Slashdot Mirror
Too slow! FBI Shuts Down Hosting Service
Chope writes "If FBI agents showed up at your data center bearing a warrant, would you be able to provide them prompt access to customer data?
BZZZZT! I'm sorry, but you've taken too long to answer. We'll be confiscating all the hardware you use, er, used to use, to run your business. But we'll get it back to you 'real soon now.' Thank you for playing. CarrierHotels.com is carrying the story of a FBI raid on a web hosting company. When the hosting company didn't and/or couldn't provide the information the FBI was looking from its several terabytes of data within "several hours", the FBI decided it was more "efficient" to seize all the web servers and customer data as part of the FBI's investigation of a hacking incident."
someone had to say it..
and who says they abuse their power? (I wouldn't...)
Oh my, which one our corporate overlords were offended this time?
I'm sure there is more to the story than what we are hearing...
I wonder what the FBI was looking for.
The poor hosting company probably has ToS to live up to. This will ruin them.
If nothing is found, will they have any recourse against the FBI or are they screwed?
And what if you run your website on those servers for commercial use? Will the FBI refund the finanial damage you suffered (e.g. when you run a webshop or smthing)?
Ok, so it's faster to have to unplug all of the servers, carry them out of the building, put them on a truck, drive them several (dozens?) of miles, unload them from the truck, put them in a warehouse, re-plug them all in, and now have to datamine without the assistance of the people who operate the systems.
Was I abducted by aliens and brought to Bizarro world while I slept last night, or am I just missing something here?
Chris Knight is my hero.
or something like that? I wonder how their other clients feel?
If the FBI shoed up at my door... there would be a hell of an international incident as I live in Sweden (you insensitive clod!)
A little planning goes a long way...
if CIT might have been uncooperative. This article is very one sided and if it was taking hours and they weren't seeing it get anywhere then there might have been a legitimate problem. I don't know if taking the servers was the best solution but if they did it then there must have been something going on.
Evolution or ID?
Aren't there rules on how the FBI can act in these situations?
I thought there actions could not significantly damage a company's business if that company wasn't the one under the kosh.
It's not the ISP's fault in this case and they are the ones getting screwed.
So the FBI took the machines and were able to copy and peruse all data on the system, not just the data the warrant was for. Welcome to 1984!
Trolling is a art,
Last year I found the a controller of the proxy that was installed on a NT workstation happened to be controlled out of the same data center that was shut down. That machine was telling the NT box to send out massive amounts of spam.
This is about the last data center on earth where script-kiddies can get free shell accounts.
This is a case were many servers got caught in the crossfire aginst the script kiddies and spamers.
--Mike--
Nazis? - I hate Illinois Nazis
There has to be more to this story. From what the article says, the FBI just walked in and shut them down. While that might have happened this story seems to be extremely one sided and a little short on the detail.
Initially, I don't like the sound of it at all given that I host several domains and don't want the FBI coming in and taking all of my servers. But, we don't know what led up to the seizure....maybe it was a legitimate action? We shouldn't judge too harshly until we have all the information. I'm trying to play devil's advocate here.
"Wisdom is not a product of schooling but of the life-long attempt to acquire it." -Albert Einstein
First their webserver farm gets seized by the FBI, then you post their story on /. ??? Give these guys a break!
I would be more worried about the fact that rather than being supplied with the data that they originally requested, they now potentially have the logs/records/recordings/information of all the transactions and customer records and IRC conversations ever hosted by this...
Will they delete the 'copied' data after they have finished, keeping only the information that they originally wanted, please this is v bad...
Thank God i dont live in the US
Kingdom of Loathing (www.kingdomofloathing.com) Addicted is me
FBI Shutters Web Host
By Rich Miller
Carrier Hotels Editor
Posted Feb 19, 2004
If FBI agents showed up at your data center bearing a warrant, would you be able to provide them prompt access to customer data? How long would it take?
That's an important question in the wake of an FBI raid of Columbus, Ohio hosting company CIT Hosting last Saturday. Federal agents wound up shutting down the entire operation, seizing all the company's web servers and all customer data as part of its investigation of a hacking incident.
CIT Hosting, also known as FooNet, markets itself as "the leader in the IRC and DDoS protection business for the last 5 years." The company posted a web page informing customers that its data center was shut down, and instructing customers to contact the FBI if they needed access to their files.
"The FBI executed a search warrant issued by the United States District Court for the Southern District of Ohio regarding the IRC network that we host," the company said in its statement.
IRC (Internet Relay Chat) is a live chat system that allows users to create private discussion rooms. While IRC has a lengthy history of legitimate use, it is also a medium for discreet communication between hackers. CIT said the FBI was "investigating whether someone hosted on our network hacked and attacked someone else."
"After several hours of attempting to track down, inspect and audit the terabytes of data that we host, the FBI determined that it was more efficient (from their point of view) to remove all of our servers and transport them to the FBI local laboratories for inspection," the statement continued. "The FBI has assured us that as soon as the data has been safely copied and inspected, the equipment will be promptly returned. Unfortunately, the FBI has not been able to tell us when they will be completed with their inspection."
The seizure isn't standard procedure, and there's no way to know exactly what prompted it. CIT's account suggests the FBI may have lost patience with the process. The IRC-focused nature of CIT's business may also have been a factor.
But if you're a data center operator, you want to avoid any scenario in which the FBI gets impatient and starts hauling away your servers. Just one more item on the contingency planning checklist for the times in which we live.
This is the US we're talking about. We sue everyone for everything. In fact I just might sue you for implying we wouldn't sue.
"Armed forces abroad are of little value unless there is prudent counsel at home" - Cicero
Its worth reading this thread
Rus
Cheap UK and US VPS
IDNRADC (I do not run a data center), but don't let that stop me from making a completely unqualified comment ;) ....
Perhaps just as important, or more important, are you storing customer data that could/should be regularly deleted? Not that burning everything when the FBI shows up is the best option, but having a sensible scheme for what needs to be stored, and what would be better deleted and overwritten, seems to me to be important...
Well, what if there was a credible threat made by terrorists through the hacking? Perhaps time is of the essence, and tracking the person down could bring down a terrorist cell.
G
There is an article here that tells that equipment is already being returned.
Evolution or ID?
From their site - don't forget to let the FBI know what you think! rwhite3@leo.gov
02/23/2004 CIT re-establishes service.
We have restored service at Equinix's Chicago Data Centers. We are in the same facilities as MSN and many fortune 500 companies. The facility has multi OC192 connections to the backbone.
The FBI has begun retuning equipment to CIT which is being shipped to our new facilities in Chicago.
At this time CIT will continue to provide dedicated DDOS Protected web hosting only.
CIT provides reliable and scalable solutions for customers of all sizes and services. Located in Equinix's Chicago Data Centers , CIT has access to all the major carriers without the need for local loop circuits.
Our Chicago staff is focused first and foremost on customer satisfaction, and will take every action necessary to accommodate each customer. Unlike many large ISPs, CIT prides itself in its ability to provide personalized service to each customer - if a customer calls twice for assistance, they can usually speak to the same representative. Our sales and support teams are allowed a great deal of flexibility to work together to resolve each customer's needs on an individual basis. Our success and rapid growth can be attributed to the satisfaction of our customers - word-of-mouth referrals account for a large portion of the new business we receive each month.
The IRC Network will remain down until further notice.
02/14/2004 FBI Confiscates all servers
Dear Customers of FOONET/CIT:
We regret to inform you that on Saturday February 14, 2004 at approximately 8:35 am EST, FOONET/CIT's data center in Columbus, Ohio temporarily ceased operations.
Here are the facts of what occurred:
The FBI executed a search warrant issued by the United States District Court for the Southern District of Ohio regarding the IRC network that we host. According to the warrant, it appears that the Bureau is investigating whether someone hosted on our network hacked and attacked someone else.
After several hours of attempting to track down, inspect and audit the terabytes of data that we host, the FBI determined that it was more efficient (from their point of view) to remove all of our servers and transport them to the FBI local laboratories for inspection. This was completed at 7:00 pm EST same day.
The FBI has assured us that as soon as the data has been safely copied and inspected, the equipment will be promptly returned. Unfortunately, the FBI has not been able to tell us when they will be completed with their inspection.
We have been told by the Special Agent in charge of the investigation that If you need access to your data you are asked to please contact the Bureau via email to rwhite3@leo.gov. Make sure to include in your email your name, mailing address, and telephone number with area code.
Since we wish to focus 100% of our efforts on restoring services, we would appreciate it very much if you do not attempt to contact us directly. Please rest assured that we are doing everything possible to restore service to you as quickly as possible.
To the many who have inquired, Paul and family are OK, although shaken by these events. They are at home and awaiting the blessed event of their new child's birth. We thank you for your good wishes and prayers.
Please check back here often. Through this site, we will keep you informed of ongoing developments as we know them.
Thanks again for your understanding.
Marked troll already. That's slashdot for you.
Anyway this incident illustrates why the citizentry needs to be active in government instead of reactionary and "woe is me" after the fact. The government isn't very good at self-disciplining. That's our job. An absentee citizentry breds the results you see. Get out and vote in 2004. Get involved in local and national politics. Stop being a wallflower.
What do you think the chances are that this has something to do with the microsoft source code leak?
In Soviet Russia Slashdot cliches use you
Is that if the FBI, ATF, *BI, or whoever seizes your property in the investigation of a crime, they are in no way liable for any damage that occurs to your property, if you can even consider it your property anymore, because, even if your property was deemed to have NOTHING to do with the crime being investigated, said above entities are not required to return your property. You have to SUE to get it back. Now how's that for some bullshit.
Ironically, they were probably investigating a Denial Of Service.
The only thing I find a bit odd about this whole thing is that it looks like they too the opportunity to relocate their data center to Chicago (it was previously in Cleveland). According to their news,
Wouldn't that unnecessarily delay the process of restoring service to their customers? Was the move already planned, or did they suddenly decide that they needed a different data center? Is it possible they're blowing the seize out of proportion in order to cover outages due to their move? Or did the seizure even actually happen?
...that 'the powers that be' are monitoring everything 'on the fly', if they need to get their hands on the physical data repository to check it out.
AT&ROFLMAO
what about their reputation for having illegal or compromising people using thier service. That reputation alone may be worse than the downtime.
Evolution or ID?
Doug Moen
I have written a truly remarkable program which this sig is too small to contain.
... slashdot alerts carrierhotels.com that they have 1 minute to prepare for slashdoti.... oops, times up!
Arcticle text:
FBI Shutters Web Host
By Rich Miller
Carrier Hotels Editor
Posted Feb 19, 2004
Print This Story
If FBI agents showed up at your data center bearing a warrant, would you be able to provide them prompt access to customer data? How long would it take?
That's an important question in the wake of an FBI raid of Columbus, Ohio hosting company CIT Hosting last Saturday. Federal agents wound up shutting down the entire operation, seizing all the company's web servers and all customer data as part of its investigation of a hacking incident.
CIT Hosting, also known as FooNet, markets itself as "the leader in the IRC and DDoS protection business for the last 5 years." The company posted a web page informing customers that its data center was shut down, and instructing customers to contact the FBI if they needed access to their files.
"The FBI executed a search warrant issued by the United States District Court for the Southern District of Ohio regarding the IRC network that we host," the company said in its statement.
IRC (Internet Relay Chat) is a live chat system that allows users to create private discussion rooms. While IRC has a lengthy history of legitimate use, it is also a medium for discreet communication between hackers. CIT said the FBI was "investigating whether someone hosted on our network hacked and attacked someone else."
"After several hours of attempting to track down, inspect and audit the terabytes of data that we host, the FBI determined that it was more efficient (from their point of view) to remove all of our servers and transport them to the FBI local laboratories for inspection," the statement continued. "The FBI has assured us that as soon as the data has been safely copied and inspected, the equipment will be promptly returned. Unfortunately, the FBI has not been able to tell us when they will be completed with their inspection."
The seizure isn't standard procedure, and there's no way to know exactly what prompted it. CIT's account suggests the FBI may have lost patience with the process. The IRC-focused nature of CIT's business may also have been a factor.
But if you're a data center operator, you want to avoid any scenario in which the FBI gets impatient and starts hauling away your servers. Just one more item on the contingency planning checklist for the times in which we live.
"It's the smell! If there is such a thing." Agent Smith - The Matrix
We, my comrades, live in dangerous times. It is not the threat of "terrorism," for terrorists do not want to take away our liberty (directly). No, it is the threat of the United States Government. The treat is posed militarily to those outside her boarders, and by gross incroachments on fundimental constitutional rights and liberties against those within her boarders. The 4th Amendment to the United States Constitution is as follows:
The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.
So I say to you: is this not a blatant violation of the US Constitution? The warrent did not say to take the servers, did it? And where are the warrents of TSA people at the airports? where is their probably cause? where are OUR GODGIVEN, CONSTITUTIONALLY PROTECTED freedoms?
I'm surprised that there hasn't been any discussion of Magic Lantern for awhile...
Wether you find this acceptable depends I guess on wether you find it acceptable that the police can investigate crimes beyond posting a little poster asking criminals to please come to the station and answer their questions and to bring in any evidence on their own.
Normal search warrants on an office mean that the FBI and police storm the building and everyone inside is ordered to stop doing anything. No more accessing PC's no shredding of documents no phone calls no nothing. The reason is simple to prevent evidence from being destroyed.
I am frankly amazed that they even allowed the company to provide the info this shows that they probably don't suspect the company but rather that they hope to find evidence against someone else on their systems.
There was a rather nasty ddos attack on mircx and aniverse. The FBI seems to be investigating wether the IRC network hosted by this company was used in the attack. There seems to be a lot of hints as to the person who was behind the attack but sadly in america you need that silly evidence stuff (at least for use against americans).
So the FBI asked and got a search warrant. They then gave the company time to hand over the data but they couldn't. So the FBI used the law and did what we expect them to do. Secure any evidence by removing access to it. They are even giving the hardware back. They waited wich they don't have to and give the hardware back after copying data wich they don't have to do. Frankly I think they went way beyond what they needed to do to minimize damage.
Quit frankly the original poster seems to be one of those people that want the police to disappear. That line about wich coorperate master they offended is clear bullshit. mircx and aniverse are hardly the powers that be.
In any society that doesn't chose to be an anarchy you have to give some powers to the police to investigate crimes. Search warrants are pretty common in all democracys and also work pretty much the same way. If you get one it sucks but so far noone has come up with a better alternative except to just allow criminals free reign.
MMO Quests are like orgasms:
You may solo them, I prefer them in a group.
I believe this has something to do with with recent shutdown of the mIRCx IRC network (see: http://www.mircx.com/irc.html). There are rumours (see: http://kashin-anime.edwardk.info/mircx_downtime.tx t) of a DDoS "botnet" being held on foonet, which may have been responsible for recent IRC network attacks.
This is just speculation however, I'm not sure I should believe that the FBI would take action against the attack of an IRC network with a less-than-wholesome reputation.
I can't get access to the article, but I guess that the story is about the shutdown of FooNet. FooNet isn't a "real" hosting solution ; it's a cheap shell provider for script kiddies who want to have their own ircd. They might also provide "serious" hosting services ; but as soon as one provides shell services for such a targetted audience, she knows that she will have to handle some specific problems - DDOS, flood, etc.
And according to what I know about the FooNet shutdown (if that's the same story), there was thousands of DDOS "drones" located at the datacenter, and the staff of the datacenter failed to shut them down. That sounds very dubious to me, but you might want to check this for another side of the story ...
Quoting :
PS: if the shutdown mentionned isn't the FooNet one, ignore this post :-)
It's not like I agree with this, if indeed things happened as the article state... but a quick google on FooNet (AKA / DBA CIT ) turns up some VERY interesting results.
I google'd quickly on a hunch, and sure enough I got some rather interesting hits.
I claim to know nothing about SPEWS and how they go about adding to the blacklists, but they apparently are no stranger to it.
Furthermore, it seems that this IS NOT the first run-in with the FBI that FooNet/CIT has had: from here, if you scroll down a bit, you'll see the following text: The FBI executed a search warrant issued by the United States District Court for the Southern District of Ohio regarding the IRC network that we host # We regret to inform you that on Saturday February 14, 2004 at approximately 8:35 am EST, FOONET/CIT's data center in Columbus, Ohio temporarily ceased operations. And this was from Feb. 14 ...
Another incident was reported out here on 07/12/03 (search the page for "foonet") ... seems that 84898 spams swamped a box, and follow-up by FooNet sucked - e.g. they turned a blind eye.
There are far too many hits to return ... if you're interested in more, you can always head here. For now, I'll close with this: I do not agree with the methods used, if they were as described ... however, FooNet/CIT is no stranger to the FBI, and perhaps this is all rolled in to the Feb. 14th notice ... maybe the FBI actually gave them 10 days to comply... I'd really like to see how this ends.
Even if they had the authority to seize all the data, and it wouldn't surprise me if they in fact did not, they're MORONS for seizing everything. It's much easier to copy the data from on-site than to relocate everything and set it up, and THEN dump the data. It's also a lot less expensive. It also doesn't spread ill will among people who are helping your investigation.
After 9 days they've just barely started to get back up and running again. I guess the real moral of the story is to have an off-site co-lo contract you can activate in a heartbeat. Terabytes of backup restore would be a real pain though.
As I understand it, suing the government over things like this is nearly impossible. They still might be able to sue the agent on whose authority the seizure was conducted. Proving damage is trivial. I think if they can convince a jury that it was a case of gross negligence, the usual government protections don't apply. Any lawyers in the house?
WARNING: there is a trojan on your
I don't buy it! How can they move that stuff, not only physically, but also logically? To re-plug the servers, they need:
a suitable network, with configured routers, auth./DNS servers...
logins/passwords for the servers
knowledge, and not only general tech but specific setup of that company servers
i suspect they took out the hds & disconnected the raid cans & pluged them into another machine.
Normally (in democratic/free world), an investigation means a judge, some reasons, some rule brake, some arguments on why the police is acting.
earlier in december, president bush signed legislation expanding the authority of the bureau and other u.s. authorities conducting counterterrorist intelligence. the law authorizes them to demand records from financial companies including casinos without seeking court approval.
Yes, I have RTFA. Yes, I have a girlfriend. Yes, I'm new here. And no, I don't want a free iPod.
It seems that many people didn't read the text. The FBI had a warrant, which means they had to go before a judge, justify the need, and spell out what would be looked for/taken. If it wasn't initially spelled out that the servers would be taken, they might have had the warrant amended as such. Before some of you "conspiracy theorists" start screaming about a police state and such, the FBI was acting in the bounds of the law, under a warrant issued by a judge. John Ashcroft and George Bush had nothing to do with this. Maybe once you stop looking for black helicopters, you can see this. As for those of you saying you're glad you don't live in the US, we are the most free, most law-abiding country in the world. While we may not be perfect, we're the best thing going. Sorry if I'm offending anyone, but I'm tired of hearing knee-jerk reactions to things, without anyone reading the facts. Believe it or not, not EVERYTHING the government does is wrong.
Liberalism...the next best thing to thinking.
You are a cop and arrive at a murder scene with a dozen doctors standing around the corpse. Would you really allow any of these medical experts to assist you with determining the cause of death?
A shutdown machine cannot erase data and the fbi got the tools to simply copy data from HD's without the computer it was in being involved. This prevents any chance of the data being destroyed.
Saying they replug them back in at the fbi shows you have no idea of what is involved in this kind of investigation. They copy the HD's directly and completly by taking them out and putting them in their own hardware.
How the fbi does this kinda stuff has been discussed often enough on /.
This is nothing else then the police sealing of a crime scene. Any inconvenience is considered though luck. It really is no different from streets being closed off to allow marathons or demonstrations or repairs. Yes they do attempt to minimize damage but the investigation comes first.
But lets turn it around. If the FBI raids a place like enron would you find it acceptable if the bosses were allowed to keep making phone calls and keep working on their pc's and play with their shredders as they could loose money if the police removed access and took everything away?
Of course not. Just because this is a small hosting company doesn't change the law.
MMO Quests are like orgasms:
You may solo them, I prefer them in a group.
No, it turns out you are right, cit & foonet are one and the same. http://www.easynetworknyc.com/foonet/
I do wonder how cooperative CIT was. After several hours of requests for the info (with a warrent) the FBI must have been riled to say "F-this-S, haul it away!". Think about how much extra work that must have been. There's more to this story, pity no news service has looked into it yet.
One line blog. I hear that they're called Twitters now.
Perhaps someone can clarify this for me... the article/letter seems to point to the FBI seizing CIT's entire data center... Now, as big as they seem, I am sure they have more than just one hosting customer, and more than one IRC server... so did the feds just take the IRC servers, or the hosting servers too?
The reason I question this is the legality of seizing an entire data center like this. For example... lets say CIT had 10 web servers and one IRC server. On those 10 web servers there are 5000 web hosting customers.
Now, the feds want to track ONE user out of 5000 hosting customers, and God knows how many IRC users on the one IRC server, but instead take all 11 machines. So they have, in effect, seized the IP of 5000 innocent people to get the effects of only one.
This to me, seems akin to having the FBI sieze property from every house in a subdivision to get evidence on only one resident.
Given the state of IP law in the US, and how thanks to things like the DMCA and other legislation, IP is being treated like a tangible, wouldnt the FBI have to A: justify seizing the IP of all those customers, and B: be answerable to legal or civil suits regarding lost revenues? What about lost data?
"Our funds have never taken part in toxic or death spiral convertible financings of any sort" -BayStar's managing partne
the guy behind it seems to have been boosting about about a 200k botnet. 200.000 machines under his control. I think this is no longer some harmless hacking. This is stuff the fbi needs to investigate cause quit frankly nobody else seems able to stop this.
So unless you believe the net should be total anarachy ruled by those with the most bots then this kinda off stuff is sadly needed. To bad for those caught in the crossfire but that is live. Nothing really different from when all trains are disrupted because someone jumped in front of one. A marathon closing off all the streets despite the fact you hate sports. A demonstration causing massive gridlock despite the fact that only 200 people in a million people city are taking part.
Live sucks at times. Really this story shows that /. is getting more and more tabloid. A serious tech site would have asked what the fbi was investigating and wether the hosting company was hosting the person investigated or had servers wich were hacked or was simply a place where the hacker might have left evidence.
MMO Quests are like orgasms:
You may solo them, I prefer them in a group.
I don't buy it! How can they move that stuff, not only physically, but also logically? To re-plug the servers, they need:
;-).
Or they can clone all the drives with ghost (now with ext3 support) and use Ghost Explorer in Windows to find specific files and folders without ever booting the machines into Linux and dealing with bullshit. (also dd/mount -o loop)
I prefer to read (between the lines) that they wanted something to be stopped, and eventually an occasion to get the information on the long term (weeks at least) on who/where it is
I believe one of two things:
1) They possibly thought whatever was going on might have been contributed to by someone on the inside and didn't want to give time for people to erase evidence. Maybe a raving lunatic anonymous coward but link.
2) They got impatient and thought they could do it faster, which probably ended up not being the case.
The strange part, for a European citizen like me, is that no reason at all is given. Normally (in democratic/free world), an investigation means a judge, some reasons, some rule brake, some arguments on why the police is acting.
A warrant means that a Judge signed off on the investigation. They were able to convince a Judge that they had probable cause, how is this different from Europe? (I'm not trolling, I just don't know much about the legal system in European Countries and realize that it probably differs from Euro Country to Euro Country)
I hope that with these new laws in Europe we are not going to become like that too soon
I agree, big brother is getting scary here in the states.
Can I get an eye poke?
Dog House Forum
I 100% agree. I get in political discussion with folks who complain about the system not working...when I ask if they write their representatives they say no. I ask if they vote, they say they aren't registered. How dare someone say the system is broken when they've never bothered to participate!! Register to vote if you haven't already and GET OUT AND BE HEARD. Vote on election days, write your senators and representative whenever you have something for the government to hear. A government of the people means we are their bosses! They don't listen to the majority, they lose their job. And don't say to me "the /. geeks will never be the majority" until you all are registered to vote and participate in our government! It's more important for us to do it now more than ever...
perl -e '$_="\007/4`\cp%2,".chr(127);s/./"\"\\c$&\""/gees
One more reason to get hosting based outside the US, if your site does anything but blindly wave the flag and speak the newspeak.
It won't help. People won't vote third party, they only vote for the current reigning Demopublican party.
The democrats and republicans use rhetoric to convince the less intelligent that there's actually a difference between the two, assuring that almost everyone votes democrat to vote AGAINST the republican, or republican to vote AGAINST the democrat.
Unfortunately, there's no appreciable difference betwixt the two, so we're condemned to continue down the slippery slope.
This company appears to have had terabytes of data. Lessee:
is oh, about 40 bytes. Say there's a comment every second of evey day... a terabyte would hold over 20,000 years of such comments. Or 20,000 such IRC channels for a year.
Sure this doesn't account for file trading, dead channels, bots, etc... but it gives you some idea about the amount of data in a terabyte, and if you think there is anything anonymous about IRC, think again...
in fact, this comment will probably be stored somewhere for way too long.
I live in Columbus, and have had the misfortune of working with foonet/Creative Internet Technologies/Creative Internet Techniques - they have called themselves all three. The small ISP which I used for my website unexpectedly moved our web site to a server at foonet. All of our mail forwarding was getting blocked by about every blacklist on the planet, and the uptime was horrendous. Needless to say, despite the 3 month prepay, we immediatly moved to another ISP. While we were being hosted at foonet, located about 10 minutes from us, I called them (local, no 800 # - ) multiple times, telling them that they were on blacklists. I never could talk to anyone, just leave messages that would go unanswered. If you are doing anything remotely important, avoid foonet/CIT like the plague. Their phone numbers are/used to be Sales - 614 353 8243 and General Inquires - 740 881 0323
The FBI cart equipment away to their premises in order to duplicate the systems and environments. If ever you get into information systems forensics, they would at least perform 2 copies. One is kept as an exact duplicate (to keep for their investigation records) and at least another to actually run analysis against (since searching on an active system can change the data stored in it).
It also makes it easier to catalog what they are working with, and prevents any interference from the outside.
Delete your logs. Delete them early, and delete them often. Searching through 24 hours worth of data is a lot easier then searching through 2 years worth...
"Freedom means freedom for everybody" -- Dick Cheney
how can you tell they never went through it? usually they don't fire the computer up, but just clone the hard drive directly.
so unless there was a piece of scotch tape that had to be broken to take out the ide cable to the hard drive, it's impossible to know.
Runnin' On Empty
The only problem is, no one really seems to know what is going on!
Speculation on cause has ranged from DDoS attacks to having to do with the Microsoft leaked source code.
SearchIRC - Now with live chat directory!
Like a lie? As a former LEO I've seen search warrants that were based on 100% lies. "Anonymous" or "confidential" sources are the classics. Or just squeeze someone to lie and bam!, you're in business. Twisting the facts into probable cause like "container with a white powdery substance found on suspect's vessel. Possibly narcotics." You know that it's flour in the galley but that part is just left out. Telling half the truth is still a lie, something most cops ignore.
I suspect they were fishing, looking for one piece of data but really wanted a reason to grab everything (like all the irc logs). It's possible that the company pissed the agents off (by not bending over on command) and they're just getting a little revenge.
Please, do not trust the police. They are there to arrest as many people as they can (and these are the "good" ones). Rogue cops are a nightmare. Ever wonder why most of the time when a police action is investigated it's only done by cops or an ADA (nothing more than a cop in a suit)? Isn't that like Tony Soprano investigating a mob hit? Law enforcement in the US answers only to themselves.
Do a search on news.google.com and find news stories about cops that broke the law (beat downs, dealing drugs, OUI, etc.) and you'll find almost everytime they've received a much lighter sentence (if any) than the average joe. Welcome to the Pig States of Amerika. I guess Abby Hoffman was right.
"Quis custodiet ipsos custodes?"
If you are a data center, this sounds like another good reason to have a mirror (RAID 0, or is it RAID 1). That way you can just unplug the mirror drive and give it to the FBI without disturbing the rest of your service.
Actually this makes the acronym RAID (Redundant Array of Inexpensive Devices) have dual meaning... RAID is what you want when you are raided!
McFly777
- - -
"What do people mean when they say the computer went down on them?" -Marilyn Pittman
Irvingnet, the home of the Fark IRC channel, was also affected in the raid. The MOTD said that the entire datacenter was cleaned out by the FBI.
Where does the school board find them and why do they keep sending them to ME?
Doing it in-house sounds so old fashioned. They should look into out-sourcing like spammers have been doing with under-utilizied home Windows computers. Does anyone have contact information for the people who did MyDoom.A and .B? I might have a deal lined up involving a few hundred thousand dollars of business. (I could use the reward money.)
One line blog. I hear that they're called Twitters now.
I have believed for a long time that more Americans should be voting for the Green party. There are many who prefer the Green's stand but fear that a vote for Green is a vote wasted and would only serve to help put the Republicans in office. I suggest accepting the (relatively) short term pain of Republican rule and looking at the long term.
Currently the Democrats and Republicans are essentially different flavours of the same poison. Forget the next election, forget the next five elections. Even if the Democrats gain power they will produce more of the same crap. Vote Green in the next election - they won't get much this time around, but if everyone who wanted to vote Green did, then the Greens would probably make the coveted 5% mark, which means more money. With more money they could do better the next time around, and after two or three more elections they could mount a real challenge to the status quo (if they manage to not become a part of the status quo).
Forget tomorrow; tomorrow is already a disaster. Think of your children and think of your grandchildren.
As for the Green party itself, getting Nader elected (as implausible as it may be) would not be a great triumph as I can easily imagine the dems and repubs in the houses making his life hell. The Greens need to seriously focus on getting seats in the two houses. With balances teetering at 51-49 for a long long time, the Greens getting just a few seats and being able to tip a house one way or the other could provide a breath of fresh air that American politics has needed for a very long time. Why the US generally believes it can only function with a two-party political system (with little difference between the two) is baffling and perhaps a little sad.
RTFM; please, I beg you.
Voting for the lesser of two evils is better than not voting at all. If you're about to be killed, and the murderer says "should I use this shotgun and blow your head off, or stick you with tiny needles until you bleed to death?" would you make a choice or let him choose? Not to say that our government elections are akin to murder per se (though some might interpret them as such).
Government participation is important after the election too, there are many websites that make it easy to send letters to your elected officials to tell them your opinion. That way you can make a difference every day for their elected term, instead of just once every few years. Don't say I'm full of shit if you don't try.
perl -e '$_="\007/4`\cp%2,".chr(127);s/./"\"\\c$&\""/gees
That's actually true, no matter how absurd Darrow's argument was. Especially in government.
Yes, it's possible for Special Agent Joe Smith to disobey orders to seize data based on his own morality, but the practical upshot of that is that Joe Smith will be fired and replaced with someone willing to do the task. In the end, the task will get done no matter what Joe Smith's morality is - so how can he be held responsible for what is inevitable?
Nations and their component organizations have monopoly over force, not individuals. If the FBI wants to search and destroy, the FBI is to blame, not its agents. (Even the word agent means 'representative'.) You don't shoot the messenger when the message is bad.
1.) Foonet/CIT did cooperate. 2.) Warrant was sealed. 3.) Not many, if any, got "free" accounts there. 4.) 300 or so servers were taken. 5.) Agent responsible to contact hasn't been returning calls/emails. 6.) Only a couple of machines have been returned, some should be sent out today. 7.) Warrant was served on a house which contained foonet/cit, Paul, his very pregnant wife, and two small children. 8.) Paul has always cooperated with the FBI. 9.) A 200K botnet would have clogged the lines Foonet/CIT was on, get real for pitys sake, 200K? lol 10.) Those crying DDos kiddies being freely housed are mostly terminated customers. 11.) The ownership of Foonet/CIT had recently changed, some guy named Jay owns it now. 12.) Nobody directly working for/owning Foonet/CIT knows why this raid was done, why do kiddies claim they do? I'm going to work now, feel free to flame. Sincerely, Kelly
I write my representatives. And I vote. Know what? It still doesn't make a damn bit of difference so long as at election time I'm given no real choice.
As Bill Hicks put it, "I think the puppet on the right shares my beliefs. I think the puppet on the left is more to my liking. Hey, wait a minute, there's one guy holding both puppets."
The majority are easily led around by those in power. Most Americans beleive that Iraq as involved in 9/11 and that we have found weapons of mass destruction in our invasion there. Our "leaders" have gotten people more disturbed about destroying a flag than about destroying the land that the flag represents.
The game is rigged. Third-party candidates are doomed from the start. Any candidate talking about real change is not permitted to get past the primaries - look at how they savaged Dean for speaking truth. Betting on a Senator for re-election is about the safest bet you can make, and Representatives only risk losing their seats if their opposing party gets ahold of the state legislature and manages to redistrict them out.
So, yeah, I vote, I give to the ACLU, I write my Congresscritters, but I don't expect it to make much difference. Me, I'm looking for Yin revolution. And if that don't work...well, that's why there's a rifle in the closet.
Tom Swiss | the infamous tms | my blog
You cannot wash away blood with blood
I vote Libertarian.
People tend not to vote for them because they are a "fringe" party, but if people did vote for them, they wouldn't be. Also, if you're disturbed by the party's more extreme views, keep in mind that the real extremists are already members, and as their membership increases, they can only become more moderate.
Whatever you do, don't throw your vote away on a "small government" Republican or a "civil liberties" Democrat. They have never delivered what they've promised.
Step into a huge movement. Don't Tread In Me.
When the FBI asked them for evidence, couldn't they have temporarily shut down to do a complete disk mirror, and handed over the mirror of their drives for the FBI to inspect at their leisure, that way ensuring that they stayed operational in the interim, but the FBI would still have the evidence they needed, even if the hacker somehow got back into their system to remove it?
File under 'M' for 'Manic ranting'
This story offers a very good example why ISPs and similar service providers should have the best lawyer possible on call. If nothing else they may have been able to halt or slow things while finding a judge who can come up with a more sensible solution.
I see no good reason why the FBI should shut down an entire business with nothing more than search warrant. Surely such a warrant defines what exactly they are seeking, and it would have been reasonable for them to extract those chunks of data on-site.
I have to conclude that the aim of the exersize was to shut down foo.net without the bother of legal proceedings, and it seems that they were successful.
Three Squirrels
I would recommend that the ISP gets all the user data (non-executable) off into storage, wipe clean, re-install everything, copy data back on...Problem is that the setup for this would be exhaustive and time-consuming. However, if there is an IRC informant tool that has been added to this (I remember slashdot articles concerning a system developed by FBI or CIA on a system to snoop) it would conflict with the ISP's promise of security and privacy...
When all is said and done, nothing changes...
The problem is the ratio of times that terrorists are *really* involved.
How many major terror acts are perpetrated or confounded each year relative to how much we've seen "The War on Terror" used to justify anything and everything anyone can get away with. Funding for every agency under the sun derives from whether they're combatting terror. The DOE needs money "to combat terror" by developing methods to protect our utility grid. The DoD needs funds to "help combat terrorism" by developing new monitoring and data-mining technologies. The CDC needs money to "help combat terror" by producing vaccines. I'll bet that even the Department of Agriculture has funding initiatives based on "terror" somewhere -- maybe they want to monitor use of crop dusters, who knows.
It's freaking ridiculous. The "War on Terror" certainly saves lives, but the amount of resources that have been claimed in its name *vastly* outweigh the amount of damage that terrorism has done to us. A lot more people lost their lives to car crashes in 2001 than to terrorist attacks. Did we have black helicopters ready to swoop down on speeders? How about long-range alcohol sensors? What about armed guards at strategically-placed toll booths that search cars and people thoroughly for any kind of alcohol? All these sorts of things have been done in the name of "The War on Terror", instead of being used in an area where more American lives are being lost. The "War on Terror" is, frankly, a tool based in fear to help manipulate the masses. It has little practical value.
I claim that terrorism on the order of at 200:1 life amplification (roughly what the 9/11 terrorists achived -- something like 4000 lives to around 20 terrorists) cannot be eliminated without massively curtailing and altering a free society. There are just too many ways for a person willing to die to kill many people.
I would like to point out that people are only willing to throw their lives away if they are incredibly upset over something you've done. You don't see Iceland coming under terror attacks, because Iceland doesn't anger people to the point of being willing to die to kill Icelanders (or whatever a citizen of Iceland is called).
We have spent masses of money and effort on trying to figure out how to crush terror rings, on making people so afraid to resist the United States that they won't dream of it. The problem is, it can't be done. The Soviets couldn't crush resistance with years of secret police and encouraging children to inform on their parents. I don't think Bush Junior can do so in our society. Sheer force and fear just don't work when you're dealing with people who are willing to lose their lives to kill. You have no cards that they are interested in.
How much money has been spent on diplomatic and social solutions to eliminating terrorism? Supposedly the United States has a negative image in Islamic countries -- how much work have we gone through to improve that image? How much effort has gone into determining the things that are making people so angry that they are willing to *die* to hurt citizens in the US and resolve those issues?
A lot of people feel that trying to resolve things peacefully would be "giving in to the terrorists", and encourage future terrorist acts. I don't agree. The only value to a hard-core refusal to ever attempt peaceful solutions is as an attempt to establish prescedent governing future acts -- that no terrorist would ever be willing to attack the United States if it was *guaranteed* that doing so would hurt his cause, and damn the consequences to us in hurting that cause. The problem is, the prescedent has clearly not been established during the time we have taken a hard-line approach. The United States was attacked several times, despite having followed tough guidelines for dealing with terrorism in the past.
I'm curious as to what would happen if the 70 billion or whatever dollars that are being spent to keep us in Iraq (which at least originally was supposed
May we never see th
It wasn't just CIT's stuff that was confiscated and / or shut down, but EVERYTHING in the datacenter where CIT's stuff happened to be; everything included my hosting provider, as well. N.B. - I am typically all for law enforcement and would rather err on the side of caution - esp if CIT was "reasonably believed" to have been stalling or destroying data.
I see all alot of, "their rights have been violated", and "this is why I don't host in the US", and "here's what I think they're investigating", but I don't see anything constructive about how to protect your service uptime against a raid.
At a local security meeting, I learned about security incident handling, and things you can do to help preserve the chain of custody of the evidence (aka data). It's one thing to copy data, but just by reading data on most filesystems, you alter it. If a hacker determines that you are investigating them, that can and will try as fast as they can to cover their tracks, and it's alot quicker to delete/destroy/taint data than copy data.
The fastest and best to preserve a single machine's data is to break a RAID 1 array (pull out live disks). Your machines keep running, and the FBI gets a pristine copy of the disks that they can put into (hopefully antistatic) evidence bags and document chain of custody without modification of the data. They can go read it at their leisure off-site. Using RAID5 doesn't cut it. Using single disks with frequent backups doesn't cut it. Use RAID1.
Another way to protect data and preserve service is to store all non-OS data on enterprise storage that supports advanced mirroring or snapshot capabilities. If I had a NetApp, I could create a read-only snapshot and give the FBI access to that point in time copy of data and never delete it until I can do a DR copy of my filer onto another box. If I have an EMC or Hitachi or other large RAID1-capable unit, I can beak off a very large mirror and present it to FBI hosts on a SAN and continue to run off of unprotected data or implement a disaster recovery plan to get me running again on another similar storage. This data isn't as clean as a "drive in a bag", but with proper notes and techniques, the FBI can be convincing enough to a jury that the data was used in the investigation was correctly read unmodified "beyond a reasonable doubt".
If I'm really good, and have a bigger budget, I'll have a near-real-time mirror of that data (NetApp SnapMirror, EMC SRDF, "rsync", etc.) in a remote location that runs independently of my primary site and a plan that will help keep me running while I let the FBI tears apart my primary data center.
If you run a 100% uptime service ("Show me the nines!"), it's your responsiblity to to have an effective disaster recover plan. An FBI or Secret Service raid is an equivalent of a jumbo jet crashing into your data center. You as an individual, have a RIGHT to privacy and due process, but your company has created obligations to your customers to which you've guaranteed service, and your customers care more about the latter than the former. It's more responsible to have a DR plan and sue the FBI to replace your hardware than not have a plan and sue for lost business.
-ez
If the checksum doesn't fit, you can't commit!
Here are the details and a time line.
They were out of business from 14 to 23 February.
When they are back, they are only providing web hosting and not IRC. So the warrant was definitely related to IRC and they decided not to be in the business again?
http://www.cithosting.com/news.htm
02/14/2004 FBI Confiscates all servers
Dear Customers of FOONET/CIT:
We regret to inform you that on Saturday February 14, 2004 at approximately 8:35 am EST, FOONET/CIT's data center in Columbus, Ohio temporarily ceased operations.
Here are the facts of what occurred:
The FBI executed a search warrant issued by the United States District Court for the Southern District of Ohio regarding the IRC network that we host. According to the warrant, it appears that the Bureau is investigating whether someone hosted on our network hacked and attacked someone else.
After several hours of attempting to track down, inspect and audit the terabytes of data that we host, the FBI determined that it was more efficient (from their point of view) to remove all of our servers and transport them to the FBI local laboratories for inspection. This was completed at 7:00 pm EST same day.
The FBI has assured us that as soon as the data has been safely copied and inspected, the equipment will be promptly returned. Unfortunately, the FBI has not been able to tell us when they will be completed with their inspection.
We have been told by the Special Agent in charge of the investigation that If you need access to your data you are asked to please contact the Bureau via email to rwhite3@leo.gov. Make sure to include in your email your name, mailing address, and telephone number with area code.
Since we wish to focus 100% of our efforts on restoring services, we would appreciate it very much if you do not attempt to contact us directly. Please rest assured that we are doing everything possible to restore service to you as quickly as possible.
To the many who have inquired, Paul and family are OK, although shaken by these events. They are at home and awaiting the blessed event of their new child's birth. We thank you for your good wishes and prayers.
Please check back here often. Through this site, we will keep you informed of ongoing developments as we know them.
Thanks again for your understanding.
02/23/2004 CIT re-establishes service.
We have restored service at Equinix's Chicago Data Centers. We are in the same facilities as MSN and many fortune 500 companies. The facility has multi OC192 connections to the backbone.
The FBI has begun retuning equipment to CIT which is being shipped to our new facilities in Chicago.
At this time CIT will continue to provide dedicated DDOS Protected web hosting only.
CIT provides reliable and scalable solutions for customers of all sizes and services. Located in Equinix's Chicago Data Centers , CIT has access to all the major carriers without the need for local loop circuits.
Our Chicago staff is focused first and foremost on customer satisfaction, and will take every action necessary to accommodate each customer. Unlike many large ISPs, CIT prides itself in its ability to provide personalized service to each customer - if a customer calls twice for assistance, they can usually speak to the same representative. Our sales and support teams are allowed a great deal of flexibility to work together to resolve each customer's needs on an individual basis. Our success and rapid growth can be attributed to the satisfaction of our customers - word-of-mouth referrals account for a large portion of the new business we receive each month.
The IRC Network will remain down until further notice.
2bits.com, Inc: Drupal, WordPress, and LAMP performance tuning.
Clinton administration under that bastion of civil liberties (nevermind Waco, Ruby Ridge, or Elian Gonzalez)
I hate to get offtopic here, but it really annoys me when democrat bashers don't even know what they're talking about. I bet you listen to Rush Limbaugh or Michael Savage religiously.
Hint, Ruby Ridge happened in '92.
The company in question, known as "Foonet" or "Creative Internet Technologies" is well known to anyone who frequents efnet as a safe haven for anyone involved in illegal activities, including DDoS, childporn, compromising hosts, spamming, carding etc, the staff of foonet are well known for overlooking illegal activity by their customers..
Most likely the fbi turned up to confiscate one or two customers boxes and saw how stuffed with illegal data their network is, virtually everyone on efnet who is involved with illegal activity used to base their operation from foonet, the servers there will be a total goldmine of evidence for the fbi..
Infact, the staff themselves at foonet are well known for breaking the law, in particular "Paul" who owns the company gives shell accounts or free hosting to people who will ddos for him, and often the staff at foonet have used their customers credit cards for fraudulent transactions.
From their site:
The rest of the page is chaff about who the company is, and things already quoted here.
This puts the downtime they experienced at about 2 weeks - which must have been very disruptive to their business, but not in line with most "the FBI is here" horror stories. Though I understand the FBI agents in this case not wanting to be any more disruptive than they have to be, it is incompetent of the FBI as an organization to not have a more unitrusive means of auditing large datahouses unannounced - although the companies they arrive at cannot possibly be prepared, the FBI must anticipate this frequent eventuality.I know the Ashcroft-obsessed crowd will drown out this message, but I will say it anyway.
foo.net has, for the longest time, been protecting carders. They've been told so, repeatedly, by the anti-spam community and weaseled. My suspicion at this point is that either they are actively involved and/or some of their members are involved. FBI methods aside, foo.net isn't the innocent-victim they would have you believe.
As someone who has had multiple run-ins with Foonet and their customers over the years, I'm personally glad to see this happen, even if it's only temporary. The FBI doesn't just decide to dismantle an entire datacenter on a whim, there obviously has to be just cause. I feel that in this case, there's probably more than enough cause. If you are a (wannabe) "hacker" or "packet kiddie", Foonet is the place for you, and most people know it.
I run a large text based chat server (IRC), and as such we see frequent (D)DoS attacks. Far too many of these attacks in some way lead back to Foonet. It's even rumored that some of their employees harvest and sell Denial of Service drone networks... how's that for service! Since Foonet was raided a week and a half ago, we've seen maybe 25% of the DDoS attacks that we reguarly receive.
Bottom line... don't target "kiddies" as your primary customer base, and don't tolerate their abuse and things like this will not happen. But hey, what do I know.
And most likely, the FBI didn't tell the hosting company exactly what it is they wanted. When the Feds come in with a search warrant, they don't ask for your help. They say, "stand aside" and commence ransacking.
Why should I argue rationally with someone being irrational? I'll just mock them instead.
The agent that siezed the equipment probably has a boss who expects to see progress, and that progress is probably propagated up the line to the point where the details have been filtered out and it's just a number on a spreadsheet of how many computer crimes have been procecuted in the last however many days. The ulterior motive is to look like he's being productive in order to keep his job.
Ah, there's the rub.
Behind every job is a human being. That job could be something as heroic and altruistic as a fireman, or something as shady and questionable as this FBI guy. What all the folks in the country need to realize is that all the things we bitch about are being done TO us, BY us. If people would refuse to fill jobs that had questionable consquences, things might be different. We will never know that, since we all have bills to pay, and somebody will always take those crappy jobs.
What I find fascinating is that so many of us have jobs where the harmful consequences are so far down the chain that we can't even see how we have contributed. But alas we are all a part of our own mess.
The House Between - Original Sci-Fi Series
While everyone seems to be focusing on the FBI and it's antics, hackers behind the scenes are running around making fools of intelligent men.
This weekend, we saw foonet disappear without a trace, mirc-x, aniverse, and rizen brought down in flames by DDoS attacks, and (ranked least important on this list) the anime fansubbing scene, as well as Paul (the one actually served with the warrant says #foonet on efnet) in complete disarray and confusion.
Maybe in a few weeks, some legitimate news corporation will repost what I'm about to suggest with more information.
foonet's ircd was probably a host for some sort of illegality, hence the FBI's raid.
The warrant may have been formed with the help of an IRCop on mirc-x.
While sustaining DDoS attacks, a user visited mirc-x appearing to "be the culprit," and left a few locations he could be found.
Reading between lines, the lingo announced the reason for the attack: That damn IRCop reported my irc server with a lot of hacked computers taken away. So I'm bringing down his network.
What was the reason the IRCop reported anything? Did he crack a joke about the hacker's mother? Or was he just doing the "right thing?"
Sadly enough, by the end of the weekend, the anime scene had pretty much caused the death of 3 servers either due to load, or to followed DDoS attacks on other servers.
I have to wonder if there's actually a connection between the two events. 3 IRC networks down and an entire hosting company at a local FBI headquarters because of hacker squabbles? Are they really that important and/or worth the time?
I wish I knew. I wish someone could actually write about it. My story can't possibly be true.
-Kenners EE,CE,JP&RPI.EDU
After several hours.. (etc)
Let the fbi show up at my door with a search warrant for a customer's data and they'll be given a choice of how they want the data handed to them, and then they'll have it, in as much time as it takes me to open the case and hand them the secondary harddrive of the system (break the raid) or if they have a minute I can burn 'em a CD rom of the customer's data in as much time as it takes to tar and scp the data to the machine with the burner in it. Time required would be measured in minutes, and no toes required to count them.
After reading about this story in a few places I said from the first I heard of it "there's more to this". They host an irc network, bastions of warez and mp3s (hey I like IRC too, and have my own server but I know what happens on them if they're not policed heavily). They are (accused) of being carder/hacker friendly and their "ddos proof" hosting and irc services definitely sounds like something a hacker would like... It's sounding like they slept with the pigs and are covered in mud.
Another choice comment: The seizure isn't standard procedure, and there's no way to know exactly what prompted it.
That sounds to me like a thinly veiled attempt at insinuating foonet might not be as innocent as they'd like to be seen, "isn't standard procedure" "no way to know exactly what prompted it".
Call me a chicken or even (gasp) a Republican but if a lowly sheriff's deputy shows up with a warrant he's gonna get 100% cooperation and anything he wants ASAP from me, let the FBI show up? Shit that's when I get out my shoeshine kit...
--- www.f-theocean.com
So giving the Police the right to trash anyone's home or business is the only way to prevent anarchy? The only ways that are at all possible are this way, or the small poster way?
Besides the option of a large poster, it seems to me it would be possible to have a system where the police can search for evidence with a warrant, but have to pay for any damages they cause if the victims turn out to be innocent.
The current system invites abuse. The police don't even have to frame anyone they dislike enough to get them convicted, only enough to get a warrant. Evidence can be hidden in furniture, walls, cars etc, all of which can be smashed down in the search for evidence, easily costing any uppity person $100k+.
Abuse of police power is arguably a bigger problem in the world than regular crime, so don't think it's a small issue.
I would like to ask this person: was it worth it? Is the evidence that this will result in, going to have value that exceeds the harm? Did you even ask yourself that question, before you signed the warrant?
I guess you can blame the FBI too, for bringing that unsigned warrant to some judge to be signed. But the responsibility ultimately fell on the judge.
Who judges the judges?
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
A data center adds this risk, which needs to be considered in a disaster recovery plan. Do you have off site backups at your hosted site? If the hosting site has the tapes, they may included when the warrant is executed. Your equipment may be swept up in a search of the datacenter, your first notice may be the watchdog scripts
" sorry we don't log that data for more then 24 hours " or some other excuse..
Face it, all transactions must be logged and kept forever, or face the wrath of the government...
And if you get caught trying to delay, or reduce said logs infinite length of retention, expect a jail sentence for obstruction..
---- Booth was a patriot ----
Right on target. In my experience the FBI couldn't give a rats ass about causing the least amount of colateral damage or returning your siezed property. In 2001 (I believe that's right) the FBI siezed a Sun 20 from a lab at a University I worked for. The lab was less than maintained. It was full of SGIs that were vulnerable to every possible exploit for the last 5 or 6 years. It was a joke really. The Sun was also unmaintained. I pointed out to my super 10 months before the siezure that the Sun was an open relay and had services running that shouldn't be (I still have that email!). Nevertheless it wasn't touched for 10 months. Right about the time I volunteered to help the lab maintainer get everything up to date and secure again the FBI came in and siezed the Sun. It apparently was used for something bad. I haven't been with that University for a while now but last I knew it still hadn't been returned. The FBI couldn't give a rat's ass about causing the least amount of colateral damage. Their actions speak for themselves. What if the machine used for the attack (or probe for that matter) was the Unv's mail server? It was poorly maintained too and had been hacked before. What if an attacker used it as a launching pad for an attack. Would the FBI sieze that piece of state property, effecting bringing email on campus to a complete halt? It's sad really to think about it.
Unless the hosting service itself is involved in criminal acts, it is unlawful for the FBI to request a search or seizure of "work product materials possessed by a person reasonably believed to have a purpose to disseminate to the public a newspaper, book, broadcast, or other similar form of public communication, in or affecting interstate or foreign commerce". This includes hosting services; that was established in the Steve Jackson Games case. The service itself, not its users, has to be engaged in criminal activities before search and seizure can take place.
The FBI is usually quite careful about this, having been publicly embarassed in the Steve Jackson Games case. So the question is whether there are criminal charges against the hosting service.
First let me preface that I havn't had any association/communication with Paul in years, but back in the mid-90's I Knew Paul, the owner of FooNet (Now CIT) in relation to a Small ISP I used to be a corporate officer of/part own/work for (we were the coloc host of the fledgling FooNet.net's first server 'foonix' if I recall correctly). Things could have changed since then but I very much doubt so.
Back in the day, Paul was very much into the warez/irc scene and seeing the UseNet Articles that are around about FooNet, it seems to be pretty much the same as it used to be, only quite a bit larger. I don't know that I'd actually place CIT in the 'innocent' category, as even back then he knowingly hosted practically anything and anyone that would pay him.
Evidence seems point to quite similar behavior of FooNet/CIT as I had experienced in the 90's, so, I'd say good riddence to one more large spam/DDoS host.
I really dont understand how the FBI can treat every computer system they confiscate as safe to pick-up and stick in the back of a van. Either that or i dont understand how anyone with data thats either criminal or very confidention hasnt caught on to the fact that they could erase it before its even loaded into the van! take a few machines (or remote backup if needed) and stick them on a UPS. The vital data is then loaded into RAM along with the 'loading/unloading' program and removed from the drive, only a correct procedure will restore it back to disk. In come the FBI and shut it down, oops they just lost all the evidence they were looking for including the program that was responsible for loading and unloading the data into memory - absolutely no evidence left, no trace, nothing to say you even damaged evidence - an offence in itself.
This comment does not represent the views or opinions of the user.
There is only one voting system where it is impossible to produce a "surprising" outcome. That being literally "one man (wiht) one vote", i.e. a dictatorship. *All* of the other schemes have a mathematical "odd part."
In your summary of the analysis you overlook the fact that in order to suffer a reversal, there still has to be more people who want the republican than the democrat. (etc.) That is, the point of inflection happens *only* *if*, in this scenerio, thre are four party candidates: Republican, Democrat, Republican-lite (libertarian?) and Democrat-lite (Green?). [The *-lite candidates are candidates who are selected as first-vote candidates, with their second-vote going to the non-lite party.]
In order for the Republican to win (in the inferred degenerate case), the number of the Republican and Republican-lite voters must must make up more than 50% of the electorate. The FUD is that IRV is flawed becasue the least-voted-for person in the current iteration becomes the swing-votes for the next iteration. This isn't however, the real flaw.
The Real Flaw(tm) is that IRV degenerates as voters disapear in the runoffs. Lets keep our original candidate pool of R Rl D and Dl but then add a Comunist (spoiler). In the definition of the spoiler here, lets say that S always gets the least votes. In the simplest spoiler scenerio the spoiler-voters only vote for S. After the first iteration the Comunist is removed and we are back to the original model with those votes distributed among the other parties. Seems fair right?
But what if the S voters don't have a second choice? Well then the fact that they voted just disapears from the model. Still fair.
The apparent purturbation happens when, say, the S voters have a second choice of Rl, but don't have a third choice of R. If Rl is still the next eleminated party. You can end up with a situation where the sum of (R + Rl + D + Dl) nets no winner, but when Rl is eleminated you might end up with the total voter pool reduced in size so that R becomes the winner. But for that to be true, the total voters for R must outnumber th total voters for D and Dl.
I call this the "apparent" purturbation because it is only a correct result if all the S voters wouldn't have voted at all if there hadn't been an S party.
That is, R wins with less than 50% of the "original" vote even though they have more than 50% of the surviving vote. This looks like a problem because people start guessing about the "mandate of the people" for those people who got eleminated.
This isn't really a problem, however, if the voter can rank all the candidates. That is, if the voter isn't limited to, say 5 ranked votes in a field of 7 or more candidates, then the "failure to rank" into the final vote is a proper abstain.
It is also proper to discount the abstained voters because if you don't you could easily end up with no result at all.
Only if the IRV rankings are limited to some number less than the size of the field do you end up with really purturbed results.
Another complication arrises with voters who would rank Dl, Rl, then D, for instance, because their second choice (Rl) may never experience the benefit of their second-standing. In particular it appears that, in a change up situation where most/all of the *-lite voters have "the other" *-lite as their second rank, things may seem a little dicy. You get some chaotic cross over that, if you look at the raw numbers seems "surprising."
This is not *really* a problem mathematically, but the whining electroate might see it as unfair.
Still in all, if the voters percieve there to be dominant parties (R and D) and rank their votes all the way up to their perceived dominant party, the system ends up "closest to fair" of the curent alternatives.
The "odd looking" part comes out if you were to sum up the votes "the other way" by adding a tickmark next to each candidate if that candidate appears in any chain of votes. You might find that Rl h
Innocent people shouldn't be forced to pay for inferior software development.
--"Code Complete" Microsoft Press
No reasonable person would be in favor of a state without police...that's just a straw man argument. The issue here is that the FBI can just shut you down simply because it believes you're doing something wrong, and you don't get any compensation regardless of whether or not you really were doing something wrong.
If I'm hiding coke in my sofa, and the FBI raids my house and confiscates the sofa, I have no reasonable expectation that I will ever get the sofa back. If they also take apart my easy chair looking for more coke, but don't find it, then, well, I shouldn't have been hiding drugs in my furniture. Tough luck.
However, what if the FBI screws up, and they don't find anything, even though they trash all of my furniture? It seems pretty reasonable that they owe me the cost of all the furniture, EVEN IF there was no way they could have known. In other words, even if they cross all their t's and dot all their i's, if they don't come up with anything, they still wrongfully accused me, and thus they owe me compensation.
By the same token, if they shut down a business, and they don't find evidence to accuse the business owner of a crime, the FBI should be responsible for every penny the company lost while their equipment was getting sniffed and probed by the FBI nerds, plus something for their trouble.
There's no reason why I should have to sue to get compensated...if you're not going to falsely accuse me I should be automatically compensated the instant my name is cleared.
The problem is that as it stands now is that the FBI could just hose an operation like 2600 for some minor offense and just keep their equipment indefinitely. Accountability, especially the financial kind will go a long way towards preventing the Gov's cronies from abusing their powers.
But there is another kind of evil that we must fear most... and that is the indifference of good men.
This is one of those times where the government violates all constitutional protections to the point that citizens so violated damn near have a DUTY to exercise their second amendment rights. There is no excuse for the government putting a company out of business if their only requirement is to copy data. And if the FBI is unable to do so on-site in an orderly manner, it is their failure not the fault of the ISP. ISPs have long been given the protection of a "Common Carrier" just like the telcos. They are not responsible for monitoring the content of user conversations any more than ATT/MCI/Sprint are to monitor personal phone calls. Can you imagine the FBI shutting down AT&T and confiscating their equipment because a couple hackers were discussing DDoSing? It really is getting to the point that US citizens need to start pushing back against an overbearing government. Quite frankly, take away cable TV and consumer goods and little separates the USA of today and the Soviet Union of the 1960s and 70s as far as freedom and liberty go.
Zero damage done to "an innocent ISP". CIT aka Foonet are far from innocent of anything.
Yeah. Honestly, I thought about this when I originally wrote my comment. I briefly considered doing a little Googling to get some background on CIT, mainly because I know that part of the fun of Slashdot is there's always someone here who know much more -- about some subject, however esoteric --, and that someone inevitably comes along to challenge your assertions.
But then I remembered that I'm an American, and that in America everyone no matter how despicable, is innocent until proven guilty.
And that is the sense of "innocent" I was using -- particularly apropos when one considers it was the FBI which was involved.
And whatever CIT has done, no matter how bad, it's not bad enough for us to sacrifice our liberties so as to more easily punish CIT.
Opinions on the Twiddler2 hand-held keyboard?
Steel doors, three feet thick slam closed sealing off the datacenter. Have all the computers in a vault. Single entry door (now covered by three feet of steel), and sets of quintuple, automatically locking one-way exit doors for the techs in the vault. When the FBI comes, push the Red Button. The vault main doors close, and the techs descend fire poles, with foot thick steel apertures closing off the vertical entrances. Then they file out of the escape doors, into the basement of the administrative facility. When the all clear is sounded (via radio-frequency tags embedded in employee ID tags) and everyone is out of the vault, epoxy resin is force-injected into the space between the quintuple evacuation doors.
Anyway, these places usually have gobs of venture capital. What the FUCK are they spending it on, pool tables and nerf guns?
The FBI will not seize computers without a warrant. I know this because I just lost a job for ratting to them about child pornography at one of the country's largest construction staffing firms ($100mil in sales last year). Though the local field agents were anxious to put the keibosh on the whole operation, they couldn't, because heresay is not enough evidence to get a subpoena for a raid. It takes a long time to collect evidence before such a raid will ever be authorized, sometimes months or years. So if the CTI data center was seized/shut-down, you can bet there was plenty of evidence already collected, enough to satisfy a judge. Most likely, their traffic was already being monitored, and they have only themselves to blame for condoning illegal activities.
-- Jimtown Kelly