partake in the results of possibly illegal actions doesn’t say much about their willingness to protect their own citizens from US law enforcement overreach. Or, at least, it shows there are certain suspects they’re not interested in protecting — even if it means creating a slippery slope they may regret later, when the FBI starts coming after alleged criminals not so universally reviled.
Filed Under: austria, borders, fbi, hacking, malware, nit, rule 41
Comments on “FBI's Hacking Tool Found To Have Compromised Dozens Of Computers In Austria”
We are already well on the way down that slippery slope. While I agree these people deserve no sympathy at all, this sort of thing can used in far less egregious cases. The US is already doing this in cases that would best be described as secondary copyright infringement (jaywalking stuff, basically). Just look at Megupload and KAT and ask yourselves why the US should be given the time of day in cases like this. New Zealand and Poland have local laws that are well up to the task, and it seems likely no New Zealand or Polish laws were broken. That CP is used as the thin end of the wedge to erode national laws is every bit as repugnant as CP itself.
Re: This need not become a slippery slope
We can just use parallel construction so that we don’t need to invent justifications for progressively more invasive methods.
And just like that, all the files are spiffy clean and there is no slippery slope at all.
Re: Re: This need not become a slippery slope
You are right, no slope at all…
Just the edge of the cliff… that first step is a helluva doozy!
Chile
“Chile”, not “Chili”.
Re: Chile
You’re doing God’s (as well as Tim’s editor’s) work. That typo is Yahoo! News level of cringe.
Don't think they will regret it
I agreed with everything you said except for:
“even if it means creating a slippery slope they may regret later”
I don’t think they will regret it. Getting to the bottom of that slope only means more power and control by the government(s). How they get there is of no concern to them.
"To be fair, the FBI likely had no idea either,"
Yeah, it’s not like the internet is international or anything like that.
/s
Not just the US, but Russia and China too?
So, if Russia and China are caught red-handed hacking into US computers will they now be able to justify it by claiming that they were just investigating reports of possible child porn? I mean, if the FBI can do it, then why not the FSB?
Re: Not just the US, but Russia and China too?
So that’s what the hack of the DNC’s email accounts was actually all about…
Re: Re: Not just the US, but Russia and China too?
Hillary a CP distributor? Nawww….
Wait, it was for Bill all along, those filthy bastards!!!
The problem with this is that at some point some pedophhile scum is going to get OFF because of it. Illegal searches is never the way
Get Them yes. But do it rightly
Re: Re:
The concerned Citizens view this as a problem. Those handling the prosecutions do not. Putting away innocent people and letting the guilty escape are NOT the objectives here.
They literally do not give a fuck about who gets what so long as they have their over/under statistics right where they need them for their next promotion or political gas bagging.
Re: Re: Re:
Have a Sad But True/Insightful vote.
If at first you don’t succeed…
Change the rules and try again?
What exactly does the hacking tool do?
Does it snoop around on third party hard disks and send data to the FBI? Does it use third party computers to distribute illegal files? Are there mechanisms to ensure that the FBI can not place files that it subsequently ‘finds’?
What a great tool for parallel construction. Let someone else dig up the evidence and when your defendant challenges it, well, you couldn’t turn over anything raw data even if you wanted. The tools, methods, and data are all in the control of a foreign government. And if the defendant makes application through the Hague Convention(tm) and sovereign immunity, well the case could drag out for years and you could bury the defendant with enough frivolous litigation that he’ll cop guilty plea just to have done with it.
Re: Re:
What – like Andrus Nom did?
I believe the answer is, “we do what we want, we don’t care about violating international law”
probably some nonsense about the US being the last bastion for freedom and democracy and all the rest being evil empires bent on world enslavement
Re: Re:
could i get this deleted meant to post this as a response to something another user said
Re: Re:
Doesn’t it fit here too? ;]
Evidence from hacked systems should be inadmissable
Here’s the reasoning:
1. If the system has been hacked (let’s say by custom malware) then there is proof on the table (a) that it’s insecure and (b) that it’s been successfully infiltrated by at least one entity.
2. Since (a) is true, there is no way to know that any actions taken by that system or any data stored or transiting that system is the responsibility of its putative owner.
3. Since (b) is true, there is no way to know that it hasn’t been previously or subsequently infiltrated by someone else.
Let me pause to note that anyone familiar with bots and botnets can point to a few hundred million examples of (2) and (3).
4. Because (2) and (3) are true, there is no way to establish a definitive connection between any evidence gathered on the system and the owner of the system. This doesn’t mean that the evidence isn’t factual, e.g., “File F was found on this system” or “This system participated in a DDoS attack” and similar assertions may be true. But there is no way to leap from those to “The owner placed file F on this system” or “The owner participated in a DDoS attack”. And that leap can’t be made, because the act of hacking made it impossible: it’s spoliation writ large.
Re: Evidence from hacked systems should be inadmissable
But you have forgotten their new mantra:
You are guilty because we said so. No defense allowed.
Re: Re: Evidence from hacked systems should be inadmissable
What is truly terrifying about this is that that is actually the case. It would be too easy to plant CP on a machine and then to just “let” FBI find it and they will do all the work of screwing your enemy for you.
Re: Evidence from hacked systems should be inadmissable
You overlook the fact that this case is about child pornography, which is treated much like witchcraft and heresy were during the dark ages. They consider it better to incriminate 100 innocent people than let even one guilty one go free.
“extraterritorial searches” Read as:
extraterrestrial searches. I thought… I hope the aliens don’t use encryption.
First they came for the Socialists, and I did not speak out—
Because I was not a Socialist.
Then they came for the Trade Unionists, and I did not speak out—
Because I was not a Trade Unionist.
Then they came for the Jews, and I did not speak out—
Because I was not a Jew.
Then they came for me—and there was no one left to speak for me.
– Martin Niemöller
It is good to know who the truly mentally ill in our society are, then we can keep an eye on the people they work for.
What would happen if someone hacked an electronic billboard in Times Square and played a child porn video? Would the FBI arrest every single person who stopped to look? I mean, they’ve gone after people who have had as few as two thumbnail images in their browser’s cache, people who have porn with young-looking actresses and even people who have had cartoon porn. If the obsession over arresting people who have viewed child porn is so great, wouldn’t they have to arrest everyone who doesn’t immediately turn their back on such a display?