Slashdot Mirror
When The FBI Knocks, A First-Person Account
Ever wondered what happens when your IRC chatter draws the attention of the public servants at the FBI? dilinger writes: "I wrote up a description of what happened to me last weekend. The FBI confiscated my computers for checking out yankees.com, after it had been defaced. If this doesn't make you paranoid, nothing will. :)"
There's more information to be found on a computer disk than what you can get by dumping the contents
Yes, that is true. On the same note, there is more information in a wall splattered with blood than the pictures and measurements. Does the FBI come to the house and cut down the wall for 'evidence', using regular field agents to handle cutting down the wall with sledgehammers and sawzalls? Nope. They use specialized blood spatter technicians, who do the tests on the wall, photograph, sample, measure, and leave in a timely fashion. If their tests reveal that there may be more information on/in the wall, they come back and do the test. If you've washed your wall in bleach to remove the stains (and destroyed the evidence they might have liked) too fucking bad.
Why should they make an exception in the case of digital data on electronic storage?
.sig: Now legally binding!
"Evidence", yeah, right. But how much of what they took can possibly be real evidence of anything? Not much, and they dont have any real reason to keep it either. IANAL, but heres why I think so...
If they booted that machine they took even once their chain of evidence is tainted. It doesnt take much C++ skill to mess around with, for example, a DHCP client that will irreversibly trash certain areas of the HD if the packet that gave it its IP addy happens to come from the wrong MAC address indicating the machine is no longer on its home network - it could even be made to look plausible by looking like a boot-time fsck pass. If they did anything but temporarily connect the media on the confiscated system to a different machine and make a raw copy of each disk (without even mounting it) they cant trust anything they see.
Of course if they are doing that once, they can do it twice and present the guy they are accusing with a copy of the evidence they collect just like in the UK the police are required to tape interviews (on a machine that records 2 tapes simultaneously) and give you or your lawyer a copy of the tape immediately the interview is over. Of course I'd bet the cops really wouldnt like that - it means if theres a single bit difference between the two images when it comes time to go to court and the defendants lawyer can prove their copy has been sitting in his safe the whole time then somebody just got caught tampering with evidence. No matter how good the police force is, some of that goes on in all of them - thats why the UK introduced that regulation about the taped interviews.
This also means that every piece of data on that computer is in their hands. They probably will want to hang onto the physical media from it in case they decide to do the more invasive data recovery techniques but theres no harm to their chain of evidence from handing back the machine(s) excluding disks, but with a complete disk image on whatever media they like. No unjust deprivation of a persons access to and use of their personal property either - and yes, I include the data in that category as well, its the most valuable component of the system because hardware is replaceable, work is not.
I, for one, am not holding my breath waiting for this to happen though. Perhaps the best we can hope for is to have the cops wake up to reality and make sure that they actually send along somebody who knows his ass from his elbow where data security is concerned to cases like these, just like they send cops trained in accountancy on financial cases.
# human firmware exploit
# Word will insert into your optic buffer
# without bounds checking
I had a
>As someone else mentioned, its like not just
>viewing a crime scene, but crossing the yellow >tape.
Except... there was no yellow tape.
-fb Everything not expressly forbidden is now mandatory.
Oh yes, it does. It keeps you, in your ignorance of the law, from telling the FBI things that they can later use against you. Maybe port scanning is illegal in the state the server resides in. Maybe that state has an extradition treaty with your state. Maybe your knowledge dazzles the FBI so much that they decide you MUST be the one. Maybe your statements match the profile of the crime. Maybe they harass you while they investigate you. Maybe you get screwed on the basis of shooting off your own mouth and trusting people whose job it is to spend eight hours a day, five days a week, 52 weeks a year dealing with criminals.
It's kind of like tech support. When all you deal with is broken computers, you start to think that all computers are broken. When all you talk to are stupid people, you start to think that people are stupid. When all you deal with is criminals lying to you, you start to think that accusation = guilt...
Hell, if I can't get him to wear a helmet when he rides his skateboard. . .
kidding, of course.
These are my friends, See how they glisten. See this one shine, how he smiles in the light.
First off, I don't for one second think you did anything illegal regarding this. Nor do I think you did anything wrong. However, You should consider the fact that if you hang around tampering with a fresh crime scene, its JUST POSSIBLE that someone is taking notes and you might get targeted as a suspect.
From what it sounds like, the FBI's actions were simply an act of evidence gathering, not necessarily singling you out as a suspect. However, your actions were sufficient to warrant "probable cause" to obtain a warrant, and once that happens, you're pretty much screwed. They can pretty much do or take anything they want until a trial comes up (and we all know how long "hacking" trials can take)
Do I think this is fair, no I most certainly do not. Do I think you could have avoided all this? Yes, I do.
-Restil
Play with my webcams and lights here
The question should be: why is that kind of "vandalism" considered a serious crime to begin with? Granted, it's unpleasant and shouldn't happen. But it is hardly the case that anybody got hurt, or that anybody made money from it. It seems to me roughly the equivalent of sticking an easy-to-remove poster to a store window.
The problem with making minor pranks major crimes is that it greatly expands the power of the police and the state. Or, as a police officer once told me during traffic school (which I had to attend for a traffic offense I didn't commit): you can't leave your front door without violating some traffic law; we can get you if we want to.
Criminalizing almost everything and imposing harsh punishments on everything doesn't lead to a safe society, it leads to a police state.
The Yankees are still a big business, and the FBI is available for businesses who are victims of computer fraud/theft/espionage/etc. If our site was hacked, the FBI would be on the top 3 organizations we'd contact. (Actually, it'd be the first). Any time there's an "incident" that could possible cross state/international lines, the FBI is involved.
If you were in charge of Yankees.com, and your site was compromised.. what would you do? Nothing? Call all your 3R33T friends? Investigate by yourself?
This is yet more proof that the average slashdot computer dweeb has zero clue about how business really works outside their dorm or pre-IPO VC dot-com.
Life sucks, wear a helmet.
~dlb
If they seize your drugs, are you going to insist they leave you with the same amount you seized, until you're found guilty? Sheesh.
Open Source. Closed Minds. We are Slashdot.
This can be directly equated to a situation where you hear about a liquor store that got robbed so, as a curious citizen, you drive by and take a look. Being that you left some small piece of evidence that you were there at all, the FBI or whoever comes back to your house, confiscates your car and questions you. Anyone see anything wrong with this?? Anyone???
...I returned to my IRC client, said "Looks like a dns hack...", and and the conversation went elsewhere. The entire thing lasted possibly five minutes, and occupied no more than 3 or 4 lines on IRC.
Not at all, but let me make a better example, based on what he said:
Say you were walking down the street and happen to notice the evidence of a break-in, with a policeman standing there. So, if you tell your friend, "Hmm, looks like they broke the window open with a brick," the police would be able to thoroughly question you about your knowledge of break-ins, how you obtained the knowledge, and take any property that you own that could be considered to be "break-in material"?
This war on hacking is gonna be just like the war on drugs. Suspects have no rights. The law is supreme and those who represent the law have supreme power. Speak against them and you will be branded a deviant, a criminal sympathizer, and perhaps much worse.
The War on Drugs has resulted in a much more powerful police force and much weaker rights than we previously had. The government used the War on Drugs to justify civil forfeiture laws which allows local and federal agencies to confiscate your property merely upon suspiscion that it was used in a crime--and they never have to give it back even if you are proven innocent! Here's the real kicker: The agencies (local and/or federal) get to keep your property for their own use, or sell it. In states that restrict this kind of behavior, municipalities can team up with a federal agency such as the DEA or FBI to circumvent these restrictions so they still can get a slice of the pie. In almost all cases where the person is found to be innocent the property is still not returned.
The government obviously feels the need to police the Internet, and have expressed the need for more resources to do it. A War on Hacking modeled after the War on Drugs is the winning formula for them to accomplish this.
If you want to learn the history that we were not taught, but are likely doomed to repeat, check out:
"civil forfeiture" on Google
LibertyBoard.org
Smokedot.org - Smokedot links to a lot of great articles on War on Drug issues as well as other stuff. It's not just for stoners ya'know.
numb
It is interesting that in most jurisdictions traffic violations are "Guilty until proven innocent". I had a scenario similar to your example. I was headed down a hill in an area notorious for strict enforcement, so I was doing exactly the posted 25 mph. This old guy in a pickup truck grows impatient and blasts past me and down the hill. Sure enough, there is a motorcycle cop at the bottom of the hill. The cop is having a cigarette and a coke and looking the other way. His radar gun beeps at him, he turns around and sees me. I'm clearly doing the speed limit (hey, 25 mph is visible to the naked eye, and a long way from 42 mph). He didn't see it that way and wrote up the ticket. When we got to court, the only questions I was allowed to ask are "are you certified to use radar", "was your radar gun calibrated" and "was the grade of the hill or the distance from the curve outside the legal limits for radar use". The question of whether he had the dang thing pointed at me at all was ruled out of order. The fact that he was looking in the complete other direction - out of order. There are only three acceptable arguments to a radar ticket, none of them have to do with "the officer made a mistake". I asked later if they would allow a videotape of the entire event as evidence. Nope, not admissible. BTW, this didn't happen in Turkey or Singapore or some other more limited civil rights area. This happened in Atlanta, GA.
*laugh* Hey, I've been called a facist before by this crowd, but when did I get bonafide? Maybe I could add that to my business card - "Facist as bonafide by some loser on slashdot who doesn't agree with my politics."
I don't think the trains line would get anywhere in my neck of the woods, tho. The MBTA runs on an OK schedule generally. Maybe "he'll make them stop running an express train to harvard when you're at central and already late."
Heck, he's probably a member of one of our more corrupt PDs in this country (like LAPD, for instance).
hmmm... The guy manages to err on my gender, occupation, state of residence and political leanings all in on post. Nice job, if you had managed to make incorrect assumptions about my OS as well, it could have been a loser clean sweep.
-Kahuna Burger
...will work for Chick tracts...
And aim for the head...jackbooted thugs wear body armor.
If this guy is telling the truth, he hasn't done anything illegal. But that doesn't mean the FBI did anything wrong. What this guy did was the equivalent of rooting through a trash bin and obtaining the gun that was used in a murder and taking it home with him. He may not have killed anyone, but he's given plenty of reason to suspect him. I don't see any civil liberties violation here. The FBI needs his computer as evidence. Would anyone complain if the FBI confiscated the gun he brought home?
--
It's rare that you're presented with a knob whose only two positions are Make History and Flee Your Glorious Destiny.
He did more than visit the website. He took it upon himself to "analyse" the crack, sniffing around, trying to find what vulnerabilities there were. He deserved it.
Open Source. Closed Minds. We are Slashdot.
Hopefully your atty is used to dealing with the Feds.
IANAL, neither am I a cop, but I know lots of them including computer forensic guys. Standard procedure is to inspect your equipment then copy your HD's and examine the copies. Once this is done in a properly documented manner, i.e. the copies are verified as usable, the need for them to retain the equipment is minimal.
Get your attorney to write a letter petitioning the judge who authorized the warrant in the first place to get your equipment back. Stress that you are a student and the equipment is critical to completing your studies. Also point out that the logs should clearly show your accessing the site AFTER the defacement took place. And it wouldn't hurt to volunteer to talk to their forensic people to offer them info on what you looked at to examine the hack. I think everyone who works for the FBI is a sworn officer, so talking to one of their techs is talking to an investigator.
You want to show sincere humility. You are an innocent bystander whose fingerprints were at the crime scene. Suck up, just like you would to a professor. Quiet and humble, even though you were screwed. Getting mad at this point accomplishes nothing excepting guaranteeing feet-dragging when it comes to getting your stuff back.
Oh, and watch your porn collection. Different types of porn are illegal in different areas. For example, "shower" scenes are illegal in my area as is beastiality. Keep your collection at the Playboy level and you're good.
And why is the FBI involved? First, the Yankee's is a multi-million $ business, second, I'm guessing that your school is not in NY state, which makes it an interstate crime.
Again, IANAL or a cop, I just know a lot of them.
--
When you sympathize with stupidity, you start thinking like an idiot.
yes, yes they are. You will notice that the people who had suffered damage in this case were also citizens. Those citizens had the right to have a crime against them investigated. The cops had an obligation to not run rampant over the rights of the citizen being ivestigated as well. The part where your response becomes strange is when you realize that they didn't.
Lets actually look at this kids story. He had just gotten fired. He still had access to the systems of the people who just fired him and accessed them that morning. The systems were maliciously compromized. Now what part of "erring on the side of the rights of citizens" wouldn't make him a suspect? The part where anyone saying "oh, this is a mistake, I'm innocent or possibly framed" causes police officers to respond "oh, sorry for bothering you, we would never continue a reasonable investigation after someone says they're innocent"? Of course he was investigated.
Saying "shit happens" is a cop out.
Sometimes, saying "shit happens" is the only mature response to a situation. Specifically, it is the mature response when the system, running as best it can in the best ballance we have come to, nonetheless fails you. The immature response is to attck the system and call the police names when their actions aren't what you like. The even less mature response is to assume that the entire system must be overhauled to avoid ever making that mistake (even if it would lead to many more mistakes of an equally unpleasant kind)
My NICOE was threatened with a frivilous assault charge by a girl subleting with us who bragged that "the police will take my word cause I'm the female" and "your life will be screwed even if you win". She knew how to use the laws in our state to screw someone. After I stayed up for 36 hours straight, crashed for 12 hours and stayed up another 36 all because I was so overwhellemed with rage at her actions that I couldn't sleep, she moved out without making good on the threat, and life returned to normal. The point of this story is that before this incident, I supported the domestic violence and restraining order laws that she had threatened my NICOE with. After it happened, I still supported those same laws. Why? Because the laws cannot be written to prevent all such possible abuses without making them totally toothless, and it would be immature for me to change my overall assessments of the risks and benifits just because I had had personal expereince with the risks. The mature response was not to rail against the system as intrinsicly broken or the authorities as evil, but to say "We had a psycho sublet. Shit happens. Glad thats over." In fact, I would say the decision criteria that needed to be changed based on the incident was our system for picking housemates/sublets, not anything in the MA criminal code.
The mature response to the orriginal poster's situation is (IMHO) similar. "Though either coincidence or malevolence, someone I had a apparent motive against, suffered damage I was capable of right after the potentially motivating situation. This caused a lot of stress, but no end charges. Shit happens. Glad that's mostly over without charges filed. Next time I will encourage them to change passwords and such the day that I leave as a protection for myself as well as them."
This is the mature use of "shit happens", its no copout, the copout is pretenting that the system could work right every single time, or at least should work wrong in the way that never causes you any trouble.
-Kahuna Burger
...will work for Chick tracts...
"Could you be more specific? I get so many rides home from jail." -- Half Baked.
Seriously, though, yeah and you are right. The police won't even necessarily inform you that you have the right to an attorney, although they are supposed to. In my case they refused my request to speak with an attorney (my brother) since they assumed I did not already have an attorney, but only wanted to (find and) speak to an attorney. I learned later that they should have honored my request since I had the number in my head and only had to pick up a phone. Make sure you always say, "I want to speak with my attorney."
rm -rf /* is a poor deletion technique anyways. There are several undocumented 'unrm' utilities out there (I've seen one myself) that are basically fancy implementations of 'dd' that can easily recover data from a UFS or ext2 filesystem.
If you really want to wipe your data clean you should use sdelete (Windows) or secure delete (Unix).
The people left in the bank after a bank robbery don't go sniffing around behind the counter, examining the drawers that the robbers took money from, interrogating the tellers, and examining anything the robbers touched. That's why.
Open Source. Closed Minds. We are Slashdot.
Who said it was a crime? They said he was a SUSPECT - they didn't charge him with "sticking his nose in". However, his actions are would make cause for investigation/being a suspect VERY REASONABLE, if you ask me.
Open Source. Closed Minds. We are Slashdot.
Actually, you may find it interesting to know that for the same reasons, many law enforcement officers will not become CPR certified for liability reasons. I've actually seen officers stand there waiting for the paramedics because if they attempt (and fail) to save a person's life, they may be sued and lose everything they own.
-jerdenn
speaking as a former cop turned techie.I am always appalled at the details of what should be a fine legal system (I mean, the premises on which it is built make sense).
However, the fact that state does not have any liability for seized goods, nor a burden of proof to seize it in the first place is completely flabergasting. I just don't see how this travesty came about?
It seems to me that the state should have to bond all items it seizes. If they are kept more than so long, a partial payment (rent) is made to the owner, and upon their return, any value diminishment is to be reimbursed from the bond. Thus, if a car is damaged in the pound, the bond will repair it, or if a computer is obsolesed, the owner reimbursed.
This will give the agencies the incentive to a) care for physical evidence, and b) return it in a timely manner -- for example, returning a computer after having made a certified copy of the hard drive (or keeping the hard drive and offering the owner a chance to make a copy).
To be fair, you should have labelled the FBI lines "lawyer" or "barrister". The FBI may be intrusive and power-mad and have an over-inflated opinion of their own value to society, but at least they're not the totally amoral, logic distorting scum of the earth that roam the courtroom.
The FBI are just misguided protectors of an obsolescent social order with their backs against the wall in a desperate and impossible fight to keep up with the times. They need to be kept at arms length, but ultimately some sympathy is due to them. They think they're fighting the good fight, and it just so happens that their fight is based on false premises. Sigh.
But that contrasts markedly with the lower officers of the bar, the only human social group that institutionalizes moral bankruptcy in an official medium built on professional sophistry while having the gall to call the result justice. No punishment is bad enough for them. Douglas Adams had the right idea with his Ark 'B'.
"The question of whether machines can think is no more interesting than [] whether submarines can swim" - Dijkstra
At least, according to the text of the Fourth Amendment:
Tom Swiss | the infamous tms | my blog
You cannot wash away blood with blood
Besides, even if you were to realign magnetic domains sufficiently to make the data unreadable to the drive itself, a determined "bad guy" could use magnetoresistive microscopy (Slashdot story here) to piece the data back together again. Magnetoresistive microscopy would even be able to recover your data if you did an "rm -rf /*" when the bad guys appeared. Maybe you could run "shred" to erase your drives thoroughly when the bad guys knock on your door, and then try to stall them for an hour or so while your data is safely erased?
Please note that it is not the police who caused this... It is their job to enforce this unpopular law, but they did not create it. For that, you may thank your baby-kissing politicians.
-jerdenn
I had friends who were planning for the anti-World Bank demo in Washington, DC last April. The Secret Service broke into their apartment and stole research materials.
I will publish and evidence, details, etc. on my website.
________________________________________
Napster-to-go says "Fill and refill your compatible MP3 player", which is a lie. It's not MP3. It's WMA with DRM.
Why do police even bother with these seize and hold operations? They don't have the same "air of legitimacy" that civil forfeiture does. Civil forfeiture laws allow them to take and even destroy or sell a suspect's items without the "bother" of a criminal trial; they certainly do not require a criminal conviction. They also appear more legitimate because they can say, look you had a hearing, and you lost. We know civil forfeiture is an egregious abuse of rights, but average citizens do not.
Just because it CAN be done, doesn't mean it should!
As far as I can tell, this did not start out as a big conspiracy against the citizenry, but the results are equivalent.
This is always the case. I seriously doubt the people staffing the government have plans to deliver us into a police state. However, each little thing they do to increase the power of the government over citizens sends us there nonetheless. No conspiracy needed.
________________________________________
Napster-to-go says "Fill and refill your compatible MP3 player", which is a lie. It's not MP3. It's WMA with DRM.
Where would you go?
Belize. Enlish-speaking, tropical, better human rights record than the U.S. and no extradition treaty.
________________________________________
Napster-to-go says "Fill and refill your compatible MP3 player", which is a lie. It's not MP3. It's WMA with DRM.
Flimsiest coincidence? They move the server to a new hostname to provide an area for the cracker to be 'detected', this guy wanders in and takes it upon himself to work out what exploit they used, portscannning, checking nameservers, etc, and that's "flimsiest coincidence"?
Open Source. Closed Minds. We are Slashdot.
Didn't you learn anything from kevin mitnick?
This is exactly what he did (well I don't know if the filesystem itself was encrypted). He had a gig or two of encrypted data and refused to give over the password on 5th ammendment grounds and he sat in jail for years without a trial.
Now it is true that this is partially because he was trying to gain access to said data under discovery laws (which certainly should apply) but this should illustrate the attitude of law enforcement to encrypted data.
What you really need is some way to hide the data. Don't give me any of this BS about hiding it in the low bits of jpegs...this couldn't stand up to any reasonable analysis (the patterns in the low bits would probably stand out as not due to random pixels). Instead if disk filesystems filled a large section with random bytes then it might be possible for a real peer reviewd algorithm to make it nigh impossible to tell the difference between an empty filesystem versus one with quite a bit of data on it.
If you liked this thought maybe you would find my blog nice too:
You share a misconception with a lot of people. You are entitled to a presumption of innocence in the eyes of the judge and jury, but the rest of the criminal justice system presumes you guilty if there is some evidence against you. This is how it needs to be to make the system work. If the entire system presumed you innocent, you wouldn't even need to show up in court. Why should you? Axe murderers couldn't be held till their trials. Evidence (in the example you are griping about) couldn't be collected.
But they don't recognize the notion of natural rights like we are supposed to with the Bill of Rights. Specifically, the right to bear arms.
But, the whole idea of moving out of the country is predicated on the US becoming a statist hellhole -- at which point the 2nd amendment is rubbish, anyway.
On the broader issue, I agree with you. But the USA is the only country with a Bill of Rights with the cajones ours has. I wish more countries had a Bill of Rights and Consitution like the one the U.S.A. has.
________________________________________
Napster-to-go says "Fill and refill your compatible MP3 player", which is a lie. It's not MP3. It's WMA with DRM.
A few quotes...
... to be armed, To be prepared for war is one of the most effectual means of preserving peace. A free people ought not only to be armed, but disciplined."
... The tree of liberty must be refreshed from time to time, with the blood of patriots and tyrants,"
..."
"Firearms stand next in importance to the Constitution itself. They are the American people's liberty teeth and keystone under independence. From the hour the Pilgrims landed, to the present day, events, occurrences and tendencies prove that to ensure peace, security and happiness, the rifle and pistol are equally indispensable. The very atmosphere of firearms everywhere restrains evil interference - they deserve a place of honor with all that's good."
-George Washington
"A free people ought
-George Washington
Americans [have] the right and advantage of being armed -- unlike the citizens of other countries whose governments are afraid to trust their people with arms,"
-James Madison
"That the said Constitution shall never be construed to authorize Congress to infringe the just liberty of the press or the rights of conscience; or to prevent the people of the United States who are peaceable citizens from keeping their own arms..."
-Samuel Adams
"The Constitution of most of our states (and of the United States) assert that all power is inherent in the people; that they may exercise it by themselves; that it is their right and duty to be at all times armed and that they are entitled to freedom of person, freedom of religion, freedom of property, and freedom of press."
-Thomas Jefferson
"And what country can preserve its liberties, if its rulers are not warned from time to time that this people preserve the spirit of resistance? Let them take arms
-Thomas Jefferson
"No free man shall ever be debarred the use of arms. The strongest reason for people to retain their right to keep and bear arms is as a last resort to protect themselves against tyrrany in government,"
-Thomas Jefferson
"The great object is that every man be armed. Everyone who is able may have a gun,"
-Patrick Henry
"To preserve liberty, it is essential that the whole body of people always possess arms
-Richard Henry Lee
"The best we can hope for concerning the people at large is that they be properly armed,"
-Alexander Hamilton
"False is the idea of utility that sacrifices a thousand real advantages for one imaginary or trifling inconvenience; that would take fire from men because it burns, and water because one may drown in it; that has no remedy for evils except destruction. The laws that forbid the carrying of arms are laws of such a nature. They disarm only those who are neither inclined nor determined to commit crime."
-Cesare Beccaria, quoted by Thomas Jefferson
"Both the oligarch and Tyrant mistrust the people, and therefore deprive them of arms."
-Aristotle
"Amendment. II. A well regulated Militia, being necessary to the security of a free State, the right of the people to keep and bear Arms, shall not be infringed. "
--The Consitution of the United States of America
________________________________________
Napster-to-go says "Fill and refill your compatible MP3 player", which is a lie. It's not MP3. It's WMA with DRM.
The students sign an agreement to live in the dorms. Part of this agreement opens them up to the IT group's "raids." Abuse your bandwidth by running a porn/warez site and you'll get a knock on the door in the morning, a Polaroid taken of your sleepy self, and you'll have to surrender your stuff.
The IT guys also have their systems set up to page them when spammers abuse the open ethernet ports in the library. Once they spot a spammer's MAC address on the network, they get a page telling them what floor and what port to go grab the guy on. Cool.
Sorry, kiddo, as I responded to an earlier Kahuna fan, "something like that story" did in fact happen to someone I'm very close to and knocked a good deal of maturity into me. My attitude is also informed by my study of signal detection theory (understanding type I and Type II errors and how they are linked is sort of enlightening in dealing with multiple fields, including law) and my growing appriciation for acceptance of ambiguity.
I'm sorry if you find my attitude arrogent. I can't expect to communicate with people if my attitude turns them off of my message. Of course if my message is sent out into a pit of libertarian raving like /. has turned into, its hard to judge if my attitude is actualy at fault or not.
What I can't figure out is why, with the mouth foaming negitive responses I seem to be getting, I can't get moderated down to save my life these days.
-Kahuna Burger
...will work for Chick tracts...
Sir, you are incorrect. Please refer to what is commonly known as the 'plain view doctrine'. A perfect example is Ivatury v. Texas, 792 S.W.2d 845 (Ct. App. 1990). If, while conducting a legal search, evidence of another crime is found, such evidence may be seized.
-jerdenn
Why is it "entirely obvious he didn't do anything wrong", because he wrote a little story and posted it to slashdot?
Open Source. Closed Minds. We are Slashdot.
Wow, and I thought I had it bad. I was involved in a very similar incident. After hearing about telnetting directly into an smtp server for the first time, I pulled the total idiot and decided to telnet, from my personal non-roaming computer, into my school's smtp server and send a few friends some gag emails.
Turns out one of the sysadmins (who here at Harvard are actually pretty smart) didn't like my behavior, so he had me Ad Boarded (school judiciary board). I tried to tell them I hadn't done anything wrong, I was just pulling a gag, but they insisted that I was trying to snoop around the system. One administrator on the board tried to suspend me, but the single computer expert on the board said that would be ridiculous. In the end, all I got was a slap-on-the-wrist letter in my permanent file.
Funny thing is, a month after the incident, I got a letter from the library system asking me if I would be on a student board to evaluate their new web layout. Guess where they heard that I was a computer geek?
Which, I repeat, states "particularly describing the place to be searched, and the persons or things to be seized." There is no latitude there for any "plain view" exemption.
Tom Swiss | the infamous tms | my blog
You cannot wash away blood with blood
He's gonna get (rightly) spanked over copyright violations, too. 99.9% of pr0n is a violation of someone's copyright, not to mention his DivX movies and MP3s.
Open Source. Closed Minds. We are Slashdot.
Here's the text of the actual law that it's based on, 5 U.S.C. 552(a). BTW, the "Federal Register" is a daily publication of the government, available at many libraries.
U.S.C. 552
(a) Each agency shall make available to the public information as follows: (1) Each agency shall separately state and currently publish in the Federal Register for the guidance of the public-- (A) descriptions of its central and field organization and the established places at which, the employees (and in the case of a uniformed service, the members) from whom, and the methods whereby, the public may obtain information, make submittals or requests, or obtain decisions; (B) statements of the general course and method by which its functions are channeled and determined, including the nature and requirements of all formal and informal procedures available; (C) rules of procedure, descriptions of forms available or the places at which forms may be obtained, and instructions as to the scope and contents of all papers, reports, or examinations; (D) substantive rules of general applicability adopted as authorized by law, and statements of general policy or interpretations of general applicability formulated and adopted by the agency; and (E) each amendment, revision, or repeal of the foregoing. Except to the extent that a person has actual and timely notice of the terms thereof, a person may not in any manner be required to resort to, or be adversely affected by, a matter required to be published in the Federal Register and not so published. For the purpose of this paragraph, matter reasonably available to the class of persons affected thereby is deemed published in the Federal Register when incorporated by reference therein with the approval of the Director of the Federal Register. (2) Each agency, in accordance with published rules, shall make available for public inspection and copying-- (A) final opinions, including concurring and dissenting opinions, as well as orders, made in the adjudication of cases; (B) those statements of policy and interpretations which have been adopted by the agency and are not published in the Federal Register; (C) administrative staff manuals and instructions to staff that affect a member of the public; (D) copies of all records, regardless of form or format, which have been released to any person under paragraph (3) and which, because of the nature of their subject matter, the agency determines have become or are likely to become the subject of subsequent requests for substantially the same records; and (E) a general index of the records referred to under subparagraph (D); unless the materials are promptly published and copies offered for sale. For records created on or after November 1, 1996, within one year after such date, each agency shall make such records available, including by computer telecommunications or, if computer telecommunications means have not been established by the agency, by other electronic means. To the extent required to prevent a clearly unwarranted invasion of personal privacy, an agency may delete identifying details when it makes available or publishes an opinion, statement of policy, interpretation, staff manual, instruction, or copies of records referred to in subparagraph (D). However, in each case the justification for the deletion shall be explained fully in writing, and the extent of such deletion shall be indicated on the portion of the record which is made available or published, unless including that indication would harm an interest protected by the exemption in subsection (b) under which the deletion is made. If technically feasible, the extent of the deletion shall be indicated at the place in the record where the deletion was made. Each agency shall also maintain and make available for public inspection and copying current indexes providing identifying information for the public as to any matter issued, adopted, or promulgated after July 4, 1967, and required by this paragraph to be made available or published. Each agency shall promptly publish, quarterly or more frequently, and distribute (by sale or otherwise) copies of each index or supplements thereto unless it determines by order published in the Federal Register that the publication would be unnecessary and impracticable, in which case the agency shall nonetheless provide copies of such index on request at a cost not to exceed the direct cost of duplication. Each agency shall make the index referred to in subparagraph (E) available by computer telecommunications by December 31, 1999. A final order, opinion, statement of policy, interpretation, or staff manual or instruction that affects a member of the public may be relied on, used, or cited as precedent by an agency against a party other than an agency only if-- (i) it has been indexed and either made available or published as provided by this paragraph; or (ii) the party has actual and timely notice of the terms thereof. (3)(A) Except with respect to the records made available under paragraphs (1) and (2) of this subsection, each agency, upon any request for records which (i) reasonably describes such records and (ii) is made in accordance with published rules stating the time, place, fees (if any), and procedures to be followed, shall make the records promptly available to any person. (B) In making any record available to a person under this paragraph, an agency shall provide the record in any form or format requested by the person if the record is readily reproducible by the agency in that form or format. Each agency shall make reasonable efforts to maintain its records in forms or formats that are reproducible for purposes of this section. (C) In responding under this paragraph to a request for records, an agency shall make reasonable efforts to search for the records in electronic form or format, except when such efforts would significantly interfere with the operation of the agency's automated information system. (D) For purposes of this paragraph, the term "search" means to review, manually or by automated means, agency records for the purpose of locating those records which are responsive to a request. (4)(A)(i) In order to carry out the provisions of this section, each agency shall promulgate regulations, pursuant to notice and receipt of public comment, specifying the schedule of fees applicable to the processing of requests under this section and establishing procedures and guidelines for determining when such fees should be waived or reduced. Such schedule shall conform to the guidelines which shall be promulgated, pursuant to notice and receipt of public comment, by the Director of the Office of Management and Budget and which shall provide for a uniform schedule of fees for all agencies. (ii) Such agency regulations shall provide that-- (I) fees shall be limited to reasonable standard charges for document search, duplication, and review, when records are requested for commercial use; (II) fees shall be limited to reasonable standard charges for document duplication when records are not sought for commercial use and the request is made by an educational or noncommercial scientific institution, whose purpose is scholarly or scientific research; or a representative of the news media; and (III) for any request not described in (I) or (II), fees shall be limited to reasonable standard charges for document search and duplication. (iii) Documents shall be furnished without any charge or at a charge reduced below the fees established under clause (ii) if disclosure of the information is in the public interest because it is likely to contribute significantly to public understanding of the operations or activities of the government and is not primarily in the commercial interest of the requester. (iv) Fee schedules shall provide for the recovery of only the direct costs of search, duplication, or review. Review costs shall include only the direct costs incurred during the initial examination of a document for the purposes of determining whether the documents must be disclosed under this section and for the purposes of withholding any portions exempt from disclosure under this section. Review costs may not include any costs incurred in resolving issues of law or policy that may be raised in the course of processing a request under this section. No fee may be charged by any agency under this section-- (I) if the costs of routine collection and processing of the fee are likely to equal or exceed the amount of the fee; or (II) for any request described in clause (ii)(II) or (III) of this subparagraph for the first two hours of search time or for the first one hundred pages of duplication. (v) No agency may require advance payment of any fee unless the requester has previously failed to pay fees in a timely fashion, or the agency has determined that the fee will exceed $250. (vi) Nothing in this subparagraph shall supersede fees chargeable under a statute specifically providing for setting the level of fees for particular types of records. (vii) In any action by a requester regarding the waiver of fees under this section, the court shall determine the matter de novo: Provided, That the court's review of the matter shall be limited to the record before the agency. (B) On complaint, the district court of the United States in the district in which the complainant resides, or has his principal place of business, or in which the agency records are situated, or in the District of Columbia, has jurisdiction to enjoin the agency from withholding agency records and to order the production of any agency records improperly withheld from the complainant. In such a case the court shall determine the matter de novo, and may examine the contents of such agency records in camera to determine whether such records or any part thereof shall be withheld under any of the exemptions set forth in subsection (b) of this section, and the burden is on the agency to sustain its action. In addition to any other matters to which a court accords substantial weight, a court shall accord substantial weight to an affidavit of an agency concerning the agency's determination as to technical feasibility under paragraph (2)(C) and subsection (b) and reproducibility under paragraph (3)(B). (C) Notwithstanding any other provision of law, the defendant shall serve an answer or otherwise plead to any complaint made under this subsection within thirty days after service upon the defendant of the pleading in which such complaint is made, unless the court otherwise directs for good cause shown. [(D) Repealed. Pub.L. 98-620, Title IV, 402(2), Nov. 8, 1984, 98 Stat. 3357] (E) The court may assess against the United States reasonable attorney fees and other litigation costs reasonably incurred in any case under this section in which the complainant has substantially prevailed. (F) Whenever the court orders the production of any agency records improperly withheld from the complainant and assesses against the United States reasonable attorney fees and other litigation costs, and the court additionally issues a written finding that the circumstances surrounding the withholding raise questions whether agency personnel acted arbitrarily or capriciously with respect to the withholding, the Special Counsel shall promptly initiate a proceeding to determine whether disciplinary action is warranted against the officer or employee who was primarily responsible for the withholding. The Special Counsel, after investigation and consideration of the evidence submitted, shall submit his findings and recommendations to the administrative authority of the agency concerned and shall send copies of the findings and recommendations to the officer or employee or his representative. The administrative authority shall take the corrective action that the Special Counsel recommends. (G) In the event of noncompliance with the order of the court, the district court may punish for contempt the responsible employee, and in the case of a uniformed service, the responsible member. (5) Each agency having more than one member shall maintain and make available for public inspection a record of the final votes of each member in every agency proceeding. (6)(A) Each agency, upon any request for records made under paragraph (1), (2), or (3) of this subsection, shall-- (i) determine within 20 days (excepting Saturdays, Sundays, and legal public holidays) after the receipt of any such request whether to comply with such request and shall immediately notify the person making such request of such determination and the reasons therefor, and of the right of such person to appeal to the head of the agency any adverse determination; and (ii) make a determination with respect to any appeal within twenty days (excepting Saturdays, Sundays, and legal public holidays) after the receipt of such appeal. If on appeal the denial of the request for records is in whole or in part upheld, the agency shall notify the person making such request of the provisions for judicial review of that determination under paragraph (4) of this subsection. (B)(i) In unusual circumstances as specified in this subparagraph, the time limits prescribed in either clause (i) or clause (ii) of subparagraph (A) may be extended by written notice to the person making such request setting forth the unusual circumstances for such extension and the date on which a determination is expected to be dispatched. No such notice shall specify a date that would result in an extension for more than ten working days, except as provided in clause (ii) of this subparagraph. (ii) With respect to a request for which a written notice under clause (i) extends the time limits prescribed under clause (i) of subparagraph (A), the agency shall notify the person making the request if the request cannot be processed within the time limit specified in that clause and shall provide the person an opportunity to limit the scope of the request so that it may be processed within that time limit or an opportunity to arrange with the agency an alternative time frame for processing the request or a modified request. Refusal by the person to reasonably modify the request or arrange such an alternative time frame shall be considered as a factor in determining whether exceptional circumstances exist for purposes of subparagraph (C). (iii) As used in this subparagraph, "unusual circumstances" means, but only to the extent reasonably necessary to the proper processing of the particular requests-- (I) the need to search for and collect the requested records from field facilities or other establishments that are separate from the office processing the request; (II) the need to search for, collect, and appropriately examine a voluminous amount of separate and distinct records which are demanded in a single request; or (III) the need for consultation, which shall be conducted with all practicable speed, with another agency having a substantial interest in the determination of the request or among two or more components of the agency having substantial subject-matter interest therein. (iv) Each agency may promulgate regulations, pursuant to notice and receipt of public comment, providing for the aggregation of certain requests by the same requestor, or by a group of requestors acting in concert, if the agency reasonably believes that such requests actually constitute a single request, which would otherwise satisfy the unusual circumstances specified in this subparagraph, and the requests involve clearly related matters. Multiple requests involving unrelated matters shall not be aggregated. (C)(i) Any person making a request to any agency for records under paragraph (1), (2), or (3) of this subsection shall be deemed to have exhausted his administrative remedies with respect to such request if the agency fails to comply with the applicable time limit provisions of this paragraph. If the Government can show exceptional circumstances exist and that the agency is exercising due diligence in responding to the request, the court may retain jurisdiction and allow the agency additional time to complete its review of the records. Upon any determination by an agency to comply with a request for records, the records shall be made promptly available to such person making such request. Any notification of denial of any request for records under this subsection shall set forth the names and titles or positions of each person responsible for the denial of such request. (ii) For purposes of this subparagraph, the term "exceptional circumstances" does not include a delay that results from a predictable agency workload of requests under this section, unless the agency demonstrates reasonable progress in reducing its backlog of pending requests. (iii) Refusal by a person to reasonably modify the scope of a request or arrange an alternative time frame for processing a request (or a modified request) under clause (ii) after being given an opportunity to do so by the agency to whom the person made the request shall be considered as a factor in determining whether exceptional circumstances exist for purposes of this subparagraph. (D)(i) Each agency may promulgate regulations, pursuant to notice and receipt of public comment, providing for multitrack processing of requests for records based on the amount of work or time (or both) involved in processing requests. (ii) Regulations under this subparagraph may provide a person making a request that does not qualify for the fastest multitrack processing an opportunity to limit the scope of the request in order to qualify for faster processing. (iii) This subparagraph shall not be considered to affect the requirement under subparagraph (C) to exercise due diligence. (E)(i) Each agency shall promulgate regulations, pursuant to notice and receipt of public comment, providing for expedited processing of requests for records-- (I) in cases in which the person requesting the records demonstrates a compelling need; and (II) in other cases determined by the agency. (ii) Notwithstanding clause (i), regulations under this subparagraph must ensure-- (I) that a determination of whether to provide expedited processing shall be made, and notice of the determination shall be provided to the person making the request, within 10 days after the date of the request; and (II) expeditious consideration of administrative appeals of such determinations of whether to provide expedited processing. (iii) An agency shall process as soon as practicable any request for records to which the agency has granted expedited processing under this subparagraph. Agency action to deny or affirm denial of a request for expedited processing pursuant to this subparagraph, and failure by an agency to respond in a timely manner to such a request shall be subject to judicial review under paragraph (4), except that the judicial review shall be based on the record before the agency at the time of the determination. (iv) A district court of the United States shall not have jurisdiction to review an agency denial of expedited processing of a request for records after the agency has provided a complete response to the request. (v) For purposes of this subparagraph, the term "compelling need" means-- (I) that a failure to obtain requested records on an expedited basis under this paragraph could reasonably be expected to pose an imminent threat to the life or physical safety of an individual; or (II) with respect to a request made by a person primarily engaged in disseminating information, urgency to inform the public concerning actual or alleged Federal Government activity. (vi) A demonstration of a compelling need by a person making a request for expedited processing shall be made by a statement certified by such person to be true and correct to the best of such person's knowledge and belief. (F) In denying a request for records, in whole or in part, an agency shall make a reasonable effort to estimate the volume of any requested matter the provision of which is denied, and shall provide any such estimate to the person making the request, unless providing such estimate would harm an interest protected by the exemption in subsection (b) pursuant to which the denial is made. (b) This section does not apply to matters that are-- (1) (A) specifically authorized under criteria established by an Executive order to be kept secret in the interest of national defense or foreign policy and (B) are in fact properly classified pursuant to such Executive order; (2) related solely to the internal personnel rules and practices of an agency; (3) specifically exempted from disclosure by statute (other than section 552b of this title), provided that such statute (A) requires that the matters be withheld from the public in such a manner as to leave no discretion on the issue, or (B) establishes particular criteria for withholding or refers to particular types of matters to be withheld; (4) trade secrets and commercial or financial information obtained from a person and privileged or confidential; (5) inter-agency or intra-agency memorandums or letters which would not be available by law to a party other than an agency in litigation with the agency; (6) personnel and medical files and similar files the disclosure of which would constitute a clearly unwarranted invasion of personal privacy; (7) records or information compiled for law enforcement purposes, but only to the extent that the production of such law enforcement records or information (A) could reasonably be expected to interfere with enforcement proceedings, (B) would deprive a person of a right to a fair trial or an impartial adjudication, (C) could reasonably be expected to constitute an unwarranted invasion of personal privacy, (D) could reasonably be expected to disclose the identity of a confidential source, including a State, local, or foreign agency or authority or any private institution which furnished information on a confidential basis, and, in the case of a record or information compiled by criminal law enforcement authority in the course of a criminal investigation or by an agency conducting a lawful national security intelligence investigation, information furnished by a confidential source, (E) would disclose techniques and procedures for law enforcement investigations or prosecutions, or would disclose guidelines for law enforcement investigations or prosecutions if such disclosure could reasonably be expected to risk circumvention of the law, or (F) could reasonably be expected to endanger the life or physical safety of any individual; (8) contained in or related to examination, operating, or condition reports prepared by, on behalf of, or for the use of an agency responsible for the regulation or supervision of financial institutions; or (9) geological and geophysical information and data, including maps, concerning wells. Any reasonably segregable portion of a record shall be provided to any person requesting such record after deletion of the portions which are exempt under this subsection. The amount of information deleted shall be indicated on the released portion of the record, unless including that indication would harm an interest protected by the exemption in this subsection under which the deletion is made. If technically feasible, the amount of the information shall be indicated at the place in the record where such deletion is made. (c)(1) Whenever a request is made which involves access to records described in subsection (b)(7)(A) and-- (A) the investigation or proceeding involves a possible violation of criminal law; and (B) there is reason to believe that (i) the subject of the investigation or proceeding is not aware of its pendency, and (ii) disclosure of the existence of the records could reasonably be expected to interfere with enforcement proceedings, the agency may, during only such time as that circumstance continues, treat the records as not subject to the requirements of this section. (2) Whenever informant records maintained by a criminal law enforcement agency under an informant's name or personal identifier are requested by a third party according to the informant's name or personal identifier, the agency may treat the records as not subject to the requirements of this section unless the informant's status as an informant has been officially confirmed. (3) Whenever a request is made which involves access to records maintained by the Federal Bureau of Investigation pertaining to foreign intelligence or counterintelligence, or international terrorism, and the existence of the records is classified information as provided in subsection (b)(1), the Bureau may, as long as the existence of the records remains classified information, treat the records as not subject to the requirements of this section. (d) This section does not authorize withholding of information or limit the availability of records to the public, except as specifically stated in this section. This section is not authority to withhold information from Congress. (e)(1) On or before February 1 of each year, each agency shall submit to the Attorney General of the United States a report which shall cover the preceding fiscal year and which shall include-- (A) the number of determinations made by the agency not to comply with requests for records made to such agency under subsection (a) and the reasons for each such determination; (B)(i) the number of appeals made by persons under subsection (a)(6), the result of such appeals, and the reason for the action upon each appeal that results in a denial of information; and (ii) a complete list of all statutes that the agency relies upon to authorize the agency to withhold information under subsection (b)(3), a description of whether a court has upheld the decision of the agency to withhold information under each such statute, and a concise description of the scope of any information withheld; (C) the number of requests for records pending before the agency as of September 30 of the preceding year, and the median number of days that such requests had been pending before the agency as of that date; (D) the number of requests for records received by the agency and the number of requests which the agency processed; (E) the median number of days taken by the agency to process different types of requests; (F) the total amount of fees collected by the agency for processing requests; and (G) the number of full-time staff of the agency devoted to processing requests for records under this section, and the total amount expended by the agency for processing such requests. (2) Each agency shall make each such report available to the public including by computer telecommunications, or if computer telecommunications means have not been established by the agency, by other electronic means. (3) The Attorney General of the United States shall make each report which has been made available by electronic means available at a single electronic access point. The Attorney General of the United States shall notify the Chairman and ranking minority member of the Committee on Government Reform and Oversight of the House of Representatives and the Chairman and ranking minority member of the Committees on Governmental Affairs and the Judiciary of the Senate, no later than April 1 of the year in which each such report is issued, that such reports are available by electronic means. (4) The Attorney General of the United States, in consultation with the Director of the Office of Management and Budget, shall develop reporting and performance guidelines in connection with reports required by this subsection by October 1, 1997, and may establish additional requirements for such reports as the Attorney General determines may be useful. (5) The Attorney General of the United States shall submit an annual report on or before April 1 of each calendar year which shall include for the prior calendar year a listing of the number of cases arising under this section, the exemption involved in each case, the disposition of such case, and the cost, fees, and penalties assessed under subparagraphs (E), (F), and (G) of subsection (a)(4). Such report shall also include a description of the efforts undertaken by the Department of Justice to encourage agency compliance with this section. (f) For purposes of this section, the term-- (1) "agency" as defined in section 551(1) of this title includes any executive department, military department, Government corporation, Government controlled corporation, or other establishment in the executive branch of the Government (including the Executive Office of the President), or any independent regulatory agency; and (2) "record" and any other term used in this section in reference to information includes any information that would be an agency record subject to the requirements of this section when maintained by an agency in any format, including an electronic format. (g) The head of each agency shall prepare and make publicly available upon request, reference material or a guide for requesting records or information from the agency, subject to the exemptions in subsection (b), including-- (1) an index of all major information systems of the agency; (2) a description of major information and record locator systems maintained by the agency; and (3) a handbook for obtaining various types and categories of public information from the agency pursuant to chapter 35 of title 44, and under this section.
I am not a lawyer.
Enjoy
ASCII tastes bad dude.
Binary it is then.
My next door neighbour wants to be a mechanic. Am I gonna be pissed if I come home and see he's decided to pop my bonnet and have a poke without asking?
Open Source. Closed Minds. We are Slashdot.
It's not the same thing. The UK law refers to somone withholding an alibi or other information which may get them off until court, or charge, so they can then claim wrongful arrest or unlawful imprisonment etc.
Open Source. Closed Minds. We are Slashdot.
It may be up to you to file a claim for the return of the property, and short deadlines may be involved. Definitely talk to a lawyer soon.
Umm. I'm entirely correct.
The company in question was incorporate in the US, and, though the FBI has no *jurisdiction* here, they certainly have the ability to work in cooperation with the RCMP.
Of *course* the legal power to do the raid came from the RCMP. That goes without saying. It was an RCMP warrant. The fact is, the FBI was involved, as it was a joint us/canada investigation.
The real point of the comment, though, was about how they dealt with the company's data, not who was involved.
One cannot (yet) be arrested for posessing a computer.
I'm very well informed. I spent 25 years in BC.
It also involved the RCPM & Vancouver City cops.
the supreme court has ruled, for instance, that if officers have a warrant to search your house for guns and they find drugs, they can bring you up on drug charges (or vice versa).
In fact, in the Bowers case in Georgia, officers had a out of date warrant to search Bowers' house (for drugs, I think). They didn't find any drugs, but when they entered the house they found him with another man and prosecuted him on sodomy charges. Bowers appealed, trying to get the evidence thrown out; but the Supreme Court upheld the ruling.
The simple truth is the government is big and strong - you are not - so you lose. The government gets away with a lot of things it is not supposed to do; the Constitution forbids involuntary servitude - but that never stopped them from drafting people.
*shrug* I agree about the 'make sure there's no obvious kiddie porn' thing. That's wrong.
However.. there is such thing as 'plain sight'. I forget the exact terms, and it probably varies from jurisdictuion to jurisdiction.
If they were searching for one thing, and there is a bag of pot laying on the table in plain sight, they *can* sieze it and *can* charge you for it. Same goes for kiddie porn. If he's searching CD's for evidence, ie "Logs" or something, and he sees 'Kiddie Porn III", he *can* sieze it, and investigate.
There should also be a rule about infringing on the normal everyday life of the suspect.
What they should do is.. take the original hard drive, make a copy, and return the computer + copy to dilinger for his use, while they inspect the original drive, if it matters so much to them.
This is true. This is also why you will often see warrants with phrases such as (1) Glock 19 pistol, and parts thereof.
This way, not only can the officer search in a desk drawer and find the revolver there, but they may also search your wife's jewelry case for the spring assembly. If they happen to find your stash of pot there, it is called the 'plain view doctrine', and they may seize the evidence and use it against you. This is well tried case law.-jerdenn
Was he foolish to go poke around? Probably so. Lesson learned, the hard way. But he went there well AFTER the fact. He committed no crime and there was nothing indicating that he was involved in the original crack. So what reason was there to confiscate his equipment? I could see somebody coming by and asking him some questions, perhaps.
The other question I have is, why was the FBI involved in the first place? This was an act of vandalism. No real damage done. No list of credit card numbers comprimised. No trade secrets or source code endangered. Just a sports web page defaced. Fire the system administrator if it was a known security hole or sloppy set up, and tighten up your site security. Aren't there enough real crimes out there to keep the FBI busy?
"The legitimate powers of government extend only to such acts as are injurious to others." Thomas Jefferson.
If you ever find yourself in this situation, you're definitely best off getting a lawyer immediately, and you may want to try to get some legal assistance, possibly just a contact for your lawyer to talk to, at some place like EFF, if you're in this sort of situation.
I think it's appropriate to mention that if you are in a job where you feel at all vulnerable, then legal insurance is a must. I work for one of the U.S. National Laboratories, and most of my colleagues here and I have at least one form of legal insurance. (The inexpensive legal insurance available through the lab doesn't cover "on the job" occurrances that can land oneself in jail). After the Wen Ho Lee (who now faces many millions of dollars in legal fees) and the infamous Los Alamos hard drive incidents (where many employees have had to take out second mortgages on their houses to cover their attorney retainers), prudence suggests that the thirty bucks a month you'd spend on cable tv might be better spent on legal protection.
Don't say I didn't warn you.
I have always wondered why breaking into cars is considered a crime. It seems to me that if I put a car on the road which isn't 100% theft proof, I am liable if it gets broken into. BFD. If someone is smarter than me and figures out a way to open my door, good for them, I am stupid...
Open Source. Closed Minds. We are Slashdot.
Wouldn't the computer case work like a faraday cage and sheild the hard-drive?
Thanks, I do understand the difference between signal and noise. Applying simple technical understanding to complex societal phenomena is a mistake I made many years ago - and one from which I learned. In order to understand why people behave in the ways that they do you have to understand the ways in which they think.
For example: it is obvious to me that you think in a simplistic, primitive, Aristotelian, the world is black and white fashion. As such your thought patterns do not match the far more complex Yin and Yang nature of reality.
Evidence of arrogance on your part: your condescending use of the word 'kiddo' indicates a contemptuous attitude toward anyone who is not 'sophisticated' enough to agree with you. More evidence: the use of the phrase 'Kahuna fan' to contemptuously describe someone who disagrees with you. By using this phrase you are evidently seeing yourself in the position of famous performer - addressing those 'beneath' you in the social structure. You evidently believe that anyone who disagrees with you does so only from ignorance. It never occurs to you that you have only taken the second step along a multiple step journey to understanding. I have been where you are. I have discovered the errors in those thought patterns and moved on to a better level of understanding.
Your message is not very profound. It is: the world is exactly what it appears to be; no interpretation of what happens is ever necessary.
For example: Let's look at your shit happens perspective in the original post which prompted my reply. If a lightning bolt strikes you, that is an example of shit happens . If you are walking along and you sprain your ankle because the earth beneath you feet gives away due to a naturally occurring weakness in its structure that is shit happens. If the police confiscate your computers that is an example of a deliberate human action against you; it is not 'shit happens'. The distinguishing factor is not 'bad things happening to you', but rather whether those bad things are random or deliberate. Your failure to make this distinction indicates a lack of clear thought and understanding on your part.
Your posts are moderated up because they appeal to people who are proud of having taken the first (big) step toward understanding and who now believe that they know how the world works. Let me suggest that you try pulling your pompous head out of your arrogant ass and look around more carefully; there is more yet for you to learn.
Face facts, they'd catch you on a legality if you did, that, you'd be hung. You just wouldn't get away with it.
So as long as you're goin' down, why not use the data-destruction method that truly works - a big f*ckin BOMB! Like, you remember, somewhere in Gibson, in this "employee-extraction" thing the computer guy has a lump of plastique stuck on top of his box, with a happyface smile and eyes pushed into it - if the deal gets blown the plastique eradicates all the evidence together with whoever's in the bunker - "and they're getting paid for it too". Bomb goes off, of course - never bring a prop on stage unless you use it - but in the end the bad blond guy who pushed the button, this hacker girl who was the blownup tech's partner, she fires an artillery shell right into Blondie's apartment...
Bombs away! WDK - WKiernan@concentric.net
Apparently we have a disagreement about how important they were.
For example: it is obvious to me that you think in a simplistic, primitive, Aristotelian, the world is black and white fashion. As such your thought patterns do not match the far more complex Yin and Yang nature of reality.
hmmm.... and here I, actually having access to accurate information about how I think, was thinking that my responses were based on my growing appriciation of the ambiguity of the real world, and an annoyance at the orriginal poster who seemed to conclude that if he didn't do anything wrong but still suffered, that it must be the result of evil, malevolence or a fundemental flaw in the system. Now, why would pointing out that a system, running as well as we can run it can still make mistakes, be a result of a black/white worldview.
Evidence of arrogance on your part: your condescending use of the word 'kiddo' indicates a contemptuous attitude toward anyone who is not 'sophisticated' enough to agree with you.
Actually, it was aimed straight at a person who was arrogent enough to believe that he could assume knowlege of what I had or had not been through in my life by whether or not my end conclusions matched up with his. It is not your disagreement with me that is causing my (admittedly not polite) responses, it is the level of disgust I have built up towards people who presume to tell me what I think, how I think, what I have seen, what I have expereinced, because in their black and white world, no one could have the same amount of expereince, the same level of intelligence, and the same willingness to look at things objectively and yet come to a different conclusion than they have.
I don't know anything about you. I don't know if your comments here actually reflect your actions in the real world, or if you go into an "ultra-ideological" mode on line, as some do. I don't know who you plan on voting for, I don't even know if you live in america. I don't know if you have spent years in prison for a crime you never committed, got away with a crime someone else served time for or have never even gotten stopped for a traffic ticket. All I know, is that on the basis of a few comments thrown out into a specfic part of the net to clear my brain between bouts of writing an article on pet photographers, you have presumed to know my worldveiw, my personal expereince with injustice, my stage of philosophical maturity, and my own assumptions about how much I know or have yet to learn. And on the basis of what I do know about you, I don't like you much.
Your posts are moderated up because they appeal to people who are proud of having taken the first (big) step toward understanding and who now believe that they know how the world works. Let me suggest that you try pulling your pompous head out of your arrogant ass and look around more carefully; there is more yet for you to learn.
Maybe I get moderated up because even in my most flamish moments (which this isn't one of, but my previous response to you was) I don't use phrases like "pompous head out of your arrogent ass". Just a thought.
Actually the usual reason I get moderated is that around here, my attitudes are a bit contrarian, and people find it interesting and insightful when someone challenges their assumptions without using obscinities, insults or lables. I know I do, and I wish more people arround here could do the same for me. Instead, its a pretty sad statement about the level of discussion here that your post "arrogent ass" and all, is one of the more polite disagreements I have recieved.
Kahuna Burger
...will work for Chick tracts...
I doubt this post will get much attention since the article is already at least a day old, but how much of this is in public record? The search warrant itself must have a judge's name on it, and the guy had to sign the warrant and get his own copy of it. Can he contact the judge's office and get additional information on why the warrant was granted?
Even if this type of request has to wait until the investigation is over, I would still be very interested in the information law enforcement provided to the judge to make him/her agree that the search warrant was necessary. I think, with that information, we will either know some true/additional reasons behind this, or we will know that something in our legal/judicial system needs to be addressed.
Here's a desciption of my little science project: At first, I figured I could take a small dime-store magnet and pass it within few inches of a VHS tape, and it would wreak total havoc. Nope. Nothing happened. There was no noticeable degradation of the video signal at all. So, I went to Radio Shack and asked for some bigger magnets. I discovered that a device existed for just what I wanted -- a high capacity bulk eraser. This was a small hand-held device that contained a monster electromagnet and was powered by plugging it directly into 120V wall socket. Apparently it didn't even bother converting the power to DC, since it had a very loud 60Hz hum when turned on. To give you an idea just how powerful this sucker was, I was able to place a set of keys on the floor, then hold the bulk eraser in the air about 6 inches above it, when I turned it on the keys would jump up and stick to the magnet (rattling very loudly with that same 60Hz hum I mentioned).
So I bought one of these erasers and took it home to try it out. The instructions said that in order to truly erase information stored on magnetic media (that is, sufficiently randomize the data so that the media became indistinguishable from blank, unrecorded media), you needed a decaying magnetic field. To produce this using the bulk eraser, one had to start with the eraser right up against the media to be erased, then while moving the eraser in circles, slowly pull back to a distance of a few feet. So I decided to try this using the videotape. When I turned on the eraser, the tape actually stuck to the damn thing, it was so powerful. Wow. What little metal there was inside the VHS tape was still enough to actually lift it off the table when it was within reach of the bulk eraser's uber-magnet. I figured the tape must have been erased instantly, so I didn't even bother with the decaying field bit -- I just turned off the eraser and popped the tape in the player expecting to see static. To my suprise, the test pattern I had recorded was virtually unscathed! There was just a little bit of signal degradation visible, and that was it!
Turns out, the instructions for the bulk eraser weren't kidding. In order to erase a VHS tape I had to very slowly pull back from the tape while moving it in circles, starting with the magnet right up against the cassette's outer shell and taking a good 30 seconds to a mintue to pull the eraser back away from it while going around in circles. Even when I did this as carefully as I could, I found that although the tape was reduced to mostly static, there was still a little bit of signal left behind on the tape -- enough, in fact, to tell what was once on it. No matter how much I tried, I was never able to completely erase a VHS tape, even with an extremely powerful electromagnet at close range. I also found that if I put the tape inside small lockbox so that I could only get within few inches of it, the eraser was pretty much useless, even when I pressed it right up against the outside of the lockbox's surface. Just a couple of inches of distance were enough to prevent erasure from one of the most powerful magnets I'd ever seen. The conclusion I reached from this project was that magnetic media is actually quite durable, and that all you need to protect it is to just keep people from getting to close to it.
If you were to install something in a doorway with the intention of erasing a computer's hard drive as it passed through, the magnets would have to be so powerful that they would yank people's keys out of their pockets. The FBI goons would probably be able to feel their firearms being tugged on, which might make them a wee bit suspicious. And even with extremely powerful magnets, you still would have a hard time creating the "decaying" field effect necessary to sufficiently randomize the data.
Now, I know what some people reading this are going to think. A VHS tape is a very different beast from one of today's high-capacity hard disks. For one thing, a hard disk has its information stored digitally, meaning it's an all-or-nothing situation. The data doesn't get degraded, it just becomes unreadable. Also, if any of the filesystem's metadata gets erased, it will also render the disk unreadable. Finally, information on hard disks is recorded at much higher density than the VHS tapes I was experimenting with, so they are much more sensitive to erasure my magnetic fields. Well, all of those points are valid, and yes, it probably would take a little less to erase a HD than a VHS tape, but even damaged or partially erased disks can be read by data recovery facitilties, which have clean room equipment and can go through and scan disks at the lowest possible level. To prevent the Feds from getting any data off your disks, you would have to make absolutely sure that the magnetic media were totally randomized, and that would take some pretty elaborate and specific conditions. I just don't think it would be practical to set up a doorway device that could erase a disk that passed through it.
One other bit of anecdotal evidence: I've got an iMac sitting on my desk at work, and it performs a monitor degaussing every time I wake up the display. The degaussing coils are so powerful they produce distortion in a 17-inch monitor sitting about two feet away. Now consider that the iMac's hard drive is inside the same case as those degaussing coils. In fact, it's just a few inches away from them. Yet it remains intact through all those magnetic disturbances.
I think a much better scheme would be to have a "kill switch" on your machine. Put a small battery-operated circuit board inside your computer that is capable of powering up the hard disk and sending it low-level format commands. Make it remote controlled. Then, using your remote control, activate it as the feds are taking your machine out the door. The hard drive would be erased by the time they got to it back to their offices.
Free Hans!
Now, why would pointing out that a system, running as well as we can run it can still make mistakes, be a result of a black/white world view?
Answer: because of your automatic unquestioning belief that the system is running as well as we can make it run.
I note once again that you had nothing to say when I pointed out your obvious failure to understand in the 'shit happens' part of your original post.
Question: Is that failure to respond because of an unwillingness to admit that you might be wrong?
People in this forum only have your written words on which to make judgments. Your words represent you and your thought patterns. I pointed out examples of arrogant behavior in those words. You respond that it is arrogant of me to presume to do so. That is not arrogant behavior on my part: I could be wrong in what I had to say, but it is not arrogance to make those statements. Your response appears to be a variation of the childish: "I know you are, but what am I?"
If you are unable to understand why people give you - angry - impolite - responses, then I will ask you: Has it ever occurred to you that there might be something wrong with the way that you present your views; that perhaps you do come off as arrogant and condescending? In my experience people are unlikely to call someone a "Pompous arrogant ass" unless they have reason to do so.
If you are experiencing a "growing appriciation of the ambiguity of the real world," I offer you my applause: that is an important step. The next step is an understanding of why that ambiguity must be there and an appreciation of what that knowledge implies about existence. I suspect that once you reach that stage - if you ever do - your views of the world will change.
Posters will have to take that up with Google, if they have a problem with it. It's nothing to do with me.
Your 'contract' is invalid because it is factually incorrect.
How so?
Besides which, what's your point? It's posted to a public forum and now it's in the publc domain.
So, I can go to Salon and take any article posted there because it's posted on the web? That's "posted to a public forum" just as much as any K5 comment is. It's text, which is available on the web, and under copyright. If my copyright notice is invalid, then so is theirs. That's absurd, and any lawyer would tell you so.
--
There is no K5 cabal.
There is no K5 cabal.
I am not the real rusty.
(One would think that such plain english would not lend itself to such convoluted interpretations, wouldn't one?)
-jerdenn
Then you are asking the Police Officer to become Officer, Judge, and Jury by selectively enforcing whatever each person considers 'just'. Such selective enforcement is not what our system is build upon. While I am supportive of 'civil disobedience', 'police disobedience' seems to take on a little more sinister connotation for me.
-jerdenn
Read The Hacker Crackdown. Written in 94 about this sort of thing being done to BBS users/operators. An important book for anyone who goes online.
Best Slashdot Co
*give up so quickly*?
Dude, if they also had a warrant for RPI logs, they wouldn't have a choice.
Perhaps I'm just reading this differently, but it seems to me that this guy didn't come in "after the cops had got there". He was on IRC, someone told him that yankees.com had "just been hacked", and he immediately went on over to see what's up. And he then proceeds to start snooping around the site, and 5 minutes later announces how it was accomplished.
It seems to me that he was snooping around where he shouldn't have. I can certainly understand the curiosity factor, and don't really condem him for wanting to find out how it was done. But what you've got to remember is that web sites are big business now. A companies going to get pissed if there's is tampered with, and they certainly won't want you nosing around there as well. Best to let sleeping dogs lie.
Again, you assume that because my belief disagrees with yours that it is "automatic" and "unquestioning". This is the arrogence that I object to. You focus on my arrogence of tone, because of the way I phrase things and your assumptions of why. Do you worry at all about your own arrogence of content?
I note once again that you had nothing to say when I pointed out your obvious failure to understand in the 'shit happens' part of your original post.
"obvious failure of understanding" again because I have not agreed with you. I have nothing to say, because I have spelled out my thoughts on the matter in detail in another post in this thread, and you have said nothing that I regard as needing reply. Not because I am obviously right, but simply because you and I seem to disagree on the issue on a level that isn't worth running my head up against.
Question: Is that failure to respond because of an unwillingness to admit that you might be wrong
I might be wrong. So might you. For whatever reason, you have been largly talking past me rather than to my actual beliefs, so I don't see any value coming of exchange on that topic.
I pointed out examples of arrogant behavior in those words. You respond that it is arrogant of me to presume to do so. That is not arrogant behavior on my part: I could be wrong in what I had to say, but it is not arrogance to make those statements.
No, what I object to is your assumptions about parts of my charecter that you could not have hoped to know from my words. You stated that "if something like that happened" to me is would knock out my pseudo sophistication. This was not a comment on my words, it was an assumption that they were without any expereince or contemplation. It is in fact incredibly arrogent. It is no different than a poster who once commented that my attitudes on staying together for the sake of the children were probably due to my "lack of expereince with these sort of family problems". There was a (completely erroneous) assumption that since I disagreed with him, I must not have any actual knowlege, and that assumption was arrogent, in the same way that your constant assumptions about my expereience or consideration have been arrogent.
In my experience people are unlikely to call someone a "Pompous arrogant ass" unless they have reason to do so.
*laugh* we are both talking about the internet aren't we? The reason to do so is called a flame. It is almost valueless in terms of content, and would only have any real meaning to me if it had been backed up in the more polite terms of the real world by people who weren't flaming me. I could just as well say that in my expereince no one calls someone "kiddo" unless they have been given a reason to be condesending, but you would just blame that exchange on my charecter traits and not your own. I have no more reason to take your flames seriously as comments on my charecter than you do mine, less, because of the overthetop nature of your insults.
Do you think I spent one moment sitting back and thinking "I wonder if I really am a facist?" when several posters flamed me that way? Why should I take your "critiques" any more seriously?
Anyway, I've had enough bouncing for a dead thread, see you around the dot.
-Kahuna Burger
...will work for Chick tracts...
I thought a search warrant was a warrant to search a particular place for particular things.
Seraching 'a dorm room for a computer' is not good enough. Searching for 'logs indicating xxx on a computer in the dorm room' should be fine... but they should in no way be able to sieze it!
To think of one solution, I know a company in BC that was raided by the cops/fbi/irs/ and a few others in a big sting. The admins were cornered (so nobody would erase anyhting) and then, under supervision, were permitted to keep running the system, while the cops had experts take copies of relevant information.
(as an RPI Alum)...
ITS/ACS/CIS/whatever has always been very helpful to the law enforcement types (even Public Safety when they questioned me for...- but that's another story, I digress). In this case, it doesn't seem like ITS had anything to do with it, though... The firewall logs sounds more like the ones from the yankees.com side, not the relatively new dormnet firewall. ITS does not have keys to the rooms - Res-Life (a former RA speaking here) is compelled to comply with any legal warrant... not much they can do, either...
Legal warrents carry a lot of weight at schools - it's not a matter of rolling over easily, as avoiding charges of obstructing justice and the like. Not a fun situation to be in.
tower@CANNED_MEAT_SUBSTANCEalum.rpi.edu
--
"It's tough to be bilingual when you get hit in the head."
Who claimed he was arrested? His computer was seized as evidence on REASONABLE GROUNDS.
Open Source. Closed Minds. We are Slashdot.
Crap. If your house is unlocked, is your TV fair game to me? No.
Open Source. Closed Minds. We are Slashdot.
That's different from "I know this site's been cracked. Let me try a few different probable methods to see how they did it". He did a bit more than nslookup, ping, traceroute... He examined their DNS for exploits, the ftp server, etc etc.
Open Source. Closed Minds. We are Slashdot.
What, probing their DNS server, and other services on their machines isn't the equivalent, all of a sudden?
Open Source. Closed Minds. We are Slashdot.
If you think that is bad, you should see what they are trying to sneek into the US via the "treaty provisions" backdoor - US gov interests are lobbying for europe to adopt the english RIP bill as a european measure, so they can then "reluctantly" adopt it in the US without having to worry about that bothersome constitution getting in the way;
One of the highlights of the new bill is that they can demand your encryption keys from you (on pain of 2 years emprisonment) and if you decide to mention it on your website as this guy has done? that's a five year prison sentence. Paranoia, you haven't begun to flow....
--
-=DaveHowe=-
Then, if you are found lurking around a bombed building 6 hours later, why don't they confiscate your car and wallet and run those through a forensics lab? It's the same sitution.
Confiscating everything in the world, and running them through a forensics lab, is a good way to get evidence. It is also unreasonable. Somewhere there is a balance, and it does appear that where computer crimes are involved, the balance they have chosen is very, very different from what they choose in other realms.
---
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
They can't. No warrant.
I will leave it for everyone to judge who is arrogant - the words are there for anyone to read.
This is true, however he was picking up the murder weapon, checking its caliber, etc. He had knowledge of where it was, regardless of how he figured this out. It looks suspicious, and the FBI acted accordingly. I would expect nothing but that from them. The kid made himself a suspect. Further more, he put himself at risk of taking the blame for something that he claims he did not do. He's just plain stupid to do that.
Andres Salomon is a fool for putting his explanation on the net. He should get a lawyer and SHUT HIS MOUTH.
So far, the "everything you say can and will be used againt you" has given the FBI a lot of evidence.
FBI: "Your Honor, I present the following quotes from the defendant's website into evidence. You will see that the defendant in his own words has admitted that he used the Yankee's computer in very irregular in improper ways."
*I'm simply an RPI student, admin, and programmer
(C/perl/whatever) who likes to dabble in cryptography, kernel hacking,
FBI: See, he's a hacker, by his own admission
*I know my way around
FBI: Bragging is typical for script kiddies.
*my initial reaction was "oh shit, someone's pissed about my 30 gig mp3 collection
FBI: The defendant also admits that he pirates music in large quantities.
* I then began a post-mortem inspection; I always find this to be very interesting
FBI: Get's his willies by trespassing. He's a criminal who loves crime.
*The last time I did this, I discovered the intruder had gotten in through...
FBI: The defendant did this on more than one system.
*I first checked port 21 of www.yankees.com, noticing that it was running wu-ftpd-2.6.0;
FBI: The defendant has stated exactly how he hacked the yankee website.
*So, I did a zone transfer of yankees.com (host -l
-t any yankees.com), and noticed an old.yankees.com.
FBI: The defendant admits to yet another trespass command. He is letting us see how his criminal mind works.
*I got no where with this (whether it was due to a firewall, I do not know), so I
returned to my IRC client
FBI: The defendant is describing how he dealt with an obstacle put in place by the yankee sysadmin.
*The entire thing lasted possibly five minutes,
FBI: The defendant is doing some more bragging. It is common among hackers to brag about being able to root a box quickly.
If tits were wings it'd be flying around.
The above post was inappropriately moderated down as "flaimbait," probably by someone either in law enforcement, or someone with friends and relatives who are and was offended by the original posts very accurate (and gloves off) commentary on the FBI.
Someone with mod priveleges today please rectify this.
And for the loser his modded this down as "flaimbait" I look forward to tearing you a new one in meta-moderation.
The Future of Human Evolution: Autonomy
My point exactly. You can be arrested for merely posessing illegal substances or paraphenalia[sp] associated with them. Then there's almost no shadow of a doubt that you've been doing something illegal.
In the situation related to this slashdot story, though, the authorities had little or no justification for seizing his equipment, let alone proof that he did anything that was against any law, past or present.
Your (and the authorities') "reasonable grounds" argument doesn't pan out since the only evidence they had was of some minor (ie harmless) network probing only AFTER the attack had taken place.
In my opinion, the authorities that use such frivolous investigation tactics only do this so it makes them *look* like they're doing something with the case... and of course the numbed-brain media take it hook, line, and sinker.
It's extremely suspicious just after a site's been cracked. How does port scanning help you determine network latency?
Open Source. Closed Minds. We are Slashdot.
So I guess everyone who wants to come into my house is going to have to crawl through a little two-foot diameter tube and pass their keys and credit cards through in a sack afterwards, if any sort of scheme like this is to work.
I guess you'd like to make sure that all FBI agents are also fully trained as sysadmins for every OS/Harware combo known to man
Yes, I would. I'd settle for agents who know enough to use the standard forensic tool 'dd' and carry their own export media. If you wish the evidence, take the friggin evidence. The hardware is a different matter..
.sig: Now legally binding!
Black in my 31337-Script-Kiddy Days of Yore, I made a rule of never even sending a _single_ packet to a box directly from a personal box or account. I would always bounce through a box where I knew I wouldn't be monitored, a wingate/telnet proxy (OVERSEAS), at least one public system, another proxy and finally through a cracked UNIX box (so I could use all my cool packet shaping utils). Doing Pen-testing is so much easier. :)
You just need to buy a computer made by G. Gordon Liddy Systems, inc. You know, one of those 9-mm "autoloader" point-and-click devices.
;)
________________________________________
Napster-to-go says "Fill and refill your compatible MP3 player", which is a lie. It's not MP3. It's WMA with DRM.
And puts itself in a much more likely environment to be shot when reaching for their ID...
"He was reaching inside his jacket pocket, Your Honour! My buddy got shot like that last week."
People, guns are not the way to hold on to your rights.
Strong data typing is for those with weak minds.
Strong data typing is for those with weak minds.
PUBLIC SERVANT'S QUESTIONAIRE
Public Law 93-579 states in part: "The purpose of this Act is to provide certain safeguards for an individual against invasion of personal privacy by requiring Federal agencies...to permit and individual to determine what records pertaining to him are collected, maintained, used, or disseminated by such agencies."
The following questions are based upon that act and are necessary in order that this individual may make a reasonable determination concerning divulgence of information to this agency.
1. Name of public servant...............
2. Residence......City.....State......Zip......
3. Name of department, bureau, or agency by which public servant
is employed........supervisor's name......
4. It's mailing address...........City......State....Zip......
5. Will public servant uphold the Constitution of the United States?
6. Did public servant furnish proof of identity?
7. What was the nature of proof?..............
8. Will public servant furnish a copy of the law or regulation which
authorizes this investigation?
9. Will the public servant read aloud the portion of the law authorizing
the questions he will ask?
10. Are the answers to the questions voluntary or mandatory?
11. Are the questions to be asked based upon a specific law/regulation,
or are they being used as a discovery process?
12. What other uses may be made of this information?
13. What other agencies may have access to this information?
14. What will be the effect upon me if I should choose not to answer
any part or all of these questions?
15. Name of person in government requesting that this investigation be
made...............
16. Is this investigation 'general' or is it 'special'?
17. Have you consulted, questioned, interviewed, or received information
from any third party relative to this investigation?
18. If so, the identity of such third parties..........
19. Do you reasonably anticipate either a civil or criminal action to
be initiated or pursued based upon any of the requested information?
20. Is there a file of records, information, or correspondence relating
to me being maintained by this agency? If yes, which?
21. Is this agency using any information pertaining to me which was
supplied by another agency or government source?
22. May I have a copy of that information?
23. Will the public servant guarantee that the information in these
files will not be used by any other department other than the one
by whom he is employed? If not, why not?
If any request for information relating to me is received from any
person or agency, you must advise me in writing before releasing such
information. Failure to do so may subject you to possible civil or
criminal action as provided by the act.
I swear (affirm) that the answers I have given to the foregoing
questions are complete and correct in every particular.
X ____________________________ Date: ________/_________/_____________
Witness:________________________ Witness:__________________________
Authorities for Questions:
1,2,3,4 In order to be sure you know exactly who you are giving the
information to. Residence and business addresses are needed in case you
need to serve process in a civil or criminal action upon this individual.
5 All public servants have taken a sworn oath to uphold and
defend the constitution.
6,7 This is standard procedure by government agents and officers.
See Internal Revenue Manual, MT-9900-26, Section 242.133.
8,9,10 Title 5 USC 552a, paragraph (e) (3) (A)
11 Title 5 USC 552a, paragraph (d) (5), (e) (1)
12,13 Title 5 USC 552a, paragraph (e) (3) (B), (e) (3) (C)
14 Title 5 USC 552a, paragraph (e) (3) (D)
15 Public Law 93-579 (b) (1)
16 Title 5 USC 552a, paragraph (e) (3) (A)
17,18 Title 5 USC 552a, paragraph (e) (2)
19 Title 5 USC 552a, paragraph (d) (5)
20,21 Public Law 93-579 (b) (1)
22 Title 5 USC 552a, paragraph (d) (1)
23 Title 5 USC 552a, paragraph (e) (10)
You can find more interesting information on your rights here: Frog Farm Faq
"Destruction of Evidence", and then my friend you are in a world of hurt even if the hard drives were blank
This system is truly fucked now.... I want to leave the US soon at this rate.
hmm. that holds up.
hmmm. so let's see here. you found out that your neighbor's place had been broken into (legal). you removed evidence from a crime scene (illegal). you went into your neighbor's home without their permission (tresspass. illegal). and now you think you have nothing to worry about??????? If the FBI just "questions" you, you've gotten off easy.
let me tell you another story.
this guy heard that a website had been hacked on irc (legal). So, he visited the site (legal). He then proceded to check the versions of some of the services running (legal). He did a DNS lookup to see which boxes were running on the network via such sinister and ill-used binaries as nslookup and, dare i say, dig possibly? DEAR GOD!!!!!!! (btw - also legal).
at that point. the FBI felt that they had enough evidence to make this gentleman a suspect. They seized his computers (illegal). The way i see it, the only thing this guy did wrong was not making sure he had a lawyer present.
FluX
After 16 years, MTV has finally completed its deevolution into the shiny things network
"It is seldom that liberty of any kind is lost all at once." -David Hume
Think about this; guilty parties don't freely give police evidence they know is incriminating. Start crying about not wanting to talk and the agents "suspection level" will rise.
So now everyone is innocent until proven guilty? If i am, i don't think i'd need to 'hand over evidence' to prove i'm not.
Is a crime to do what this gut did? Is it a crime to inspect publicly avialable servers for possible ways to attack it? If I look at a server just to see why it was attacked is that so wrong. I do not know. I guess the only reason it was done because he was a possible suspect. But is I you can not blame the FBI for doing what they did. I guess the moral of the story watch what you do they are always looking and keep a copy of your important data offsite.
Yes, well when shit happens those in power are more often on the producing end. They are *supposed* to err on the side of the rights of citizens. Saying "shit happens" is a cop out. We employ these people with our tax dollars.
It's 10 PM. Do you know if you're un-American?
The security guard was also watching while the crime was committed. Why didn't the FBI question the guard, determine that this person was not fiddling with the paint while the crime happened, and leave him alone?
Mod down posts with a "Free Mac Mini/iPod" sig, they're spam!
...aim for their heads?
Treatment, not tyranny. End the drug war and free our American POWs.
See my user info for links.
The scary trend to me, is that innocent people are busted all the time for crimes they didn't commit. But how many people here are sysadms who have tracked down hackers, presented the FBI with all the evidence they need. (Logs, ethernet captures, the crook's physical address, etc) and nothing happen?
A few years back I received a 16 point distributed DOS attack, (before most people knew what it was), i verified with each sysadm(mostly colleges and small business), their machines were verified being broken into. The worst hit site was lsu.edu, I spoke with their admins, and they checked their boxes and founds thousands of dollars of damage.
To this very day, a guy lives in new mexico, never got busted for the attack. (He was threatning from irc from his dialup account as he was attacking me). Why did he attack me? I was using "his" nickname. Turns out I went on vacation for 6 months from the net, came back, used my old nick, and some "hacker" decided it was his, and would flood me off the net to take it back. *rolls eyes*
Yup. HD's magnetic tracks are sufficiently small that using standard bulk erasers aren't even proof against future reading. Pave the drive over with 1s, 0s, 1s again, do a low level format, break it into little bits, then subject it to an acid bath. And I'm not trying to be funny. Media destruction is important in business, too.
Vintage computer games and RPG books available. Email me if you're interested.
(just like if the police have a warrent to look in your closet for a body but find a box with drugs, I belive that they they can't do anything without getting another warrent to specifically search for drugs.
Right, but the reverse is allowed. That is if they have a warrent to search your closet for drugs, and find a dead body they can take that. The reason is someone searching for drugs would reasonabbly be expected to see a dead body while searching that closet for drugs. If Their warrent is for a body and they find a walk in closet full of drugs (Severall million dollars worth I'd imangine) they could count that because the sear quanity in that place means they have to search the drugs for the body. But if they are searching the closet for a body and find one joint it would probably be thrown out. (If the joint was on the coffee table in the living room though, and obviously illegal they could take that because a reasonable person would find it while looking for a body.
There are other situations, but the point is that if someone would reasonabbly find it while searching for something else they can take it. Cracking tools can hide on a kiddie porn CD, but they would have to convince a court that a reasonable person searching for a cracking program would look at a .jpg to verify it was a picture as opposed to trying to run them as a program.
I am involved in a linux security group. We are working on cracking our own boxes, to learn about security and hardening of systems.
What implications does the law have on us? Under the law, are we allowed to crack our computers? After all if we force our way into our own house, is that breaking and entering?
One important implication would be, what happens if one of our members should be suspected of cracking system(s). Do we automatically become liable in any way?
How do hacking sites handle this problem?
From your story, it sounds like you didn't do anything wrong except try to log into the system after you had been fired (as a kid you wouldn't know better, but you probably should have asked to arrange a time to come back and transfer files with a current sys admin) but just because you didn't do anything wrong doesn't mean that there is something evil or incompentent about suspicion towards you. Sometimes shit just happens that way.
I hope that someday you will get a little perspective and be able to think about this unfortunate event maturely, but for now, your story is an example to us on the interactions between computer users and the law - just not neccassarily the example you intended.
Kahuna Burger
...will work for Chick tracts...
The Steve Jackson Games case isn't all happy endings...they were illegally raided by the U.S. Government in 1990, had their computer equipment confiscated, and received their equipment back in 1994. By that time the 286s that the government stole were useless. The damages? $300,000, of which $250,000 went to attorney's fees. Who really won this case, I ask?
Also, I'd recommend having a good hiding place for your hard drives. Coppers love collecting storage media as evidence. When they find that computer sans boot device, you're almost scot free.
"Ancillary does not mean you get to rule the world." --U.S. Circuit Judge Harry Edwards, speaking to the FCC's lawyer
Why not write to their boss, President William Jefferson Clinton, the Chief Executive of the Executive branch of the United States Federal Government (as FBI -> DOJ -> Exec Branch)? I'm sure you'll find that he's a reasonable freedom-loving American who cares deeply about the thoughts, feelings, and basic rights of all Americans (especially those hackers too stupid to stay away cracked sites before an official investigation begins). If he's not too busy renting out rooms or training interns, perhaps he could filter your complaint down to the appropriate supervisorial personnel in the FBI. I know that when I've written to him to express some point of dissatisfaction with the job the Federal Government is doing that he wrote back promptly, with an in-depth explanation of why he thought he was doing everything he possibly could to ignore the obvious solution to the issue at hand. I couldn't have been more pleased, and I think you'll have a similarly good experience!
Or, you could donate money to a group like the ACLU, who spend their time and efforts working in the legal system to address concerns about the erosion of our rights (with the possible exception of the rights that may be granted by Amendment Number Two to the Constitution- but that's got it's own watchdog group). And while the ACLU has a poor reputation because they defend the freedom of people not many other people like, they also do a lot of hard work on cases that just need to be fought (like this one, where a girl was suspended from school for casting a spell on a teacher). They do a lot of work surrounding search and seizure. Especially since some police departments apparently manage to gain considerable revenue by auctioning seized goods.
I do not have a signature
Last year I got a phone call paired with an email saying that I needed to make an appointment to meet with the Dean of Student Affairs of my smallish liberal arts school (and yes I realize I'm an idiot for even thiking about doing CS at a liberal arts school, but its too late now.)
Anyway I figure its something to do with my grades or something and I go to his office that afternoon. I'm sitting out in the waiting room, waiting for him to get done with whatever he's doing and I picked up one of the newsweeks on the Yahoo DDoS stuff and look at how the mainstream media presents the issue to the average Joe. Then he calls me into the room and tells me that they have evidence that I launched a DoS attack on a "Canadian Website". I am completely dumbfounded. They said that they needed to find out what happened or I would have the FBI knocking on my door.
I'm not script kiddie. Never have been. I have a little bit of an interest in security, but more in the areas of detection and protection, definitely not exploitation. Anyway, they want me to sign forms permitting the school to search my computer. This really freaked me out all these stories of people's equipment being raided flashed by in my head. I almost said no so I could call my parents and a lawyer, because I didn't know if that was the best thing to do, but then I realized I didn't have anything to hide.
So we march back to my dorm room and meet up with the people from the campus Computer Center (Motto: COBOL is our friend) who are going to search my PC. Well we get to my room and they want to have a look at my computer. I opened up a terminal window and their "UNIX guy" sits down stares at the screen for a few seconds then gets back up and asks me to pull up the machines IP address. I type ifconfig and highlight the address for him. Then there's some confusion. They figure out that my rommates Pentium 133 laptop running Win95 has the source address of the attack. I find it funny that their hard evidence thats pointed to me is the source address of a computer that isn't mine and on a DoS attack where it is most likely spoofed. They then start lecturing me for running Linux on my computer. They said they don't support Linux. I said that's great, I don't need support. In fact, I am paid to be their support in the dorms.
Anyway, they confiscated my rommates' computer, who is the classic stupid user, and "searched" it. They claimed that there was a virus on it that did it. You know, those pesky Canadian Website DoSing virii.
I had a meeting with The Dean of Student Affairs later and told him that I thought it was pretty crappy that they accused me basically because they knew I was a geek. He told me "thats what I get for being on the edge of technology". Yeah, that would be a shame for me to learn at an institution of higher learning. Then again, what do I know? I'm just a college student.
---- sonoffreak
The way things are set up, you only win on search warrants if you are guilty, the more guilty the better, and the warrant is bad. In the early 19th Century, the ideal was that it was hard to get a judge issued search warrant, but you did not have recourse. On the other hand, most searchs were done on the authority of the searcher and you could, and people regularly did, take them to court for the tort of treaspass. The court order search needed probably cause and the cop-initiated search needed to be reasonable, a lesser and more flexible standard. Since the mid-19th century, the courts have weakened the rules for court-ordered search to reasonable but put a lot of technical constraints on what is reasonable. The result does not serve us well either in the criminal justice (sic) system or as free citizens of a Republic. As far as I can tell, this did not start out as a big conspiracy against the citizenry, but the results are equivalent. Solving this problem takes no more that a good bill on the subject passing Congress. Sure! My statements here are my interpretation of a detailed analysis recently in either Harpers or Atlantic Monthly, probably Atlantic Monthly.
A somewhat boring story, but it illustrates my point. I could have turned off on my normal street. I was committing no crime (at least that I was aware of). However, realizing that being anywhere near a crime scene is a bad idea for anybody, I exercised common sense and avoided the scene.
This idiot started doing the very things a cracker would do to a site that had been cracked. Was he breaking the law? No. Was he being smart? NO . The site didn't ask him to do this. He had no authority to do this. He fit the profile of a cracker. He was dumb.
I'd love to learn more about how to crack cell phones - I work in the cellular industry, so it is of some bearing to my job. However, because I work in the cell industry, I have all the tools to turn that knowledge into action, and I'd have a really hard time explaining why I have that gear around (they're engineering prototypes. Honest!). As a result, I don't go to the cell phone cracking sites.
I'm not saying the FBI isn't wrong here. The way our current government conducts itself is shameful. But if I poke at a lion with a short stick, the lion may have been overreacting, but I'm still going to be the one bleeding...
www.eFax.com are spammers
"Public outcry" though, resulted in the passing of a "Good Samaritan" law that says if you don't help crime victims, they you are de facto as guilty as the one committing the crime.
So if I see a hacked web site, the law requires me to help. Find the cause of the crack, yes, even patch the site if possible to prevent future cracking, and maybe even hack back at the cracker to stop his activity.
Viewing the page is different than poking around in the computer after the crime. He left logs of actions of port scans, of ftp logins, of DNS zone transfers.
Now I will ask you this, how many people will actually do those activities on a server that they do not own, for the purpose of "just looking". I'm sorry, but 99% of the time, it is a hack in processes.
As someone else mentioned, its like not just viewing a crime scene, but crossing the yellow tape. Whether or not he did the original crime, tampering with what may have been used to cause it, which then resulting in his IP in the logs, could easily be found as either a hacker looking back over his work, or, how about this: Tampering with evidence. By adding hack-like activity to server log, which is on a server being investigated, activity as such could be done to purposely fool investigators. If they decide to charge him on tampering with evidence, I would certainly support the government.
There is a definate line between looking at the page, and digging through the server. He definately crossed it, and whether an attack was carried out or not, if it appears an attack was in progress he can be arrested or sued, Sure, port scanning may not be illegal, but attempted breakins are. The line is very fine, infact its more or less decided by a 12 average citizens who know nothing about computers, who are given evidence that someone was snooping around inside the server. Guess what, 99 out of 100 times he would be convicted.
I'm sorry, just blatently bad decisions on his part. You people should get a reality check.
www.atacomm.com - The Leader in VoIP Product Distributi
The FBI seems to have lost their objectivity when it comes to requesting search warrants.
They are intended to be used for INVESTIGATIVE purposes only. That's not what happened here. If the guy had logged in 20 seconds after the server was cracked, then yes, I could understand why the Feds would take a special interest in his box, however, this is like walking into a convenience store the day after it was robbed by someone of a completely different height, weight, body-type, race, etc. And getting strip searched for it.
Right now, the FBI is under an enormous amount of pressure to catch "The evil online people who will steal our credit cards or hurt our children." The old adage, "You shouldn't be worried if you've got nothing to hide." doesn't really apply anymore (as if it ever did). Search warrants have become PREVENTATIVE measures. To scare people who have shown an interest in something illegal, even if there is no evidance to suggest they have actually done something. These days if you say or do the wrong thing online, you can get raided just like that. Even if what you did was not actually illegal itself. The search warrant saves the FBI the trouble of actually investigating you and spending some of their time following the innocent until proven guilty mantra. Just knock on enough doors at 5am and you can be sure that you will find someone guilty. The innocent ones can go back to their normal lives like nothing happened (yeah, right) and the guilty ones can give agents the professional boost they need.
Who told you to spy on your neighbour not to mention sell him out to the cops? What did this guy ever do to you?
Well if you must know, I found out because one day he asked me to help back up some mp3's for him using my burner, and he shared his hard drive using microsoft file sharing. I mounted it with RHUMBA. He was assuming I wouldn't look in every directory. Enough said.
And just how did you know he was running an ftp server with kiddie porn? Downloaded it yourself, didn't you? Hypocrits.
Well it's hard to tell someone's doing something illegal without seeing it. Of course, when you see a directory with about 11,000 jpg's in it and they all have names like 01123hgf-11-23-89.jpg you really don't know what you're in for till you open them. All I can say is it was a truly horrible 60 seconds.
Why did I call the cops? Because he spent a lot of time on AOL and on the phone trying to get kids to meet him in our dorm room. And that was something I couldn't let happen.
I know you're trying to provoke me to respond, so there are the facts, and I stand by my actions.
--
What happens when you outlaw guns
Could this work? Maybe, but you'll have trouble explaining all the poor pacemaker-equipped door-to-door salesmen dropping dead on your front stoop.
IMNSHO, there is absolutely no reason why LEOs should have a warrant to seize disks, CDs, etc. when on a fishing expe... uh, investigating a crime. They can copy whatever they need to another drive. Even books could be taken to the station to scan/microfiche any marginal notes that might seem relevant, and then returned promptly to the "suspect".
This is the difference between gathering information for an investigation, and asset forfeiture (spit).
[100% ISO 646 Compliant]
SVM, ERGO MONSTRO.
You might not agree with the FBI actions but you do ultimately agree with the aims of the FBI - wipe out crime - The difference come in a) what counts as a crime (b) the methods that you can use to achive the aim. Lets say that he shot the FBI to protect his rights [I'll miss out the " " as not to be labelled a bedwetter] and keep his PC. He'd have either been arrested or shot. In all likeliness, public opinion would be turned against him. Instead let them take the PC. Let the FBI do crazy things. Turn public opinion against the FBI and get the rules changed.
Just because something comes into law by way of treaty adoption doesn't mean that it doesn't have to be constitutional.
Sorry, but you are in error - treaties override the constitutional protections provided they are ratified - which requires very little.
--
-=DaveHowe=-
http://www.mynipple.com/
-- Tom Rathborne
Also, lets say the war on drugs was a valid fight for the government to fight. If someone sneaks drugs from Mexico up to Arizona, then eventually crosses the state line to New Mexico, the crimes committed were in Arizona and New Mexico. In this case, rather than having the FBI or someone go after this person, they would be liable by both the Arizona and New Mexico police. The person has committed crimes in two states, making the possible punishment even stronger (should be appealing to the people that think they are safer by stronger punishments.) I guess I am naieve, but I don't see a use for a federal police. The purpose of the federal government was to basically let the states have some semblance of unification, but not pass any real laws other than very basic things to protect the rights that were given to people in the constitution.
Mas vale cholo, que mal acompañado.
So he pokes around in a crime scene before the cops get there, and leave some fingerprints. Of course he'll be a suspect.
Of course, whether the FBI should actually be allowed to take his computer stuff (even his books) is a different question.
--
"Oppression and harassment is a small price to pay to live in the land of the free." -- Montgomery Burns.
Downloading MP3s isn't a crime. Distributing them publicly is a crime. I can send some to my friend and I've done nothing wrong, but if i put them on my public ftp server and post the address in irc, then i'm distributing. According to Hillary Rosen, the RIAA isn't concerned with you sharing music with your friends.
It's not enough to bash in heads, you've got to bash in minds. - Captain Hammer
Does this guy have any history of censure from a school or company for any type of "hacking"? I know guys who have gotten in trouble, but not arrested, for reading people's email, port scanning, etc. The reason I ask this story is that I wonder schools or businesses give information like that to the FBI. If this guy had a history like that, and the FBI knew about it, it could explain why they showed up at his house.
I have to pipe up here. I'll tell a nice tale of anonymous woe. It goes a little something like this:
NASA gets hacked. NASA cracker connects to a persons box at their house off their t1 running an irc server. The irc server, as many do, auto connects back -- gets ident, and checks for open 1080 or 23 (and will deny if either is open). The person is let on irc. A matter of days later, the FBI is contacting the individual's employer. The persons VP of security has worked with the FBI before, and explains that minus his cajoling, the person would be arrested. The person is forced to make an image of the whole computers drive -- a very fortunate swing, and the VP advises that confiscation of the box may follow anyhow. The person is advised to cooperate fully because "they have broken the law". IE, the automated port checking process constitutes violations of anti-hacking provisions. (If you look up the statues, most say 'willfully and knowingly')
The fact that the true cracker set of the connections? Irrelevent. The whole thing blew over with nothing more than the taking of the image of the computer, but still, the incredible willingness of the VP to agree with the FBIs twisted interpretation that the automatic hacked-box-checks constituted hacking in itself, was unbelievable.
If you ever find yourself in this situation, you're definitely best off getting a lawyer immediately, and you may want to try to get some legal assistance, possibly just a contact for your lawyer to talk to, at some place like EFF, if you're in this sort of situation.
On the plus side, for every horror story, the FBI does a clean, competent investigation, but these issues are the sorts of thing that need a lot more activism from this community in the legal circle in order to make sure things don't go awry. If everyone in the country who held the slashdot view of the DMCAs bad provisions were talking to their elected representatives about it, we'd be much more heard. We need to police the laws that are passed related to computer crime, because too many are overreaching. If you're the FBI, its easy to say: we'll aim for overbroad, and just let the innocent people slip through the cracks. Appealing because you can decide, and you can use the overbroad law as leverage against anyone reluctant to help you who may be involved. That's unacceptable, and the legal advice many congressmen and senators get is dismal. They need good advice AND good analogies they can carry into their work to convince others and make a convincing argument.
Alot of mention has been made on the rights we have, is the US like Nazi Germany. I personally believe we do in fact, live in a police state. To wit, ask yourself these questions:
1) Does the United States follow, in spirit and in letter, the concept of innocence until proven guilty?
No. The broad application of warrant, search and seizure laws, and the total absence of the legal premisis of "narrowly construed" has been slowly eroded away. These days, if you have been served with a warrant, and, have been questioned by the police, the usual assumption is that you are guilty.
2) Do the police actually investigate a matter without bias, and with impartiality?
No. This has always been a major problem for both local and federal authorities. When they feel they have a prime suspect, all other leads become trivial. And not worth investigating. Even if evidence of innocence of the prime suspect could be uncovered.
3) Do we live under an unspoken law of guilt by association?
Yes. Terms like "hacker" and whatnot are used to vilify and persecute people who are innocent.
4) Are there severe loopholes in laws which allow police to run rampantly over individual liberty?
Yes. Carnivore is an example of this. If the EU type ISP laws get into the act here in the US, then we are really screwed. Because, if your forced to hand over your encryption keys, you are no longer secure in your person. And any law protecting you from unreasonable search and seizure are moot.
So lets see, unchecked police and political power, guilt by association, persecution due to label, so far so good. Sounding alot like Nazi germany to me. Lets go further:
5) Are uninformed people attempting to pass laws which label people with terms like "hacker" and "hacking" and prosecute them for associations?
Yes. In fact, there are several countries attempting this. Im sure it will only be a matter of time before this mindset gets to the United States.
Gee, whats next, will someone who is a geek be forced to wear an armband in public? How about a scarlet letter?
And, now for the kicker:
6) are the minority in almost firm control, in one way or another, of the majority.
Yes. With things like the DMCA, and minorities trying to kill off things like Reverse engineering, Donna Rice trying to censor the web, you have alot of minorities, trying to subvert the majorities. All in the name of profit, morality, and narrow mindedness.
There was a time when the law was to be kept narrowly construed. In order to make sure it wasnt used as a hammer. Now, the only thing being narrowly construed is thought and reasoning ability.
I was born an american citizen. I am embarrassed to be one these days. My father was an Air Force Vet, he fought for this country, and the way of life. Before his death, he saw this police state coming about. It upset him greatly, that police got warrants, based on suspicion, and conjecture, and, went about ruining people's lives, and they dont apologize when they are wrong. Nor are they forthcoming in returning what they steal.
Its getting worse. The United States is becoming a police state, run by corporate america, and, narrow minded politicians, who care more about themselves, their wallet, and what they want. In an ironic way, we are faced with the same dilemma as the original 13 colonies.
We once again, have a situation where we have no representation. We elect people who dont listen to those who elect them. We choose the lesser of two evils. And, we have no other recourse.
I give it another 100 years tops. Before you see armed revolt. *sigh*. The great experiment is at its peak, and will start its decline. Harry Truman warned that if you want to know how to avoid decline, in the United States, keep the history of the Romans close to your heart. Nobody in government has done this. And those who do not learn history, are doomed to repeat it.
Supernaut
The most irritating thing our friend will find out is that his computer is now evidence. He's not going to get it back any time in the near, or not so near future. See Steve Jackson Games.
Warrents are about the only thing that's actually fairly close to reality in TV crime shows. They aren't hard for the cops to get. Judges don't know any better and take the DOJ/DA's word for it as far as if it's needed.
This is on k5 also. K5
>People, guns are not the way to hold on to your rights.
They're not until the whole society has gone to hell in a handbasket, until there's nothing to lose and everything to win -- and then they are the ONLY way.
Most pro-RKBA people aren't advocating crazy stuff like shooting FBI agents who are serving a search warrant. Instead, we are trying to hold on to this essential liberty so we have some insurance should the "dark times" come upon us. Which isn't going to happen in a year, or 5, or 10, probably -- but what about 100 years in the future? 500? Can any of us see that far ahead? Of course not.
Things could get REALLY bad, even in America, given enough time. Bad enough that Joe Average Citizen Taxpayer might contemplate violence to protect himself from the state. And in that case, Joe better have a rifle.
I think that is the pro-RKBA argument in a nutshell.
I live 5 blocks from the RPI campus.
The FBI should look at some things...
#1: Look at some timestamps on log files... If what was written is true he wasn't into the webpage until after it had been posted on various news sites.
#2: The that might possibly in 3000 years turn out to be evidance and now it's the governments crap of confiscating computers is ludicrous. How could looking at a site be considered grounds for a search warrent?
Things like this are pathetic.
Do you Gentoo!?
You're all missing the impetus behind all this! The Yankees are a high-profile organization right? The guys who run the Yankees are VERY rich people right? So imagine this, you're the manager/owner/whatever of the Yankees, you wake up one day, roll out of your four thousand dollar bed and turn on your computer. Your homepage is Yankees.com (how cute) and you notice it's been tweaked. OR you're the webmaster @ Yankees.com and you notice upon routine checking of the site/availability/whatever that it's been tweaked... you call the owner or the owner finds it on his own. Point being, the funnelling stops here and it's now the owner who makes the call to his buddies who pull some strings in the FBI to get this stuff investigated ASAP! Not tomorrow, not after breakfast, RIGHT NOW! So they do, they expedite the warrant process and get right down to business. I mean come on people, you think every hacked page gets the FBI's attention in as little as 48/72 hours? Or that they routinely pair up a field agent with someone who actually knows computers? Whether or not this guy should or shouldn't be doing his forensic checking is a WHOLE other issue. My point (cuz I think I have one) is that the Feds treatment of this is RARE! The only time the Feds take this shit seriously is when it's high-profile (i.e. big MONEY losses or GAINED) or when there's an interpersonal tie with the feds themselves. A personal relationship with someone in the bureau. I myself have been/or are currently under their "watch" and it's ONLY because of a personal tie one person had with them directly... if not for that, nothing would ever have come of my "wrong-doing".
I am not going to go into details on this as I have the sites bookmarked at home and forgot some of the facts, however, since it was initially put into service by J. Edgar Hoover, the FBI has always been a corrupt force. Hoover himself was a very dangerous man, and had he lived to see the computer industry we have now, he would probably be keeping his index card files in a database instead. He basically caused the harassment of many people for having "unamerican" opinions and points of view. He was one of the main people that fueled McCarthy to his witch hunt as well. Basically, the FBI serves no purpose, as it is the duty of the states to have the police and other forms of law enforcement, not the federal government. Also, it is a sign of the fact that the federal government is too powerful, because originally they did not have enough laws that they would need to enforce them with police. I would think it is consistant with libertarian logic to eliminate the FBI, but I have not seen anything from Browne or other people within the Libertarian party saying that. I guess the tradition carries on, and the FBI probably has some information to blackmail them with just like Hoover did with all of his enemies.
Mas vale cholo, que mal acompañado.
.. but when people with badges are asking you questions, your only respose should be to reply with a question or to not reply at all. This is especially true in traffic cases, as the first thing the cop will try to do is get a confession out of you - "Do you know how fast you were going?" If you say something like, "I think I was going 75 or 80", even though his radar gun said 83, he can write you down for 80 and get it to stand in court (radar tickets can be easy to beat) because that's what you said. So you've answered the Public Servant's question (who you don't even really know is a public servant, he could be an imposter - just 'cause his car has a light bar in no way means that he's valid) with the very best of intentions, hopefully making him so pleased with your obedience to his will that he'll let you off. It's never worked for me. In this case, they were out to hang, details didn't matter, they were going to take your computers, no matter what you said. The side of the road is not a courtroom, and people shouldn't treat it as such.
Learn the rules so you know how to break them properly.
www.teslabox.com
Kiss your computers goodbye
My roommate and I called the cops my junior year in college, when we found a guy in our suite running an ftp server with kiddie porn.
When the FBI comes to take your computer, you don't get it back. They didn't just take this kid's machine, they took my machine too - since our ethernet ran through the same hub, they were able to extend the search warrant. I got my computer back 2 years later. It's still sitting in my basement, running bsd, like it was before they took it.
Remember, you live in a free society until you don't. Due process for you is going to mean that they will duly detain your computers and schoolwork till it is useless to you.
Shame on you for being so smart.
--
What happens when you outlaw guns
And
Carnivore Lite for making hasty decisions based upon the flimsiest coincidences!
A Reno® product
--
A feeling of having made the same mistake before: Deja Foobar
It doesn't matter how relevant the evidence may be, or how great the dangers of destroying it are; FBI cannot sieze it without a warrant. Yes, they had a warrant, but it was based on extremely flimsy grounds. I suggest you look up Amendment IV of the US Constitution. Confiscating computers used only to look at a site hours after a crime occured is certainly not reasonable, nor based on probable cause. I don't care what else comes into play here, the fact is that the judge who granted the warrants, or the agents involved in the confiscation, or somebody else in the chain, violated this amendment to our highest law. That is inexcusable.
Mod down posts with a "Free Mac Mini/iPod" sig, they're spam!
The first thing to keep in mind when the FBI knocks on your door is that you shouldn't talk with them. Don't try and crack jokes or explain what might be going on. Don't answer their questions. Don't say anything other than you want to see a lawyer.
These guys are trained professional terrorists. They have all kinds of behavioral science training and they have experience with PsyOps, which you all should read up on.
I'm glad that this brave hacker has the balls to relate his experience. The FBI wants us to fear them. They are the bad guys, but don't think you are ever in this alone. There are many people out there who don't like the FBI.
It's also important to realize that those of us who are Americans aren't living in some enlightened democracy where the cops are just our good friends because they keep the streets "clean." No, the United States has more cops than any other country and it just completed an expensive effort to militarize the police. If any of you have paid attention to the recent anti-capitalist protests, you can see that they've taken the gloves off. I had friends who were planning for the anti-World Bank demo in Washington, DC last April. The Secret Service broke into their apartment and stole research materials.
In Philadelphia, during the anti-Republican Convention protests, the police sent undercover cops into the organizing spaces being used by activists. Some cops even helped some friends of mine build a float.
So the watchword is: be careful, but don't be afraid.
Someday we'll defeat these guys.
Ok.
What about ORBS.ORG?
They scan, looking for exploitable holes in e-mail programs. And log for vulnerabilites. Post the found vulnerable systems on the internet.
If it was said on slashdot, it MUST be true!
But the fact that they STILL have his stuff and have not charged him (and probably won't) is totally ludicrous. Is there anyone we can write to to yell about this? Not that it would do any good...
A friend of mine works in IT at a big university. The dorm IT guys not only cooperate with the cops, they will enter dorms and seize equipment THEMSELVES. This has happened a number of times when students ran, for example, a commercial porn site out of a dorm room.
The school IT guys will cooperate (bend over) for the FBI if they are smart -- you don't want to get the feds pissed at you, and what do you do when you need them? Best to maintaina good working relationship.
Besides, if the cops show up with a warrant, the school has no legal grounds to interfere. They have to show the feds to the dorm door and play along, unless they want to get in trouble for obstructing justice or something.
This is just an example of what a non tech savy FBI can do.
- Reading logs franticly. Under pressure from yankee corp none the less.
- Needing a scapegoat.
- Getting a scapegoat.
- Finding that said scapegoat is not a typical "Evil warez kiddie bent on global destruction [EWKBOGD](TM 1993 US Goverment)"
- Searching his things for "Kiddie Porn"
- Ending up charging them with something and most likely getting somewherd with the case because the judge will not know jack about the subject or even the particular law they are using.
ARG!
---------
Defraggle
Keeper of the monkeys
Why don't we just shoot those bastards and take a bite out of the United States of Corrupt America ? We don't see the RCMP raiding dorms or overreacting in any similar style to computer crime. It's akin to sending a swat team for a speeding ticket, except security geeks don't cause fatalities. Time to turn off Corporate MindFuck TV and get back to reality.
-Billco, Fnarg.com
The FBI managed to get a search warrant based on logs from a firewall, that showed my IP only connecting, not even logging in, hours after news of the cracking had appeared on news sites.
So essentially the FBI doesn't have a hard time getting a warrant. Does this scare anyone else concerning Carnivore? I mean, if they can get a physical search warrant this easily, what's to say it'd be more difficult to get an internet-sniff warrant?
If I was still a college student, and some self-appointed IT guy took my computers, I would (a) file criminal charges against him (b) sue him personally and his employer for damages.
Why is it that the proponents of "one nation under God" are so eager to get rid of "liberty and justice for all"?
"Anyone that has ever gotten an idea based on any of my work and done something better with it-good for you."--J.Carmack
They took his frickin BOOK?
I'm sorry, but his books are not evidence. The fact that he possessed such books might be, but this did not in any way require the actual siezing of the books themselves.
As a CS student the fact that he was * required * to possess the book is probably even a matter of record.
This was a pure harrassment measure, period.
As I noted in my post the other day he should have invoked his RIGHT to * shut the hell up.*
He should have called his lawyer and insisted on his right to have his lawyer present. If he didn't have a lawyer he should have picked one out of the phone book and told them " I have FBI agents in my premisises and I need a lawyer NOW."
BEFORE all this happened he should have had off site backups. One set of those backups should have been BURIED in a capsule somewhere. He should have had backups stored using stegenography in his porn and/or Mp3's. He should have burned every note that was no longer needed. He should have written 0's to his entire HD every time he did a fresh install. He should have done this every few months even if he didn't need a new install.
Once they were there he should noted to them that his monitor, speakers, keyboard, mouse, CPU, video card, etc, were NOT evidence, only his possession of such was, and they had no right to sieze them. In fact, ONLY his HD was technically evidence. If nothing else his having noted it to them could be used as evidence against THEM in a civil suit should they ignore it. He should have noted that the supreme court has extended the protection of printing presses DIRECTLY to computers that are used for printing and thus cannot be legally siezed as evidence. He should have noted that his HD contained personal corespondence totally unrelated to the crime under investigation and that they were thus under obligation to have a warrant for SPECIFIC documents to sieze, which he would then cooperate in handing over, they have no right to sieze EVERY document. He should have noted that the supreme court has ruled that EVERY person whose e-mail is compromised by siezure without a specific warrant is due a cash settlement from the government.
In point of fact, he, and his lawyer, should have actually READ the warrant and only complied with legally SPECIFIC items contained therein.
He might even have insisted on being charged. This probably wouldn't have worked in this case, but more often than not it ends the whole damn thing right there. In any case his insistence, and their refusal, would have been more evidence for his following civil action.
"Officer, if I am suspected of a crime kindly charge me with such so that I may invoke my right to a public trial by a jury of my peers in confrontation with my accusor, otherwise I'm afraid I may have to consider this an illegal fishing expedition in violation of my civil rights and take appropriate legal action."
In fact, he could have noted that even though they have a warrant the * warrant itself might not stand up to legal scrutiny.*
Again, many of these things might not have helped him at the time, but could be invaluable in a later civil suit.
Oh yeah, he should sue the bastards. We should ALL sue the bastards every chance we get, pro se if we have to, just to make them think twice about the hassle and paperwork they'll be facing if they step out of line.
As other responders have replied, the magnetic-field idea is impractical.
However, if you are REALLY serious about this, you CAN set up a device that, when triggered by lifting the computer off the table (without first disarming the device), dumps a corrosive, adhesive, or abrasive into the drive through its breather filter, effectively killing the drive. (Shaped charges are too messy, physically hazardous, and laden with legal hassles to use for this application).
Some aspects to keep in mind in such a case:
1. To effectively dodge destruction of evidence charges, the system MUST be preinstalled before they come knocking, and MUST be totally automatic in operation - NO positive action on your part to trigger or arm it.
2. This will seriously piss The Man off, so killing your data had better be worth A) having them never EVER return your stuff, and B) come back in a huff and turn your house upside-down with extreme prejudice, breaking many things and confiscating all backups and everything with more transistors in it than a Walkman.
3. You WILL need to somehow defend yourself against the destruction-of-evidence or obstruction-of-justice charge they will try to hang on you. Have a lawyer primed and ready to launch on warning; he might fill his trousers upon suddenly learning of your hard-drive-destroyer, so make sure he's informed in advance. After all, it is NOT illegal to make your computer commit seppuku when stolen.
Frankly, I cannot think of many people this would be worthwhile for.
For myself, I would rather tell The Man, "You can have my computer right now, untouched by my hands, without flashing a warrant or incurring the legal obstacles my lawyer will put in your way, BUT ONLY if you supply me, in advance, with a new system of equivalent capability as a loaner until you return my equipment. Your technician will also back up my data under my supervision before removing anything." This approach might not work either, but it's less hazardous and well worth trying.
Hey, that gives me an idea. Anyone wanna lobby for a "Replacement of Property Taken As Evidence Act" mandating the immediate replacement of confiscated computing hardware and data?
"My strength is as the strength of ten men, for I am wired to the eyeballs on espresso."
Since I first read about it, I have wanted to install the physical security system mentioned in Cryptonomicon -- you know, the one that turns the door frame into a giant electromagnet. Sure, the "bad guys" may get your hardware, but that's about all they'll get. (And probably even less, if you can set up the magnet to pulse its field so it spikes through the electronics...)
Just out of curiosity, though, is something like this realistic? That is, would it really work the way Stephenson describes it?
At any rate, it'll have to wait until I get my own place. I think the apartment manager would get pretty pissed if I suddenly started remodeling the door to my flat.
---
GetSystemMetrics(SM_SECURE) == FALSE
If An Agent Knocks
As a parent of a child, (age 7) who is getting to be quite computer savvy - I guess this is probably a rather important question;
If the cops come in and bust my kid, whether or not he did the crime, can they, or do they usually also take the parent's computer(s)? I mean, a guy could lose his job if his company laptop is gone, with all of his data, etc. This is most unsettling.
These are my friends, See how they glisten. See this one shine, how he smiles in the light.
This guy is clearly a Russian spy, no red-blooded American college student gets up at 7AM for no good reason.
"Hmmm. There's a small rock, like the ones they put around their plants in their front yard. They might want to know this. I think I'll just put on in my pocket."
"Whoa. Look at the mess the robbers left. I think I'll just go straighten things up a bit. Ah, man! They took the new DVD player. I was looking forward to tonight's Halloween party. I hope they left the "Blair Witch Director's Cut" disk."
"I wonder if they got the jewlery.... Let's see, I think they kept it in that box on their dresser. Well, there's no jewels in it now. I guess I just go home."
Later that day, the cops came over to ask me some questions. "What's that in your pocket?" "How did you know the DVD player was taken?" "Can we finger-print you?"
Now I'm afraid that I may be suspected for something I didn't do. The Nerve! I was just curious and trying to help.
I'd rather have someone respond than be modded up.
[ This message does not state or imply an accusation of misconduct by the man dubbed 'bofh', so put those lawyers away. This is an opinion piece -- the events as I remember them. ]
... you got caught."
Heh. I guess we all have these stories. I didn't know the whole story of what happened to me until two years later.
First, I was a student at the University of Waterloo, Canada. Very respected place, top-notch mathematics faculty that actually gives out Bachelors of Mathematics. The Computer Science Club is actually quite famous too. Anywho, U of Waterloo has a co-op program and thru co-op I got a job as a Unix Sysadmin at the Univesrity of Western Ontario, an hour's drive away. Four month contract, then back to school. I fell ill during my work term, and I had to telecommute for the last two months, but I still got stellar marks and a glowing evaluation in the end. During my time there, I spent ten minutes getting help with an SMTP server with a man reputed to be an RCMP (Americans: read FBI) toadie I'll call 'bofh' for reasons that will later become apparent.
Back at Waterloo, I was going thru a bad episode (breaking up with live-in girlfriend), and during spring break I faked a USENET posting. Not a spoof, because I wasn't pretending to be anyone, just a faked "From:" header line. I did it (in the "let's see if I can do it" fashion) by telnetting to a mail server at U of Western Ontario, faking a mail message to be sent to U Waterloo's mail-to-news gateway. The message itself was a public announcement that some newsgroups were going to be banned due to high traffic -- Waterloo had a recent big stink about newsgroups being banned because of a feminist student group complaining about objectionable content (alt.sex.fetish.lolitas somehow escaping their scrutiny). I was successful, even though I misspelled "displatch", so I went back to slouching and playing too much Xpilot.
Next morning, I get a call at home. It's bofh (I still don't know how he got my home number).
bofh: "This is bofh. Did you telnet to port 25 on machine xxxx.uwo.ca yesterday?"
me: "Uh... yes."
bofh: "You'll never touch another machine at Western again. *click*" (that's the exact quote)
Phone rings again.
Peter (of the CompSci Club): "Moses? This is Peter. The Math Department sysadmins are bloodhounding you, but Ian [a friend] found you first. Why are they tracking you down?"
So I told Peter about the mail-to-news business yesterday.
Peter: "Oh Moses, Moses, Moses.
So there was the ritual dragging me out in front of an authority figure, some tounge lashing, and a formal request to have me ousted from the CompSci Club because I was their sysadmin and couldn't be trusted (that was on the record -- off the record, nobody expected me to get kicked out over something so trivial). The CompSci Club said no, the Math Department made a politically safe "no comment," and life continued.
A week later, I'm summoned before the Asst. Dean of Mathematics, whom I'll call W. Seems the U of Western is raising a big stink, and 'something' must be done. I assume he's talking about the "displatch" event. W tells me that I can't return for a second work term at Western, and my marks will be changed to a failure for the term that just went by. I protest that this isn't fair (but actually my knees were shaking like Jell-O). He says he has to think about it. I take the chance to talk to a student ombudsman, who knows about the "displatch" event and he's surprised W. is overreacting. He suggests I approach the Student Disciplinary Committee. When next I'm summoned before W, he suggests that I be failed for the upcoming term; I protest again that I shouldn't fail something that hasn't happened yet, and it will unduely affect my chances at getting a work term somewhere else. I suggest the SD Commitee should get involved, and W threatens to expell me if I talk to the SD Commitee. I break, sorry, I was really scared. I plead that he merely suspend me for the upcoming term. He says he'll think about it. A week later when I meet with him, he tells me that he's come up with a better idea: he'll suspend me for the upcoming term. Can I agree? I point out that I gave him that idea, and I agree. I'm to be taken off the list of eligiable students for job interviews.
A week later I found out I wasn't taken off the list, and I missed three interviews. I was almost punished for not showing up to these interviews, but I badgered and pushed my way thru the department (we called it "Needless Hall") until I met a director. I told him my story to date, and he laughed and agreed to sort things out. So, I was suspended, I accepted a job offer in Toronto (which was bogus, but that's another story), and didn't have enough money to return to school for years. I got a letter from my former employer at U of Western Ontario, saying he was disappointed in me for what I've done. That kinda hurt.
Now... 2 years later, I'm working at a Toronto company, and I'm recognized as that kid who was a sysadmin at the U of Western Ontario. He says he heard what happened, so I tell him my story. He's quiet for a while, and says "That's not what I heard. Everyone at UWO was told that you were using Western computers to steal credit card numbers through the Internet."
Jumping Jehosaphat. No wonder W overreacted. And this must be what bofh ment by "You'll never touch another machine at Western again." It still burns my buns to know that W was ready to expell me when he had not even circumstantial evidence, and he wouldn't tell me what I was accused of nor listen to my side of the story. I won't return to U of Waterloo until W is no longer employed there, but I will still speak highly of it as an educational institution.
It's a frame job that changed my life forever. Thank goodness I turned it into a positive change. My friends still refer to it as the "displatch" event. I'd rather not chase after bofh for justice, beacuse I'm certain he could create some evidence against me (like the firewall logs mentioned above) and the RCMP are likely to believe him because of rumoured student-expelling 'favours' he's done them in the past. Besides, I think the false 'hacker' reputation actually helped in one job interview.
The problem here is that law enforcement officers don't give a rat's ass about your property. They take it as evidence and if and when you ever get it back, it's broken and/or worthless. Do I suddenly lose my right to own property just because someone suspects that I might have had some part in a crime? Does that justify the confiscation of my computers, the loss of all my personal data (they don't let you make a copy before they take your stuff, and they take every disk they can find too), and the likely outcome that I will never get most of it back in any reasonable amount of time, if ever? Maybe the FBI schmuck was just doing his job, but we need to redefine exactly what he is allowed to do to get that job done. Confiscating people's property on mere suspicion, and then keeping it for extended periods of time and often forever is not the way things should be done. They should be held responsible for anything that happens to that property while it's in their possession too. Good luck getting people to understand this though. They think the FBI only does this stuff to the bad guys. This war on hacking is gonna be just like the war on drugs. Suspects have no rights. The law is supreme and those who represent the law have supreme power. Speak against them and you will be branded a deviant, a criminal sympathizer, and perhaps much worse.
It's not enough to bash in heads, you've got to bash in minds. - Captain Hammer
He should have known better than to be running Freeh® BSD!
--
A feeling of having made the same mistake before: Deja Foobar
Imagine the old, computer-illiterate judge that issued the search warrant. Now picture how many judges there are like that all over the place. Like it or not, the FBI and other enforcement agencies are getting more tech-savvy. The extent to which they exploit that knowledge remains to be seen. Unless and until judges get up to speed, however, it should come as no surprise that the enforcement agencies will be able to get search warrants for "fishing trips" on pretty flimsy bases -- like, for example, evidence of web site activity that occurred after an apparent hack.
Now, really, like SJ Games, like the "War on Drugs", this is a great example of how the government is getting out of hand with its control of the people. No, he won't get his computers or data back, even if he never gets charged. The Feds just harassed and put down a non-conformist, one of "those hackers."
So what the hell does this have to do with Nader and politics? Second Amendment. If people had as much right to bear arms as the Second Amendment claimed, warrant or no the Feds would be a lot more skittish about busting in if any random citizen had firepower. Reading Jefferson, that was a significant part of the intent of the 2nd - an armed populace not only protects the nation but protects itself from the government and keeps it from getting out of line.
-----
Klactovedestene!
Aluminum foil under your hat.
And always, ALWAYS the shiny side outwards.
The surprise isn't how often we make bad choices; the surprise is how seldom they defeat us.
I needed to grab a compiler and other useful programs, so I started hitting FTP sites. One of which was swedishchef.lerc.nasa.gov, a major SGI distribution site at the time (LERC is/was Lewis Research Center in Cleveland, Ohio). I was also looking to configure my machine to be an FTP server for our department so I did some poking around to see how to set up an FTP server (doing anything I can looking through an anonymous FTP login).
It turns out that a few weeks later the machine was compromised, and they noticed that I had downloaded basically everything on the machine a few weeks earlier, so they came to my mom's house looking for me. I was at school at the time, nearing finals. They actually cut me some slack and came back after finals were over to come back to question me. Thankfully they didn't take anything, but it did scare the sh!t out of me for a good long while.
George!
Your lucky, you are legally obliged to stop (at least most states have good sameratian laws). However the law for normal people has little teath.
When I joined the emergency response team at work (Good way to learn CPR and first aid, which everyone should know) I was told that because I'm on the team it is a fellony for me to drive by an accident scene without helping. However the law is written so that I only have to be there helping until the pros show up. In other words I have to stop and do first aid but if there are any police there I don't have to.
Even still, you should make it a point to stop and help every time you are the first to a scene like that. Who cars that you are late to your plane, or whatever, a life is more valuable then anything else you could do.
What do I have to do to get Special Agent Dana Scully to show up at my door?
-S
--- What parts of "shall make no law", "shall not be infringed", and "shall not be violated" don't you understand?
Are you sure the search warrent was based off of firewall logs? Did they tell you this?
From what I've seen, most of the crackers/script kiddies they catch are based off of "evidence" they find on IRC chat logs. A web site gets defaced, you talk about how you think it was done on IRC, and it appears you judgement is right. The feds take a shotgun approach to solving the crime and you get caught in the process (whether you did it or not). Are you really surprised they came knocking on your door?
When are people going to learn that there are some subjects which they SHOULD NOT DISCUSS on IRC, no matter how innocent they are? Consider them TABOO!! Those discussions can be used as circumstantial evidence, whether it's true or not. As wrong as it sounds, the FBI is going to place the burden of proof on you (and your computer).
Go not unto/. for advice, for you will be told both yea and nay (but have nothing to do with the question)
2. If you think the requirement for a warrant is any sort of obstacle, think again. Law enforcement develops relationships with tame judges, who will issue a warrant on virtually any pretext. You might later manage to get it and the evidence it turns up suppressed, but that isn't going to stop them from coming in and taking whatever they want.
3. For any sort of controversial access (or maybe all the time, if you don't mind the small delays it causes), use a service like ZeroKnowledge Freedom. It masks your identity completely, and allows email, chat, and web browsing.
4. Encrypt your entire hard drive (keep offsite backups, because you likely won't ever get the drive back if you refuse to hand over the key). You have no idea what might be lurking on there. I have an automated program that scans newsgroups for items of interest. If it accidentally downloaded kiddie porn, I might not know it until the Gestapo has my hard drive in its hands. If you ever sent a humorous email to a friend about cracking a system, or killing your girlfriend, it might end up used against you.
The author of the article is right, you can't overdo the paranoia.
Remember, if it doesn't say Claymore(tm), you're not fraggin' with the best.
----
Every year during my review, I just pray the words "slashdot.org" aren't mentioned.
even if you plead guilty, he might be able to get you a lesser sentance.
Agread. I spent an afternoon watching court once (everyone should do this once in a while to check up on the legal system as an outsider!) I saw a guy who plead gulty to some minor offense and was given 7 days in jail. His lawyer was able to get the 7 days as follows: enter the jail directly after work friday night, stay all day saterday and sunday, leave money morning and go to work. That is 4 days. The judge was starting to schedual the next 3 days, but the lawyer pointed out two days were already spent when he was arrested (one night in jail). Then then judge said "No sense in one day, I'll call that a suspended sentance, if you don't get in trouble for a year you won't have to searve it. See what why you had a lawyer."
Obviously for more serious charges things will be different, but still a lawyer will do a lot for you. Get one.
Since when did it become reasonable to be accused or suspected of a crime for VIEWING a site after it's been cracked?
I never said that. In fact, did you read the article? You obviously did not. He did not just view the website. To quote:
Upon going there, I saw what I thought to be the original site, so I figured this whole "crack" was simply a dns
redirect. I checked the bind version that yankees.com's primary nameserver was running (dig @ns1.icsnet.net version.bind chaos txt), and saw that it was running
the latest version (well... patch
21, 25, 110, 143, etc; the most commonly exploited daemons. I got no where with this (whether it was due to a firewall, I do not know), so I returned to my IRC
client, said "Looks like a dns hack...", and and the conversation went elsewhere.
He scanned the machine. A machine that they had moved to a different hostname mostlikely to attempt to catch the hacker. He made himself a suspect. The FBI is doing their job by confiscating his machine as EVIDENCE, because that is what it is now. If this guy is telling the truth, then nothing will happen to him, however if there is evidence that he's been hacking that machine, then they caught him.
port scanning, DNS lookups (whois, nslookup, etc.) are NOT illegal.
the whole point of the story is one of a very big brother-esque denial of our civil liberties. I see alot of people who know next to nothing about computers in general beyond double-clicking on IE to get an internet connection. Nevermind that they don't know how their own box works - i don't care. But they have begun to vilify those who they do not understand simply because of a few crackers.
This can be directly equated to a situation where you hear about a liquor store that got robbed so, as a curious citizen, you drive by and take a look. Being that you left some small piece of evidence that you were there at all, the FBI or whoever comes back to your house, confiscates your car and questions you. Anyone see anything wrong with this?? Anyone???
unfortunately, hackers' rights are in serious jeopardy right now. I don't see this trend stopping as more and more 'ignorant' individuals get online. they are scared of that which they do not know, and every time they hear that someone is a 'hacker' or knows what they're doing....they will instantly brand them as criminals. The only thing you can do....get a phone number of a good lawyer and make yourself comfortable here in Salem. It's gonna be a looong witch hunt.
FluX
After 16 years, MTV has finally completed its deevolution into the shiny things network
"It is seldom that liberty of any kind is lost all at once." -David Hume
Isn't that a violation of your fifth amendment rights?
You must be operating under the delusion that the entire bill of rights hasn't been eroded by the fascist/stalinist bastards in Washington in the name of the 'war on drugs'.
Yes, I am feeling cynical today.
While there are some exceptions (breathalizer and blood tests, identity information, etc., for example) the target of an investigation is under no obligation to provide _any_ information to the authorities. This means that the target is under no obligation to provide passwords, etc. Further, if faced with one of these situations you must understand that the police are going to take your equipment, disks, etc., regardless of what you do or say, so the best thing is to say _nothing_ to them. You should politely cooperate with them in loading up your equipment, request a detailed inventory of what is being taken, including a statement that all items being taken are in good operating condition and repair. You should then tell them that you will contact them with the name and telephone number of your lawyer and that all future contact should be through your lawyer. If you are a student, most universities or student governments have legal aid programs available. One other thing to be wary of: If the law enforcement people involved are federal, and you _do_ choose to talk to them (even though that is a very dumb thing to do), be sure that you tell them the _whole_ truth and don't leave out anything. If you do, there is a possibility (slight in most cases, but definitely there) that you could be charged with making a false statement to a federal officer, a felony, even if you are not otherwise guilty of any crime. Remember Henry Cisneros, who was charged with that very thing. Cops have a lot of "tricks" for obtaining information, none of them illegal. The one I like the most is not arresting someone until they get to the station house and not saying a word to them on the drive there. Usually the suspects will happily blab away simply to fill the empty air. Anything useful can be used even though the suspect has not been Merandized because the cop didn't actually ask the suspect anything.
Every time I hear about computer seizures by law enforcement agencies, a cold chill runs down my spine. The common perspective seems to be that a computer is an amalgam of files simply like a filing cabinet might be, and because of this, the FBI or whoever can simply cart it off for whatever reason. I don't know about you, but my computer is so much more than an amalgam of files to me. If I were saving everything in hardcopy, I wouldn't be putting it all in one cabinet. The letters to familiy and friends would go in one box, the tax forms would be stored in another, and my games would be in the toybox. Seizing a computer, in my opinion, is the equivalent of someone seizing my entire house and everything in it, simply because they think that one of my boxes contains something incriminating. If its the data that is needed, why not simply make a hard disk image? Police snap photos to use as evidence, so why is it necessary to have both the data and the simple hardware shell that it happens to be located in?
These are breasts; this is source code.
Why do you have a problem with those two things belonging to one person?
That doesn't mean that it isn't a crime. Making a mix tape for a friend is a crime. It's just that the RIAA isn't concerned about it.
-no broken link
What the fuck? A baseball team's WEB SITE is defaced, and my goddamn tax dollars are paying for a massive investigation to pay for it??????? You have to be kidding me!!! It's a web site, people! For a sports team! It's not the White House, for Christ's sake. Thanks, Men in Black, for eating up my taxes.
This post by Th3 D0t appears to be a clear cut case of plagarism.
Over at k5, user kennedy made this exact same post.
Given that kennedy's k5 post is time stamped about an hour prior to Th3 D0t's /. post, it seems to me to be a clear case of plagarism. Consider moderating it accordingly.
have a day,
-l
and saying: "Law enforcement couldn't hack their way out of a wet paper bag. They're people who get paid to do nothing. They never actually catch anybody." probably wasn't really that wise :P
~ppppppppö
I can go as far as him being a suspect, b/c his "fingerprints" were all over the box hours after it had been hacked.
Then where's the argument? He made himself a suspect! They confiscated his machine because he is now a suspect! He won't end up in jail however, but he is now a suspect.
One day (last week) While telling some anti-pine friends how much I love pine (over email), I decided i'd telnet to the local SMTP port of my university's mail server and teach myself SMTP headers, and send them an e-mail with telnet. Well, after attempting (it would not let me relay) i recieved a nasty email from the NOC telling me to never do it again, and that i am a hacker, etc etc. Point being, I was merely attempting to teach myself SMTP headers, not trying to hack into the system but they immediately labelled me. I replied back, explained my side of the story and never heard from them again.
Of course they let the FBI into his dorm room. They had a warrant to do so.
This is the equivalent to coming upon a murder scene, picking up the weapon and getting your fingerprints on it, putting it back down and continuing on your way while whistling innocently.
Cool. Spread the word. CNN?
It is the responsibility of the law to PROVE MY GUILT...not for me to prove my innocence.
On another note... why do you think that the FBI confiscated his machine? Because they're attempting to prove his guilt. In fact, guilt or innocense has no place in this argument because he's not in jail; they just took his precious computer because he was doing (at the very least) stupid shit with it. At the most, he hacked that machine. Either way, he made a decision to investigate a crime scene, and taint evidence. He put his fingerprints on the system, and its the FBI's obligation to consider him a suspect.
Jurors are obligated to find you not guilty of disobeying an unjust law.
TO BUY A NEW CAR WOULD MAKE YOU SEXUALLY ATTRACTIVE.
Plagarism! I've never seen a post so badly plagarized!
For those interested in seeing how this Karma Whore PLAGARIZED this post, please check out these links.
This is the original post on Kuro5hin.
And, this is what the original poster was advised to do.
What out for such blatant Karma-Whoring and Plagarism next time!
That's completely untrue. Here is the relevant copyright notice from K5:
Anything you write is automatically under a copyright, owned by you. By posting to K5, kennedy implicitly agreed to the above. That means that by stealing the comment and posting it here, TheDot has infringed on kennedy's copyright. No permission was ever granted to reprint that comment here. If kennedy wanted to sue, it'd be a pretty easy case to make.Now who to sue, or how, is another matter. I don't think that would be easy. But just because the law is hard to enforce doesn't make it no longer the law. This is the same attitude that makes people think MP3's are "in the public domain" just because they're easy to copy and the laws against it are hard to enforce. It's not true in that case, and it isn't here either.
--
There is no K5 cabal.
There is no K5 cabal.
I am not the real rusty.
Any sufficiently advanced technology looks like magic. In effect, we are modern-day "witches". Fortunately curcumstances today are such that we aren't burned at the stake right away - people tolerate us because we make their stuff work. When their stuff stops working they go back to piling up the tinder.
Be careful out there.