Slashdot Mirror
Too slow! FBI Shuts Down Hosting Service
Chope writes "If FBI agents showed up at your data center bearing a warrant, would you be able to provide them prompt access to customer data?
BZZZZT! I'm sorry, but you've taken too long to answer. We'll be confiscating all the hardware you use, er, used to use, to run your business. But we'll get it back to you 'real soon now.' Thank you for playing. CarrierHotels.com is carrying the story of a FBI raid on a web hosting company. When the hosting company didn't and/or couldn't provide the information the FBI was looking from its several terabytes of data within "several hours", the FBI decided it was more "efficient" to seize all the web servers and customer data as part of the FBI's investigation of a hacking incident."
and who says they abuse their power? (I wouldn't...)
Oh my, which one our corporate overlords were offended this time?
Ok, so it's faster to have to unplug all of the servers, carry them out of the building, put them on a truck, drive them several (dozens?) of miles, unload them from the truck, put them in a warehouse, re-plug them all in, and now have to datamine without the assistance of the people who operate the systems.
Was I abducted by aliens and brought to Bizarro world while I slept last night, or am I just missing something here?
Chris Knight is my hero.
if CIT might have been uncooperative. This article is very one sided and if it was taking hours and they weren't seeing it get anywhere then there might have been a legitimate problem. I don't know if taking the servers was the best solution but if they did it then there must have been something going on.
Evolution or ID?
Aren't there rules on how the FBI can act in these situations?
I thought there actions could not significantly damage a company's business if that company wasn't the one under the kosh.
It's not the ISP's fault in this case and they are the ones getting screwed.
So the FBI took the machines and were able to copy and peruse all data on the system, not just the data the warrant was for. Welcome to 1984!
Trolling is a art,
With Bush & Ashcroft in? Don't make me laugh.
There is no spoon or sig.
Only if you welcome an eventual police state, not my choice.
There has to be more to this story. From what the article says, the FBI just walked in and shut them down. While that might have happened this story seems to be extremely one sided and a little short on the detail.
Initially, I don't like the sound of it at all given that I host several domains and don't want the FBI coming in and taking all of my servers. But, we don't know what led up to the seizure....maybe it was a legitimate action? We shouldn't judge too harshly until we have all the information. I'm trying to play devil's advocate here.
"Wisdom is not a product of schooling but of the life-long attempt to acquire it." -Albert Einstein
I would be more worried about the fact that rather than being supplied with the data that they originally requested, they now potentially have the logs/records/recordings/information of all the transactions and customer records and IRC conversations ever hosted by this...
Will they delete the 'copied' data after they have finished, keeping only the information that they originally wanted, please this is v bad...
Thank God i dont live in the US
Kingdom of Loathing (www.kingdomofloathing.com) Addicted is me
I see the pro bush mods are out in full force.
Dirty religious dicks.
We lost our rights and our liberty a long time ago, when most of you bowed down before the war on drugs.
I'm slowly getting used to it. You should too.
Gosh, all of us guys that bowed down before the war on drugs are mighty glad you're so forgiving and stoic in the face of our failures. We will try, like you, to get used to the new tyranny, but I fear that we just haven't your courage in the face of adversity.
Anyway, thanks for the advice!
-- signed, The lowly yellow-bellies unworthy to stand in your shadow.
Phiwum's law: anyone that names an obvious law after himself and then puts it in his own sig is just pathetic.
What if a criminal escaped onto the street where your brick-and-mortar shop was located, and they closed down a several-block radius for as long as it took to find him? You think they should compensate all the businesses that were affected?
...
Well, what if there was a credible threat made by terrorists through the hacking? Perhaps time is of the essence, and tracking the person down could bring down a terrorist cell.
G
Marked troll already. That's slashdot for you.
Anyway this incident illustrates why the citizentry needs to be active in government instead of reactionary and "woe is me" after the fact. The government isn't very good at self-disciplining. That's our job. An absentee citizentry breds the results you see. Get out and vote in 2004. Get involved in local and national politics. Stop being a wallflower.
Is that if the FBI, ATF, *BI, or whoever seizes your property in the investigation of a crime, they are in no way liable for any damage that occurs to your property, if you can even consider it your property anymore, because, even if your property was deemed to have NOTHING to do with the crime being investigated, said above entities are not required to return your property. You have to SUE to get it back. Now how's that for some bullshit.
I bet there is more to the story than we are hearing. There was a search warrent from the "United States District Court for the Southern District of Ohio"
To get a search warrent you have to have something to go on already.
Evolution or ID?
My conclusion is simple. I will not use an US-American ISP.
my 0.02 $
That's the clumsiest analogy I've heard for a long time! Thanks for a lunchtime giggle!
what about their reputation for having illegal or compromising people using thier service. That reputation alone may be worse than the downtime.
Evolution or ID?
They don't do that, except in cases of people believed to be dangerous, and then only for a very short period of time. That's the point. They went WAY too far in this case.
WARNING: there is a trojan on your
> I haven't seen this story picked up on any other news outlet yet. And the
> article was posted on Feb 19th! What's going on here.
It's almost as if.... naaah. This is still a free country, right?
Then again, perhaps it's no coincidence that it was a frenchman and not an american who said `i detest what you say, but i'll defend with my life your right to say it`.
Land of the free, huh? Time for a new slogan.
We, my comrades, live in dangerous times. It is not the threat of "terrorism," for terrorists do not want to take away our liberty (directly). No, it is the threat of the United States Government. The treat is posed militarily to those outside her boarders, and by gross incroachments on fundimental constitutional rights and liberties against those within her boarders. The 4th Amendment to the United States Constitution is as follows:
The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.
So I say to you: is this not a blatant violation of the US Constitution? The warrent did not say to take the servers, did it? And where are the warrents of TSA people at the airports? where is their probably cause? where are OUR GODGIVEN, CONSTITUTIONALLY PROTECTED freedoms?
A search warrant is one thing, shutting down a private enterprise because a couple agents got impatient or paranoid is another issue entirely.
We keep hearing about liberal judges this and liberal judges that in the media, but there are just as many conservative judges giving law enforcement rubber stamps on warrants.
"The words of the prophets are written on the Slashdot walls."
I'm surprised that there hasn't been any discussion of Magic Lantern for awhile...
Wether you find this acceptable depends I guess on wether you find it acceptable that the police can investigate crimes beyond posting a little poster asking criminals to please come to the station and answer their questions and to bring in any evidence on their own.
Normal search warrants on an office mean that the FBI and police storm the building and everyone inside is ordered to stop doing anything. No more accessing PC's no shredding of documents no phone calls no nothing. The reason is simple to prevent evidence from being destroyed.
I am frankly amazed that they even allowed the company to provide the info this shows that they probably don't suspect the company but rather that they hope to find evidence against someone else on their systems.
There was a rather nasty ddos attack on mircx and aniverse. The FBI seems to be investigating wether the IRC network hosted by this company was used in the attack. There seems to be a lot of hints as to the person who was behind the attack but sadly in america you need that silly evidence stuff (at least for use against americans).
So the FBI asked and got a search warrant. They then gave the company time to hand over the data but they couldn't. So the FBI used the law and did what we expect them to do. Secure any evidence by removing access to it. They are even giving the hardware back. They waited wich they don't have to and give the hardware back after copying data wich they don't have to do. Frankly I think they went way beyond what they needed to do to minimize damage.
Quit frankly the original poster seems to be one of those people that want the police to disappear. That line about wich coorperate master they offended is clear bullshit. mircx and aniverse are hardly the powers that be.
In any society that doesn't chose to be an anarchy you have to give some powers to the police to investigate crimes. Search warrants are pretty common in all democracys and also work pretty much the same way. If you get one it sucks but so far noone has come up with a better alternative except to just allow criminals free reign.
MMO Quests are like orgasms:
You may solo them, I prefer them in a group.
Clumsy? LUNCH!?! I thought the analogy was more or less the only one possible; I mean, if a hosting company can be considered a place for businesses to be set up, and access is removed to that location, then what else would you suggest to be a better analogy? Now, finish your luncheon and start right in upon your afternoon tea. And a hint from across the pond: brush your teeth! ;-)
...
There is a lot that is not being said. Such as, did CIT cooperate? Did they obviously stall or with hold information? Did they claim to not have records they obviously had? This is not the whole story and maybe the only alternative to getting the information was to take the equipment. Maybe CIT gave them no alternative. We are speculating based on one sides point of view.
Moderators: I know this may be redundant but I was responding to his comment. He obviously didn't read the 50 posts in front of this one.
Evolution or ID?
If their business was based on not turning anything over to the spooks, well, so much for that idea.
I think the parent was probably referring to uptime guarantees, which the confiscation of equipment has caused the ISP to fail on, rather than anything to do with data privacy.
This is all just speculation, naturally, but such a scenario would be very similar to other fourth amendment workarounds--perform broad, illegal searches (e.g. infrared through walls, which is inadmissible in the U.S. without a warrant) to target homes for additional surveillance. From the results of that illegal search, "happen to" notice something "on routine patrol," then get a warrant, and voila`--untainted evidence usable in court.
Call (206) 338-5780 COLLECT for information about a genuine BA, BS, MA, MS, MBA, or Ph.D.
It seems that many people didn't read the text. The FBI had a warrant, which means they had to go before a judge, justify the need, and spell out what would be looked for/taken. If it wasn't initially spelled out that the servers would be taken, they might have had the warrant amended as such. Before some of you "conspiracy theorists" start screaming about a police state and such, the FBI was acting in the bounds of the law, under a warrant issued by a judge. John Ashcroft and George Bush had nothing to do with this. Maybe once you stop looking for black helicopters, you can see this. As for those of you saying you're glad you don't live in the US, we are the most free, most law-abiding country in the world. While we may not be perfect, we're the best thing going. Sorry if I'm offending anyone, but I'm tired of hearing knee-jerk reactions to things, without anyone reading the facts. Believe it or not, not EVERYTHING the government does is wrong.
Liberalism...the next best thing to thinking.
You are a cop and arrive at a murder scene with a dozen doctors standing around the corpse. Would you really allow any of these medical experts to assist you with determining the cause of death?
A shutdown machine cannot erase data and the fbi got the tools to simply copy data from HD's without the computer it was in being involved. This prevents any chance of the data being destroyed.
Saying they replug them back in at the fbi shows you have no idea of what is involved in this kind of investigation. They copy the HD's directly and completly by taking them out and putting them in their own hardware.
How the fbi does this kinda stuff has been discussed often enough on /.
This is nothing else then the police sealing of a crime scene. Any inconvenience is considered though luck. It really is no different from streets being closed off to allow marathons or demonstrations or repairs. Yes they do attempt to minimize damage but the investigation comes first.
But lets turn it around. If the FBI raids a place like enron would you find it acceptable if the bosses were allowed to keep making phone calls and keep working on their pc's and play with their shredders as they could loose money if the police removed access and took everything away?
Of course not. Just because this is a small hosting company doesn't change the law.
MMO Quests are like orgasms:
You may solo them, I prefer them in a group.
How long will the FBI retain the hardware for? I'm not sure that the police would stop trading in a location involving more than one business/shop for what would be days/weeks/months just to catch one person who's allegedy committed a crime. Perhaps you could point me in the direction of some information about such a case.
Afternoon tea isn't for another hour and a half, but i'll raise my mug of Assam tea to you when I finally get around to it. And my teeth are fine, thanks!
Cheers!
Perhaps someone can clarify this for me... the article/letter seems to point to the FBI seizing CIT's entire data center... Now, as big as they seem, I am sure they have more than just one hosting customer, and more than one IRC server... so did the feds just take the IRC servers, or the hosting servers too?
The reason I question this is the legality of seizing an entire data center like this. For example... lets say CIT had 10 web servers and one IRC server. On those 10 web servers there are 5000 web hosting customers.
Now, the feds want to track ONE user out of 5000 hosting customers, and God knows how many IRC users on the one IRC server, but instead take all 11 machines. So they have, in effect, seized the IP of 5000 innocent people to get the effects of only one.
This to me, seems akin to having the FBI sieze property from every house in a subdivision to get evidence on only one resident.
Given the state of IP law in the US, and how thanks to things like the DMCA and other legislation, IP is being treated like a tangible, wouldnt the FBI have to A: justify seizing the IP of all those customers, and B: be answerable to legal or civil suits regarding lost revenues? What about lost data?
"Our funds have never taken part in toxic or death spiral convertible financings of any sort" -BayStar's managing partne
> To get a search warrent you have to have something to go on already.
Are you talking pre-Patriot act or post-Patriot act?
I was under the impression that anything labeled "national security" gave officials the right to do a search.
the guy behind it seems to have been boosting about about a 200k botnet. 200.000 machines under his control. I think this is no longer some harmless hacking. This is stuff the fbi needs to investigate cause quit frankly nobody else seems able to stop this.
So unless you believe the net should be total anarachy ruled by those with the most bots then this kinda off stuff is sadly needed. To bad for those caught in the crossfire but that is live. Nothing really different from when all trains are disrupted because someone jumped in front of one. A marathon closing off all the streets despite the fact you hate sports. A demonstration causing massive gridlock despite the fact that only 200 people in a million people city are taking part.
Live sucks at times. Really this story shows that /. is getting more and more tabloid. A serious tech site would have asked what the fbi was investigating and wether the hosting company was hosting the person investigated or had servers wich were hacked or was simply a place where the hacker might have left evidence.
MMO Quests are like orgasms:
You may solo them, I prefer them in a group.
George Dubya and John Ashcroft should read this.
If a nation values anything more than freedom, it will lose its freedom; and the irony of it is that if it is comfort or money it values more, it will lose that, too.
-- W. Somerset Maugham
I hate to be the bearer of bad news, but the FBI has been doing this in computer crime cases since the last few years of the Clinton administration under that bastion of civil liberties (nevermind Waco, Ruby Ridge, or Elian Gonzalez) Janet Reno, and it didn't require several TB of potential evidence to make it happen.
The FBI will attempt to work with any provider in order to get the data they need to investigate a crime. If that is impossible to do in a 'reasonable amount of time' they have little choice but to confiscate the equipment in order to copy the existing data from the machines to conduct a forensic investigation. A reasonable amount of time is generally a couple of hours to a day. Believe me, the last thing some poor special agent wants to do is sift through TBs of customer crap and put a company out of business or under financial hardship.
Remember the Alamo, and God Bless Texas...
I 100% agree. I get in political discussion with folks who complain about the system not working...when I ask if they write their representatives they say no. I ask if they vote, they say they aren't registered. How dare someone say the system is broken when they've never bothered to participate!! Register to vote if you haven't already and GET OUT AND BE HEARD. Vote on election days, write your senators and representative whenever you have something for the government to hear. A government of the people means we are their bosses! They don't listen to the majority, they lose their job. And don't say to me "the /. geeks will never be the majority" until you all are registered to vote and participate in our government! It's more important for us to do it now more than ever...
perl -e '$_="\007/4`\cp%2,".chr(127);s/./"\"\\c$&\""/gees
One more reason to get hosting based outside the US, if your site does anything but blindly wave the flag and speak the newspeak.
It won't help. People won't vote third party, they only vote for the current reigning Demopublican party.
The democrats and republicans use rhetoric to convince the less intelligent that there's actually a difference between the two, assuring that almost everyone votes democrat to vote AGAINST the republican, or republican to vote AGAINST the democrat.
Unfortunately, there's no appreciable difference betwixt the two, so we're condemned to continue down the slippery slope.
This company appears to have had terabytes of data. Lessee:
is oh, about 40 bytes. Say there's a comment every second of evey day... a terabyte would hold over 20,000 years of such comments. Or 20,000 such IRC channels for a year.
Sure this doesn't account for file trading, dead channels, bots, etc... but it gives you some idea about the amount of data in a terabyte, and if you think there is anything anonymous about IRC, think again...
in fact, this comment will probably be stored somewhere for way too long.
I read every single one, fine thank you. The article too.
Maybe we are only getting half the story, and maybe we are getting all of it. The difference is that I am relying on the information I do have and you are relying on information that _must_ exist, but have no proof of because you can't believe that this kind of thing would happen otherwise.
I believe it is entirely possible that the FBI acted in such a manner because they felt that CIT was either stalling or even destroying evidence. I can only assume that they presented this theory to a judge, backed it up with some evidence and got the warrant. However, all of that is speculation.
I worked in the legal system on both sides of the coin as a paralegal before I saw the light and switched to IT. I can only go on my personal experience when I say that this could indeed be the whole story. I have personally seen judges rubber stamp warrants with zero evidence and I have seen judges refuse to sign warrants with all kinds of evidence. I have seen law enforcement officials embellish and even fabricate evidence for the purpose of getting a warrant and I've seen law enforcement officials vehemently defend a defendant's rights.
My point in the previous post, may have been a little incendiary, but the point is DO NOT discount the story simply because you think there MUST be more to it, when it could simply be all there is to it.
"The words of the prophets are written on the Slashdot walls."
Like a lie? As a former LEO I've seen search warrants that were based on 100% lies. "Anonymous" or "confidential" sources are the classics. Or just squeeze someone to lie and bam!, you're in business. Twisting the facts into probable cause like "container with a white powdery substance found on suspect's vessel. Possibly narcotics." You know that it's flour in the galley but that part is just left out. Telling half the truth is still a lie, something most cops ignore.
I suspect they were fishing, looking for one piece of data but really wanted a reason to grab everything (like all the irc logs). It's possible that the company pissed the agents off (by not bending over on command) and they're just getting a little revenge.
Please, do not trust the police. They are there to arrest as many people as they can (and these are the "good" ones). Rogue cops are a nightmare. Ever wonder why most of the time when a police action is investigated it's only done by cops or an ADA (nothing more than a cop in a suit)? Isn't that like Tony Soprano investigating a mob hit? Law enforcement in the US answers only to themselves.
Do a search on news.google.com and find news stories about cops that broke the law (beat downs, dealing drugs, OUI, etc.) and you'll find almost everytime they've received a much lighter sentence (if any) than the average joe. Welcome to the Pig States of Amerika. I guess Abby Hoffman was right.
"Quis custodiet ipsos custodes?"
Well, it makes for a better story to say that the poor web hosting company was raided by the FBI and stripped of all their equipment for no reason other than they couldn't react fast enough.
It's like when you see those videos of supposed poilce beatings where they only show the part where the cop is whacking the guy with his night stick. Nevermind the ass whooping that the suspect tried to give the cop 30 seconds prior. That seems to matter none. Just go for the most sensational story possible.
Exactly.
:-)
And for the other customers, the FBI raid is a non-issue.
Basically, if they guarantee MY server's uptime, and MY server is confiscated due to them not providing the data on another customer (important point) in time, THEY pay ME. Their fault.
OTOH some customer's may realize that 99% uptime mean an agreed upon downtime of about 3.5 days which CAN be taken in one block
Well, that is easy to remedy - DON'T KEEP ANY LOGS. Fuck 'em. If I remember correctly there is no law that says an ISP/hosting company/etc. are supposed to keep logs. Give your customers the same option - clean wipes on the logfiles. Yes, of course, the data stored in customer databases is still fair game but at least you are giving them some privacy options.
Dream as if you'll live forever.
Live as if you'll die tomorrow.
~Anonymous~
Absolutely, they should provide full compensation for everybody who is affected. Shuting down a business (or detaining an individual) is a penalty. Under no circumstances should a law-abiding business (or individual) be penalized for the actions of somebody else. If the court finds no other way to solve the case than by penalizing innocents, then at least they should be compensated for the time, effort, and lost business.
What if a criminal escaped onto the street where your brick-and-mortar shop was located, and they closed down a several-block radius for as long as it took to find him? You think they should compensate all the businesses that were affected?
Since a net based business lives on it's servers, we'll have to adjust your analogy a bit.
What if a criminal escaped onto the street where your brick-and-mortar shop was located, and they hauled the building and it's contents to their warehouse for a few weeks? You think they should compensate all the businesses that were affected?
Considering that most of those businesses will otherwise fail leaving their owners and employees without an income, YES!
Basically, if they guarantee MY server's uptime, and MY server is confiscated due to them not providing the data on another customer (important point) in time, THEY pay ME. Their fault.
Wrong. There is a clear common law legal principle that is considered inherent in contracts. You cannot contract anything that is a violation of the law.
In this situation, the facts are rather murky. If the hosting company was the cause of the FBI seizure then you might have a contractual violation. But the hosting company cannot be held to have violated its ToS because the FBI made a unilateral decision to seize equipment. The alternative that you suggest is that the hosting company resist compliance with the search warrant and ultimately the seizure. You, as a customer, cannot insist on that...no matter what your contract says.
I have believed for a long time that more Americans should be voting for the Green party. There are many who prefer the Green's stand but fear that a vote for Green is a vote wasted and would only serve to help put the Republicans in office. I suggest accepting the (relatively) short term pain of Republican rule and looking at the long term.
Currently the Democrats and Republicans are essentially different flavours of the same poison. Forget the next election, forget the next five elections. Even if the Democrats gain power they will produce more of the same crap. Vote Green in the next election - they won't get much this time around, but if everyone who wanted to vote Green did, then the Greens would probably make the coveted 5% mark, which means more money. With more money they could do better the next time around, and after two or three more elections they could mount a real challenge to the status quo (if they manage to not become a part of the status quo).
Forget tomorrow; tomorrow is already a disaster. Think of your children and think of your grandchildren.
As for the Green party itself, getting Nader elected (as implausible as it may be) would not be a great triumph as I can easily imagine the dems and repubs in the houses making his life hell. The Greens need to seriously focus on getting seats in the two houses. With balances teetering at 51-49 for a long long time, the Greens getting just a few seats and being able to tip a house one way or the other could provide a breath of fresh air that American politics has needed for a very long time. Why the US generally believes it can only function with a two-party political system (with little difference between the two) is baffling and perhaps a little sad.
RTFM; please, I beg you.
Voting for the lesser of two evils is better than not voting at all. If you're about to be killed, and the murderer says "should I use this shotgun and blow your head off, or stick you with tiny needles until you bleed to death?" would you make a choice or let him choose? Not to say that our government elections are akin to murder per se (though some might interpret them as such).
Government participation is important after the election too, there are many websites that make it easy to send letters to your elected officials to tell them your opinion. That way you can make a difference every day for their elected term, instead of just once every few years. Don't say I'm full of shit if you don't try.
perl -e '$_="\007/4`\cp%2,".chr(127);s/./"\"\\c$&\""/gees
If everybody in the FBI acted based on morality there would be no replacements to be had.
Solidarity is what's necessary but everyone assumes the worst about their neighbor, and so they'll blindly commit evil acts on the assumption of inevitability.
That may be practical reality but is it desirable?
Not a perfect translation, no.
However, with a context free grammar (!) and some herustics with a spell checking engine, you can get conversion to something that is much more readable.
For example, I ran
through my munging engine and got
(I prefer to leave 1337 as leet, cos I don't think it's really transatable to formal english.) It's not perfect, but the time to read drops down to something approaching printed english.
More relevently, as one can learn to read 1337 and other forms of munged english to the same speed as normal text, this step drastically cuts the learning time down, to about 20 minutes (for me, anyway).
So, what you say was strictly correct, but for practical purposes, the majority of it can be fixed. Certinally, for review by people not familar with it, it's handy. Still needs to have the original check, of course, but that would always have to happen anyway.
1.) Foonet/CIT did cooperate. 2.) Warrant was sealed. 3.) Not many, if any, got "free" accounts there. 4.) 300 or so servers were taken. 5.) Agent responsible to contact hasn't been returning calls/emails. 6.) Only a couple of machines have been returned, some should be sent out today. 7.) Warrant was served on a house which contained foonet/cit, Paul, his very pregnant wife, and two small children. 8.) Paul has always cooperated with the FBI. 9.) A 200K botnet would have clogged the lines Foonet/CIT was on, get real for pitys sake, 200K? lol 10.) Those crying DDos kiddies being freely housed are mostly terminated customers. 11.) The ownership of Foonet/CIT had recently changed, some guy named Jay owns it now. 12.) Nobody directly working for/owning Foonet/CIT knows why this raid was done, why do kiddies claim they do? I'm going to work now, feel free to flame. Sincerely, Kelly
I write my representatives. And I vote. Know what? It still doesn't make a damn bit of difference so long as at election time I'm given no real choice.
As Bill Hicks put it, "I think the puppet on the right shares my beliefs. I think the puppet on the left is more to my liking. Hey, wait a minute, there's one guy holding both puppets."
The majority are easily led around by those in power. Most Americans beleive that Iraq as involved in 9/11 and that we have found weapons of mass destruction in our invasion there. Our "leaders" have gotten people more disturbed about destroying a flag than about destroying the land that the flag represents.
The game is rigged. Third-party candidates are doomed from the start. Any candidate talking about real change is not permitted to get past the primaries - look at how they savaged Dean for speaking truth. Betting on a Senator for re-election is about the safest bet you can make, and Representatives only risk losing their seats if their opposing party gets ahold of the state legislature and manages to redistrict them out.
So, yeah, I vote, I give to the ACLU, I write my Congresscritters, but I don't expect it to make much difference. Me, I'm looking for Yin revolution. And if that don't work...well, that's why there's a rifle in the closet.
Tom Swiss | the infamous tms | my blog
You cannot wash away blood with blood
I remember exchanging emails with Timothy McVeigh who murdered 270 people in Oaklahoma. He murdered those people because of this type of crank theory. We have put up with this right wing crank politics for too long.
The fact is that the Waco loonies killed themselves, the Ruby Ridge guy was responsible for everything that happened and Elian Gonzalez should be back with his father. Castro is almost 80, not many dictators make it to 90 and are still in power. By the time Elian leaves school Castro will be dead. But I can see why a bunch of right wing cranks who talk big about the importance of family would think it would be better that he is kidnapped by a bunch of his relatives looking to exploit him for political purposes than grow up with his father.
Sure the FBI has done a lot of things that are stupid or outright corrupt. Hoover used the FBI to persue his own vendettas, he refused to prosecute the mafia. That does not mean that the federal government is at fault in every case and it certainly does not mean that the events cited by right wing cranks are proof of abuse. The persecution of Charlie Chaplin and John Lenon were abuses. If some nut gets some guns, holes himself up someplace and threatens to shoot members of law enforcement who might be looking to arrest him, well anyone who gets shot is primarily their responsibility, same way that 9/11 is primarily the responsibiliy of Al Zawahiri and his frat boy friend Bin-Laden. Sure the CIA and FBI screwed up big with 9-11, Freah's people thought the war on drugs was a higher priority than terrorism. But keep perspective here.
Believe me, the last thing some poor special agent wants to do is sift through TBs of customer crap and put a company out of business or under financial hardship.
Absolutely right, unless there is an ulterior motive. That is not very likely in this case. If the FBI were investigating planned parenthood or another group that John Ashcroft is opposed to politically there might be an issue. There has been a lot of suspicious uses of the IRS against political opponents under Bush II. Ashcroft has endorsed a lot of extra-constitutional activites but so far the FBI under Muller does not seem to be a problem.
I suspect what happened in this particular case is that the agents thought that the hosting provider were simply not interested in complying. They probably met a sysadmin that gave them some attitude.
What we need here is a better way of serving this type of intercept warrant so that the parameters of the search are predetermined and understood by the court. We have this for IM intercepts so it should be possible to define it for IRC
Looking for an Information Security student project suggestion?
Try http://dotcrimeManifesto.com/
First part true. Separating the wheat from the chaff is a pain and slows the investigation. (Unless you can use the wheat for future investigations, but the Agents aren't getting paid to go on fishing expeditions yet.)
Second part untrue. What makes you think the Agents gives a flying fsck through a rolling doughnut about collateral damage to some business he's never heard of and isn't paid to protect?
I mean, what's the collateral damage gonna do? Sue an Agent? (Score +6, Funny) Sue the Agent's employer? (Score +7, Hysterical) And what if through some sick twist of fate, they win such a suit? (Score -8, Witness of Evolution In Action).
There's three kinds of people in the world. Cops, perps, and perps who haven't been caught. Power corrupts, but power without accountability is an awful lot of fun.
If you're in college, consider majoring in Criminal Justice and joining the winning side. You can be under the gun, or you can hold the gun. Better to be a killer than a victim.
A database of that size should not be solely hosted on 1 machine for backup purposes... They should also have had their lawyers there "Just in Case"... But they should have been able to work with them to provide them any information they require listed in the Warrent..
The one serving the warrent should stand to reason.. If the provider was going out of their way to provide the information in the fastest possible fashion that has to be acceptable... But I guess something like this needs to happen from time to time to keep everyone "Incheck" with the gravity and importance of their work.. Right off the bat they should have been furnished with all complete backups and incrementals... That should minimally fullfill their needs... then work could bein to satisfy their needs in a more suitable manner to eliminate information they do not need and slim down everything in a orderly neat fashion... But if they have a poor archival backup system they could be done in for which is their own fault.
Who needs WiFi when we can have Packet Over Sheep! http://datacomm.org/PoS-InternetDraft.txt
The problem is the ratio of times that terrorists are *really* involved.
How many major terror acts are perpetrated or confounded each year relative to how much we've seen "The War on Terror" used to justify anything and everything anyone can get away with. Funding for every agency under the sun derives from whether they're combatting terror. The DOE needs money "to combat terror" by developing methods to protect our utility grid. The DoD needs funds to "help combat terrorism" by developing new monitoring and data-mining technologies. The CDC needs money to "help combat terror" by producing vaccines. I'll bet that even the Department of Agriculture has funding initiatives based on "terror" somewhere -- maybe they want to monitor use of crop dusters, who knows.
It's freaking ridiculous. The "War on Terror" certainly saves lives, but the amount of resources that have been claimed in its name *vastly* outweigh the amount of damage that terrorism has done to us. A lot more people lost their lives to car crashes in 2001 than to terrorist attacks. Did we have black helicopters ready to swoop down on speeders? How about long-range alcohol sensors? What about armed guards at strategically-placed toll booths that search cars and people thoroughly for any kind of alcohol? All these sorts of things have been done in the name of "The War on Terror", instead of being used in an area where more American lives are being lost. The "War on Terror" is, frankly, a tool based in fear to help manipulate the masses. It has little practical value.
I claim that terrorism on the order of at 200:1 life amplification (roughly what the 9/11 terrorists achived -- something like 4000 lives to around 20 terrorists) cannot be eliminated without massively curtailing and altering a free society. There are just too many ways for a person willing to die to kill many people.
I would like to point out that people are only willing to throw their lives away if they are incredibly upset over something you've done. You don't see Iceland coming under terror attacks, because Iceland doesn't anger people to the point of being willing to die to kill Icelanders (or whatever a citizen of Iceland is called).
We have spent masses of money and effort on trying to figure out how to crush terror rings, on making people so afraid to resist the United States that they won't dream of it. The problem is, it can't be done. The Soviets couldn't crush resistance with years of secret police and encouraging children to inform on their parents. I don't think Bush Junior can do so in our society. Sheer force and fear just don't work when you're dealing with people who are willing to lose their lives to kill. You have no cards that they are interested in.
How much money has been spent on diplomatic and social solutions to eliminating terrorism? Supposedly the United States has a negative image in Islamic countries -- how much work have we gone through to improve that image? How much effort has gone into determining the things that are making people so angry that they are willing to *die* to hurt citizens in the US and resolve those issues?
A lot of people feel that trying to resolve things peacefully would be "giving in to the terrorists", and encourage future terrorist acts. I don't agree. The only value to a hard-core refusal to ever attempt peaceful solutions is as an attempt to establish prescedent governing future acts -- that no terrorist would ever be willing to attack the United States if it was *guaranteed* that doing so would hurt his cause, and damn the consequences to us in hurting that cause. The problem is, the prescedent has clearly not been established during the time we have taken a hard-line approach. The United States was attacked several times, despite having followed tough guidelines for dealing with terrorism in the past.
I'm curious as to what would happen if the 70 billion or whatever dollars that are being spent to keep us in Iraq (which at least originally was supposed
May we never see th
Given that Randy Weaver's wife was shot at Ruby Ridge in August 1992, I'm wondering how this is Bill Clinton's and Janet Reno's fault. Or was Bill somehow responsible for this even while he was still governor of Arkansas?
And do you seriously believe you can pump out TB worth of data within hours? Even with fiber? Ok not to mention the storage requirements for them to haul it out of. This posting makes me believe you might be an Ashcroft fan or supporter or government worker. Surprise? not really. Best thing for this country entirely is get Ashcroft and Bush out of Office. But if it has to be on I would say Ashcroft.
It's like when you see those videos of supposed poilce beatings where they only show the part where the cop is whacking the guy with his night stick. Nevermind the ass whooping that the suspect tried to give the cop 30 seconds prior. That seems to matter none.
Resisting arrest and assualting an officer are crimes. These crimes are to be tried by jury and if the defendant is found guilty, punished. The trial and punishment is not to be to sumarily given by police. The police are entitled to use force in their efforts to subdue a suspect or protect themselves and other from a suspect. They are not entitled to beat a suspect as retribution.
I wrote a letter to a DA once about a slashdot story. I was really irritated that the DA would prosecute someone who was just demonstrating how a security hole worked for a company.
Several months later, I got a letter from the DA. Now she could talk about it, as the case was over. Turns out the guy pleaded guilty. He not only had demonstrated the hole, but before he had been running all over the company network doing stuff that was clearly not legal. I felt like such a heel writing a letter of support for this sod.
This story, of course, was never posted by Slashdot to my knowledge.
So while I do not discount the story, I'll start by asking for more information, and not by calling the FBI a bunch of jerks. (I'll do that later when I have more info, and am reasonably sure I won't stick my foot in my mouth.)
Absolutely right, unless there is an ulterior motive.
The agent that siezed the equipment probably has a boss who expects to see progress, and that progress is probably propagated up the line to the point where the details have been filtered out and it's just a number on a spreadsheet of how many computer crimes have been procecuted in the last however many days. The ulterior motive is to look like he's being productive in order to keep his job.
As an aside, if you think it's Castro that's still in power in Cuba, you're very naive. Look at the recent events there and you'll see it's clear that those close to him are taking steps to retain power when the man himself is gone. Then again, perhaps you're just one of those left wing cranks (whatever the hell a crank is) that comes to conclusions about what US foreign policy should be based on feelings instead of the painful facts. No wonder congress has to keep bickering about wether we should maintain travel bans and trade sanctions against Cuba.
There's almost certainly more to the story. I've had some experience with FBI "raids" where I used to work. It was a semi-large hosting provider in south Florida. I worked there from about 1999-2002. In that time, we had FBI "visits" at least 5 times in that time period because of nasty stuff our customers were doing.
Not ONCE did the FBI leave the property with our machines. The key was cooperation. The FBI agents knew what would happen if they left with our equipment, and knew that we would do everything in our power to help them get the job done without having to resort to that.
Heck, I even showed them better ways to get data off of the machine. We had a good working relationship. They'd show up with the warrant/subpoena, we'd go pull the machine that had the data they wanted. We'd assign one of our technicians (usually me) to help them copy everything over. They'd be out the door with whatever data it was they needed by the end of the day on hard disks they brought onsite with them.
The fact that the FBI left with their machines indicates to me that the provider did something stupid to piss off the agents. They probably made everything as difficult as they possibly could, and the FBI agents got sick of it, and said, "Screw this, I can get this done in the lab without all of this bullshit."... and then they did it.
In my experience, most law enforcement (especially FBI) consider themselves professionals. Usually, they're not out to get you personally, they're just out to do their job. If you don't make their day any harder than necessary, they're not going to make YOUR day any harder than necessary.
So to the extent that you feel you can, MAKE THEIR DAY EASIER. They'll tend to do the same.
No wonder congress has to keep bickering about wether we should maintain travel bans and trade sanctions against Cuba.
Because clearly the 40 or so years of sanctions have worked.
Meanwhile, we give most favored nation trading status to China.
-dave
/., where "Apple and Google provide Iran with nukes" will be refuted with "But Microsoft is a convicted monopolist"
If I were the ISP, I would just not keep logs. Then there's nothing to turn over, right?
My other car is first.
And most likely, the FBI didn't tell the hosting company exactly what it is they wanted. When the Feds come in with a search warrant, they don't ask for your help. They say, "stand aside" and commence ransacking.
Why should I argue rationally with someone being irrational? I'll just mock them instead.
Randy Weaver (the "Ruby Ridge guy") was not responsible for the deaths, the FBI was. An Idaho court found this to be true, but as federal agents the people responsible were not answerable to a state court and they literally got away with murder.
The rules at the time were that any Cuban who made it to USA soil was eligible for asylum.
Buy why am I even discussing this with someone who exchanges emails with mass murderers? Or did you lie about that, too?
If all this should have a reason, we would be the last to know.
I love how those on the left (not to say there aren't those on the right who do the same thing) see it as troubling if the FBI abuses their power when dealing with left-aligned groups (like planned parenthood or John Lennon), but it's ok if it involves those on the right (like the "gun nut" at Ruby Ridge, or the Cuban expatriats in Miami). Personally, I think they're all troubling, and to say that the FBI under Ashcroft is any worse than the FBI under Reno is pretty naive, IMHO.
"If English was good enough for Jesus, it's good enough for everyone else."
The agent that siezed the equipment probably has a boss who expects to see progress, and that progress is probably propagated up the line to the point where the details have been filtered out and it's just a number on a spreadsheet of how many computer crimes have been procecuted in the last however many days. The ulterior motive is to look like he's being productive in order to keep his job.
Ah, there's the rub.
Behind every job is a human being. That job could be something as heroic and altruistic as a fireman, or something as shady and questionable as this FBI guy. What all the folks in the country need to realize is that all the things we bitch about are being done TO us, BY us. If people would refuse to fill jobs that had questionable consquences, things might be different. We will never know that, since we all have bills to pay, and somebody will always take those crappy jobs.
What I find fascinating is that so many of us have jobs where the harmful consequences are so far down the chain that we can't even see how we have contributed. But alas we are all a part of our own mess.
The House Between - Original Sci-Fi Series
Now there's an idea. If you truly want fault-tolerance, then you need your computers physically spread out over multiple governments' jurisdictions.
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
So giving the Police the right to trash anyone's home or business is the only way to prevent anarchy? The only ways that are at all possible are this way, or the small poster way?
Besides the option of a large poster, it seems to me it would be possible to have a system where the police can search for evidence with a warrant, but have to pay for any damages they cause if the victims turn out to be innocent.
The current system invites abuse. The police don't even have to frame anyone they dislike enough to get them convicted, only enough to get a warrant. Evidence can be hidden in furniture, walls, cars etc, all of which can be smashed down in the search for evidence, easily costing any uppity person $100k+.
Abuse of police power is arguably a bigger problem in the world than regular crime, so don't think it's a small issue.
I would like to ask this person: was it worth it? Is the evidence that this will result in, going to have value that exceeds the harm? Did you even ask yourself that question, before you signed the warrant?
I guess you can blame the FBI too, for bringing that unsigned warrant to some judge to be signed. But the responsibility ultimately fell on the judge.
Who judges the judges?
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
Offsite Backup
A data center adds this risk, which needs to be considered in a disaster recovery plan. Do you have off site backups at your hosted site? If the hosting site has the tapes, they may included when the warrant is executed. Your equipment may be swept up in a search of the datacenter, your first notice may be the watchdog scripts
If you think Reno was a leftist, you need a bit of study.
That said, yes, it's worse. A part of the reason is things like the "Patriot" act, which mean they don't have to care, even more than they already didn't have to care. Another part is that an entrenched authority has an inbuilt tendency to get more authoritarian (there are other tendencies, leading to other forms of corruption, also). If you wanted to reform the FBI, you would need to make them accountable for their actions. You would probably also need to replace the entire upper echelon of management. (There might be honorable & flexible individuals, but you couldn't identify them.)
Still, you are correct when you say that the left is no better than the right. That's not where the problem lies. Concentration of power into people who aren't held accountable for the misuse of it is the problem.
I think we've pushed this "anyone can grow up to be president" thing too far.
The existence of right wing cranks is not proof of abuse, but it is also not proof of innocence on the part of the FBI.
" sorry we don't log that data for more then 24 hours " or some other excuse..
Face it, all transactions must be logged and kept forever, or face the wrath of the government...
And if you get caught trying to delay, or reduce said logs infinite length of retention, expect a jail sentence for obstruction..
---- Booth was a patriot ----
Well, I've definitely done that while working on the defense side of the table. You tend to distrust your clients, but every once in a while they come across pretty convincing. Then 6 months in you not only realize that your client was lying, but they've done a bunch of other things to make your job impossible, unfulfilling, and distasteful. That's why I moved on.
I rarely blame law enforcement for taking extensive measures, trying to bend the rules. Its their job to do that. What I really became disgusted with were judges that routinely threw the Bill of Rights out the window OR the gutless wonders absolutely terrified of being overturned. Its their job to keep law enforcement under control; to balance the rights of the individual versus the greater good. There are a great many out there that are not doing their job.
"The words of the prophets are written on the Slashdot walls."
It was Reagan that kept telling us that sanctions would not work in South Africa. Only they did work, apartheid is gone.
Forty years later sanctions and the image of Fidel and Che are the only things keeping the Cuban communist party propped up. Castro uses sanctions the same way that Bush uses Al Qaeda, as an excuse for every failure of domestic policy.
The Cuban sanctions have failled because they have the exact wrong psychology. The only thing Cubans have that they can feel pride about is that they have taken on the greatest superpower and won. Kinda stupid thing to be proud of but that is what is keeping the bastards in power.
Open the floodgates to tourism and there is simply no way the communist party is going to last more than a few years. They will go the same way that the USSR went, their people will just get fed up.
Looking for an Information Security student project suggestion?
Try http://dotcrimeManifesto.com/
"The rules at the time were that any Cuban who made it to USA soil was eligible for asylum."
Rules be damned...the truth is a little kid probably doesn't give a flying fuck about your immigration law and would rather be with his Dad than a pawn in some international pissing match to advance the agendas of people who down't even know him.
Elian Gonzalez
I'm glad you brought that up. I for one was disgusted that Cubans who fled Castro, stealing all the wealth of the country, were not able to deprive a father of custody of his child.
How dare the U.S. use agents to rescue a child from people who do not have legal custody and return him to his father. What a police state.
No reasonable person would be in favor of a state without police...that's just a straw man argument. The issue here is that the FBI can just shut you down simply because it believes you're doing something wrong, and you don't get any compensation regardless of whether or not you really were doing something wrong.
If I'm hiding coke in my sofa, and the FBI raids my house and confiscates the sofa, I have no reasonable expectation that I will ever get the sofa back. If they also take apart my easy chair looking for more coke, but don't find it, then, well, I shouldn't have been hiding drugs in my furniture. Tough luck.
However, what if the FBI screws up, and they don't find anything, even though they trash all of my furniture? It seems pretty reasonable that they owe me the cost of all the furniture, EVEN IF there was no way they could have known. In other words, even if they cross all their t's and dot all their i's, if they don't come up with anything, they still wrongfully accused me, and thus they owe me compensation.
By the same token, if they shut down a business, and they don't find evidence to accuse the business owner of a crime, the FBI should be responsible for every penny the company lost while their equipment was getting sniffed and probed by the FBI nerds, plus something for their trouble.
There's no reason why I should have to sue to get compensated...if you're not going to falsely accuse me I should be automatically compensated the instant my name is cleared.
The problem is that as it stands now is that the FBI could just hose an operation like 2600 for some minor offense and just keep their equipment indefinitely. Accountability, especially the financial kind will go a long way towards preventing the Gov's cronies from abusing their powers.
But there is another kind of evil that we must fear most... and that is the indifference of good men.
Actually, it has nothing to do with what some poor FBI agent wants to do. It has to do with what some U.S. Attorney wants to do, and yes, they often times want to put a company under financial hardship, as it's much harder to defend yourself when they've taken all of the records. Trying to get it all back in a reasonable amount of time before your business goes under is an exercise in patience, to say the least.
creating a mirror of said data, while not cheap, should not take on the order of more than a couple of hours, provided hardware is available.
For a raw backup, that is true. However, I know I would be hard pressed to just come up with a spare couple TB RAID unit for such a mirror right this instant. I could order one now, but it would take a day or two to get here.
If the FBI brought such a RAID along, it would be just a few hours. Either they were not prepared to actually recieve the data in bulk, or there's an important part of the story missing.
OTOH, there is DLT, but that's not much cheaper and IS much slower.
The alternative would be to attempt to grep for the relevant information and write it to a big IDE drive (which would be a lot more likely to be just laying around somewhere). However, actually grepping the data would slow things down even more than writing to DLT.
This is one of those times where the government violates all constitutional protections to the point that citizens so violated damn near have a DUTY to exercise their second amendment rights. There is no excuse for the government putting a company out of business if their only requirement is to copy data. And if the FBI is unable to do so on-site in an orderly manner, it is their failure not the fault of the ISP. ISPs have long been given the protection of a "Common Carrier" just like the telcos. They are not responsible for monitoring the content of user conversations any more than ATT/MCI/Sprint are to monitor personal phone calls. Can you imagine the FBI shutting down AT&T and confiscating their equipment because a couple hackers were discussing DDoSing? It really is getting to the point that US citizens need to start pushing back against an overbearing government. Quite frankly, take away cable TV and consumer goods and little separates the USA of today and the Soviet Union of the 1960s and 70s as far as freedom and liberty go.
Zero damage done to "an innocent ISP". CIT aka Foonet are far from innocent of anything.
Yeah. Honestly, I thought about this when I originally wrote my comment. I briefly considered doing a little Googling to get some background on CIT, mainly because I know that part of the fun of Slashdot is there's always someone here who know much more -- about some subject, however esoteric --, and that someone inevitably comes along to challenge your assertions.
But then I remembered that I'm an American, and that in America everyone no matter how despicable, is innocent until proven guilty.
And that is the sense of "innocent" I was using -- particularly apropos when one considers it was the FBI which was involved.
And whatever CIT has done, no matter how bad, it's not bad enough for us to sacrifice our liberties so as to more easily punish CIT.
Opinions on the Twiddler2 hand-held keyboard?
If I were the ISP, I would just not keep logs. Then there's nothing to turn over, right?
As an ISP, you are required by law to keep all logs. If you don't, you're in (thick accent)"veddy veddy deep shit".
It was Reagan that kept telling us that sanctions would not work in South Africa. Only they did work, apartheid is gone.
Yeap, it did work and look what type of shithole south africa became. The white rules where force out of office leaving the black savages to run the country. The jewel of africa has become the shit hole of africa. Talk about the monkeys running the zoo.