Unsealed Warrant Shows FBI Malware Affected Innocent Tor Users While Agency Ran More Than 20 Child Porn Sites

from the supporting-justifications-cited:-1.-the-ends dept

Thanks to the ACLU's push to unseal documents related to the FBI's targeting of TorMail users and Freedom Hosting, the warrant affidavits supporting its NIT deployment have been released by the agency. Joseph Cox of Motherboard reports:

In 2013, the FBI received permission to hack over 300 specific users of dark web email service TorMail. But now, after the warrants and their applications have finally been unsealed, experts say the agency illegally went further, and hacked perfectly legitimate users of the privacy-focused service.

“That is, while the warrant authorized hacking with a scalpel, the FBI delivered their malware to TorMail users with a grenade,” Christopher Soghoian, principal technologist at the American Civil Liberties Union (ACLU), told Motherboard in an email.

The 99-page affidavit [PDF] is lightly-redacted but contains some completely uncensored and surprising admissions from the agency. Contrary to its post-release statements about the scope of the "narrowly-tailored" warrant not being exceeded, the actual contents show the deployment of the NIT to unmask Tor users is much more aligned with Soghoian's "grenade" description.

As Cox points out, the TorMail affidavit [PDF] says the NIT would only be delivered to logged-in, specifically-targeted TorMail users.

[T]he NIT… will be deployed on the TARGET ACCOUNTS while the TARGET ACCOUNTS operate in the District of Maryland, to investigate any user who logs into any of the TARGET ACCOUNTS by entering a username and password.

In reality, the deployment occurred the moment a user landed on any site utilizing Freedom Hosting -- not just the child porn sites the FBI had taken control of. And the number of sites the FBI was running during this investigation is staggering.

According to the new documents, the NIT was used against users of 23 separate websites.

If you thought the FBI's admin efforts for two separate child porn websites (in two investigations spaced a couple of years apart) were questionable, you have to wonder about the morality (or legality) of the US government becoming one of the world's largest distributor of child pornography. Researcher Sarah Jamie Lewis notes that, according to her numbers, the FBI could have been operating close to half (if not more) of the child porn websites in existence.

And, as for the claims the FBI didn't exceed the scope of the warrant: that's clearly not true. The warrant was issued in Maryland and was delivered to users all over the world. The supporting affidavit contains descriptions of one site apparently located in Hungary, but never makes any attempt to limit the FBI efforts to within US borders, much less Maryland.

The NIT violated Rule 41 limitations and then exceeded the FBI's own assertions about targeting specific users. It continues to deploy the same malware against Tor users with a similar lack of concern for jurisdictional restrictions or its implicit invitation for foreign law enforcement agencies to engage in the same tactics against US citizens.




Reader Comments

Subscribe: RSS

View by: Time | Thread


  • identicon
    Anonymous Coward, 8 Nov 2016 @ 2:57pm

    Red line

    Up until this point i've been skeptical of the fears about government malware. At its best, when it's authorized with a warrant and targeted narrowly, it can be a reasonable (imo) tool to defeat end-user encryption and put the backdoor argument to rest.

    But what is described here is unforgivable. Users of specific services or software cannot be justified targets merely for choosing those services or software. If this proves to be the new norm, laws are not sufficient to protect our rights anymore.

    reply to this | link to this | view in chronology ]

  • icon
    That Anonymous Coward (profile), 8 Nov 2016 @ 3:09pm

    We are more concerned with the ends, we stopped looking at the means being used... because they are only used on "Bad People"(tm)... until we figure out they think everyone who isn't them is bad people.

    We are past the point of stopping this, we need to demand that things be stopped.
    We need full reviews & disclosures.
    We need people held accountable.
    We need punishments.
    We need to make sure we don't keep heading towards not looking any different than the dictatorships we call out around the globe.

    We had a horrible problem, so we screwed innocent people and ran at least half of the places you can get the horrible things & spread more of it... by undermining the checks & balances of the law and many of our cases have fallen apart because what we did was so stupid the courts say WTF is wrong with you people!?

    reply to this | link to this | view in chronology ]

    • icon
      art guerrilla (profile), 8 Nov 2016 @ 3:49pm

      Re: and ? ? ?

      these things will be resolved, how, exactly ? ? ?

      bear in mind (paraphrasing) freddy douglass's quote: power never devolves voluntarily...

      hmmm, ok, now what ? ? ?

      voting for (t-rump/killary) will solve these problems ? ? ?
      ...or exacerbate ? ? ?

      well, (meta-ironically) fortunately and unfortunately, at the same time, Empire is both reaching its peak and falling, at the same time...
      hard rain coming...
      based on a true story...

      reply to this | link to this | view in chronology ]

      • icon
        That Anonymous Coward (profile), 8 Nov 2016 @ 6:16pm

        Re: Re: and ? ? ?

        They could be resolved if people stopped worrying about trying to exercise control over others based on strongly held religious beliefs, and punished the representatives of the people who are doing nothing to protect the country.

        reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 8 Nov 2016 @ 3:14pm

    WHO?

    Who is watching the watchers and who gets punished when the watchers violate the law. Do those mythical punishments have the same voracity as the general public punishments, if not why not. This an aside from operating a porn site illegally and spreading malware.

    reply to this | link to this | view in chronology ]

  • icon
    Jeffrey Nonken (profile), 8 Nov 2016 @ 3:33pm

    Well, you know the old saying... you can't make an omlette without breaking a few laws, court orders and constitutional amendments that guarantee against unreasonable searches and siezures.

    I love that old saying. It just rolls off the tongue.

    reply to this | link to this | view in chronology ]

    • icon
      Niall (profile), 9 Nov 2016 @ 4:16am

      Re:

      You'd have thought the Constitution's framers would have thought about this ahead of time and put in some sort of bill or amendment or something.

      But then, anything not allowing unlimited personal nuclear weaponry seems to be government overreach...

      reply to this | link to this | view in chronology ]

  • identicon
    Whutevah, 8 Nov 2016 @ 3:38pm

    If they had nothing to hide...

    then they had nothing to fear.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 8 Nov 2016 @ 3:50pm

    I think the FBI said it best when they said they'd rather 100 innocent people be accused of child pornography and go to prison for it than one guilty go free.

    reply to this | link to this | view in chronology ]

  • icon
    Coyne Tibbets (profile), 8 Nov 2016 @ 3:56pm

    Innocent TOR user? No such thing

    Expect a correction from the FBI any time now: there is no such thing as an "innocent" TOR user. The FBI sees TOR users hiding things...and people with things to hide are terrorists.

    reply to this | link to this | view in chronology ]

    • icon
      That One Guy (profile), 8 Nov 2016 @ 5:58pm

      Re: Innocent TOR user? No such thing

      The FBI sees TOR users hiding things...and people with things to hide are terrorists.

      Almost, they see non-government people hiding things as terrorists, the government of course is not only allowed to hide things it's their Right to do so, because of course they need to be able to keep secrets, despite insisting that the public can't.

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 8 Nov 2016 @ 4:28pm

    It has become painfully obvious, to even the most thick-headed civilian, that thanks to corrupt vetting practices at the FBI, it's resources are now being controlled and utilized by an elite group of pedophiles who now work INSIDE the agency.

    reply to this | link to this | view in chronology ]

  • icon
    Norahc (profile), 8 Nov 2016 @ 6:12pm

    Nope

    The FBI broke the law, ignored warrant limitations and even jurisdictional limits, and disregarded the rights of the people.

    Nope...still not surprised.

    reply to this | link to this | view in chronology ]

  • identicon
    Christenson, 8 Nov 2016 @ 6:39pm

    So...what else was on Freedom Hosting?

    That is, the FBI vastly overreached it's warrent, and infected everone who visited a website hosted on Freedom Hosting.

    Just for giggles Mike Masnick, which sites would that be????

    Thanks!

    reply to this | link to this | view in chronology ]

  • identicon
    Pixelation, 8 Nov 2016 @ 7:12pm

    If you need child porn...

    just connect with the FBI, they have a ton.

    reply to this | link to this | view in chronology ]

  • icon
    Padpaw (profile), 8 Nov 2016 @ 7:22pm

    from 1 site to site 20. How long before it turns out they were saving files as well as distributing them, hmm.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 8 Nov 2016 @ 10:11pm

    It was cops had the best dope, now they have the best CP, how sad. If you have to kill somebody to catch a killer it is time to give up the ghost.

    reply to this | link to this | view in chronology ]

  • icon
    Violynne (profile), 9 Nov 2016 @ 5:10am

    "you have to wonder about the morality (or legality) of the US government becoming one of the world's largest distributor of child pornography."

    Perhaps this should be addressed by properly asking the right question of the FBI, which is:
    "In the past 20 years, how many child porn producers have been arrested?"

    I suggest having a box of tissue nearby, because the answer is going to make you cry.

    Funding the FBI is no different than other departments. If the FBI is "doing its job", then it means they get the lion's share of the money.

    From the agency which wastes no time in setting up fake terrorists.

    Stop and think about the ramifications regarding an agency sitting on the world's largest collection of child pornography and the surprisingly timed "arrests" of people, most of whom are consumers, not producers.

    reply to this | link to this | view in chronology ]

    • icon
      Coyne Tibbets (profile), 9 Nov 2016 @ 9:52pm

      Re:

      Producers have money; producers fight back.

      Much easier to make showy convictions of "consumers." The public defender won't even make you prove it was child porn, and will most likely help arm-twist the "consumer" into a plea.

      reply to this | link to this | view in chronology ]

  • identicon
    Personanongrata, 9 Nov 2016 @ 11:55am

    Expediency is not Justice

    Unsealed Warrant Shows FBI Malware Affected Innocent Tor Users While Agency Ran More Than 20 Child Porn Sites

    In US government lingo the Affected Innocent Tor Users were simply collateral damage and are completely expendable especially when viewed through FBI's prism of expedient motives.

    reply to this | link to this | view in chronology ]

  • identicon
    Rekrul, 9 Nov 2016 @ 2:47pm

    The NIT violated Rule 41 limitations and then exceeded the FBI's own assertions about targeting specific users. It continues to deploy the same malware against Tor users with a similar lack of concern for jurisdictional restrictions or its implicit invitation for foreign law enforcement agencies to engage in the same tactics against US citizens.

    Don't worry, Congress will soon make it retroactively legal.

    reply to this | link to this | view in chronology ]

  • identicon
    LAquaker, 9 Nov 2016 @ 4:38pm

    Clinton started this:)

    Governor Clinton's Arkansas was the northern terminus for the importation of cocaine under Drug cZar Bush, Nixon was a lawyer for Pepsi during their Burma heroin operation, any reactor GE builds around the world, we own the waste products (weapons grade plutonium) and our FBI promulgates child exploitation images and probably targets anthrax for social engineering the american mind.
    Nothing to see here.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 9 Nov 2016 @ 8:38pm

    It will happen again.

    It will happen again, Guaranteed! With this sort of collateral damage, a dissection and analysis of the methods used by the FBI to spread their malware is needed, if for no other reason so that the general public can protect themselves from a rogue government.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 10 Nov 2016 @ 5:07am

    Many people used TorMail for legitimate uses.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 10 Nov 2016 @ 6:27am

    Did they check mr podesta emails for pedophiles kewords?

    reply to this | link to this | view in chronology ]

  • identicon
    Celeste Guarini, 10 Mar 2017 @ 4:02pm

    Child Porn: It's for te children, now fortified with FBI approval and dissemination

    Dissemination by the FBI....what would THAT look like? Eeeew.

    Wow- how do we stop these goodguys? A few wankers who may/could/might hurt a kid aren't enough for me to eradicate privacy of citizens, while granting a criminal gov't child porn distribution rights. And every time there is a pedo-sweep 80% are gov't or priests and rabbi's; teachers and cops.

    Not to mention that more kids are killed every year by their mothers in America, than kids raped by strangers ( which is shockingly rare.)

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Use markdown for basic formatting. HTML is no longer supported.
  Save me a cookie
Follow Techdirt
Special Affiliate Offer
Anonymous number for texting and calling from Hushed. $25 lifetime membership, use code TECHDIRT25
Report this ad  |  Hide Techdirt ads
Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.