Slashdot Mirror
FBI E-Mail Server Breached
voma writes "The FBI said Friday it has shut down an e-mail system that it uses to communicate with the public because of a possible security breach. The bureau is investigating whether someone hacked into the www.fbi.gov e-mail system, which is run by a private company, officials said. 'We use these accounts to communicate with you folks, view internet sites, and conduct other non-sensitive bureau business such as sending out press releases,' Special Agent Steve Lazarus, the FBI's media coordinator in Atlanta, said in an e-mail describing the problem."
From: rmueller@fbi.gov
To: anonymouscoward@slashdot.org
Subject: The FBI can help you!
CONFIDENTIAL INFORMATION YOU WANT TO KNOW.
This is the agency they want banned from the INTERNET!
"The Federal Bureau of Investigations" shows you how to get the facts on anyone using our files.
LOCATE MISSING PERSONS, find lost relatives, obtain addresses and phone numbers of old school friends, even skip trace dead beat spouses. This is not a Private Investigator, but a GOVERNMENT agency DESIGNED to automatically CRACK YOUR CASE with links to thousands of our secret files.
Find out SECRETS about your relatives, friends, enemies, and everyone else! -- even your spouse! With the New - "FBI"
You will be AMAZED at what you can discover:
LICENSE PLATE NUMBER - Get anyone's name and address with just a license plate number! (Find that girl you met in traffic!)
DRIVING RECORD - Get anyone's driving record!
SOCIAL SECURITY NUMBER - Trace anyone by social security number!
ADDRESS - Get anyone's address with just a name!
UNLISTED PHONE NUMBERS - Get anyone's phone number with just a name- even unlisted numbers!
LOCATE - Long lost friends, relatives, a past lover who broke your heart!
E-MAIL - Send anyone anonymous e-mail that's completely untraceable!
DIRTY SECRETS - Discover dirty secrets your in-laws don't want you to know!
INVESTIGATE ANYONE - Use the sources that private investigators use (all on the Internet) secretly!
EX-SPOUSE - Learn how to get information on an ex-spouse that will help you win in court! (Dig up old skeletons)
CRIMINAL SEARCH - BACKGROUND CHECK - Find out about your daughter's boyfriend! (or her husband)
FIND OUT - If you are being investigated!
NEIGHBORS - Learn all about your mysterious neighbors! Find out what they have to hide!
PEOPLE YOU WORK WITH - Be astonished by what you'll learn about the people you work with!
EDUCATION VERIFICATION - Did he really graduate college? Find out!
"The FBI" will help you discover ANYTHING about anyone, with clickable hyperlinks and no typing in Internet addresses! Just download the software and go! You will be shocked and amazed by the secrets that can be discovered about absolutely everyone! Find out the secrets they don't want you to know! About others, about yourself!
LIMITED TIME OFFER -- ORDER TODAY! ONLY $20 (US)
You can access the "FBI" NOW so you can begin discovering all the secrets you ever wanted to know! You can know EVERYTHING about ANYONE with "The FBI".
- Works with all Internet Explorer browsers and all versions of AOL
- Windows Versions available Only!
DON'T WAIT TO GET STARTED? It's as easy as 1, 2, 3. ORDER TODAY - While this agency is still legal!
Neal, when you post an article like this the only thing anyone cares about is what OS (and especially if it was microsoft) got ownz0red. Please try to put this information in the summary. Thank you.
How was this said in an e-mail if their e-mail server was down?
From netcraft: Linux Sun-ONE-Web-Server/6.1
In a followup e-mail describing the problem, Special Agent Laz Steverus said "No sensitive information was compromised, but today is a good time to remind citizens that the FBI is in posession of approximately 22,000,000,000 (TWENTY TWO BILLION DOLLARS) in uncollected judicial judgements from spammers, a portion of which we're trying to return to you folks. Just visit our web site, and read our press release, and it will instruct you in how to help us get this money back to you..."
Man, what I wouldn't give to be "Special Agent Lazarus." Everything you do sounds cool -- I mean, it might be an utterly boring document about e-mail usage, but you still get to call it "the Lazarus Report."
I'm sorry, but when I hear a media spokesperson hiccup like that, my bullshit detector sends up an immediate flag. What was this email server really used for???
"Yes, I have a Disaster Recovery Plan. It's called my Resume"
The FBI reportedly surrounded the building (after leaving it) and broke down the front door, only after realizing they had the keys. They confiscated the computers and surrounding evidence for further investigation. "It must be an insider doing the hacking, these systems were secure." said agent r0\/ l337zki.
... the FBI, for a short time, became mysteriously more productive within the span of 12 hours. Some say that their coffee was spiked with a new secret uber-caffeine, while others say a lack of spam in their e-mail boxes allowed them to work more freely.
Not only that, but personnel over at the Central Intelligence Agency as well as the National Security Agency have also become more friendlier. One employee was noted saying, "Thank God! I was so fucking tired of those guys sending me pics of Goatse!"
The key phrases are run by a private company and We use these accounts to communicate with you folks, view internet sites, and conduct other non-sensitive bureau business such as sending out press releases.
I'm sure, like the NSA, that the FBI has (at least) two networks. One that is internal only for confidential/sensitive communication/files, and one for outside communication such as this one. At the NSA, they are completely seperate, with no ability to copy/move files from one to the other.
Saying Android is a family of phones is akin to saying Linux is a family of PCs.
How was I supposed to know?
I'm sitting here in the training cubicle. The guy in the cube next to me decides to check his voicemail... ON SPEAKERPHONE. After he dials in his password (for the entire office to hear) I call softly over the cube wall,"I now have your password."
A tense silence followed, and I could tell that the general perception was "Yeah right--you're just the new guy."
So I brought up my handy DTMF generator and started replaying his password over and over (at a low volume, but just loud enough so that people in adjacent cubes could hear).
How was I supposed to know that he had the Admin password for the e-mail server stored in his voicemail?
At the same time... What sort of dumbass checks their voice mail on speakerphone in public office space?
fast as fast can be. you'll never catch me.
Director Mueller wants his email (gunslinger_cute@fbi.gov) back with a vengeance.
I have worked with FBI agents on a few things, and I can't imagine this email server didn't have sensitive info flow through it.
I'm sure it's FBI policy to avoid it, but it's like a bank...how many people do you think send account numbers, SSN's, etc. to a bank via email? Do you think most people are going to see "fbi.gov" and not think it's safe to email them?
Regardless of what they say, IF this server was compromised, I bet the attacker saw all sorts of interesting things. It's not their fault, but it's probably more serious than they are letting on.
Special Agent Steve Lazarus, the FBI's media coordinator in Atlanta, said in an e-mail describing the problem.
Is this some sort of intelligence test? You get an email press release from someone saying the email account they use for press releases isn't reliable?
Recursive: Adj. See Recursive.
'We use these accounts to communicate with you folks, view internet sites, and conduct other non-sensitive bureau business such as sending out press releases,' Special Agent ... Lazarus said ...
We'll be seeing the first article any time now about classified material having been sent over this server. Some one start a pool.
"We reject as false the choice between our safety and our ideals." --The American President (20.1.2009)
and not somebody named 133thaxxor?
My name is Lee Thaxxor, you insensitive clod!
Trolling is a art,
Does that mean we need to change our passwords again?
Burn the land and boil the sea, you can't take the sky from me
According to the BetaNews Article Officials said the actual risk of a system compromise was fairly low. So the question is, what did the sysadmin see that prompted him to shut the system down?
One good turn - gets all the covers.
Well then, I guess Netcraft confirms it: Linux-Sun-ONE-Web-Server/6.1 is dying.
How could someone actually read someone else's email without their permission? Next these crackers will be listening to other people's phone calls. Then what, a knock on the door in the middle of the night?
Isn't that a good password?
I use it on my luggage too.
Fight Spammers!
-"...bad old ideas look confusingly fresh when they are packaged as technology" - Jaron Lanier (Digital Maoism on Edge.o
Out of curiosity, does the FBI have any "normal" agents? Cause if they're all "special" agents, are they really that special?
[o]_O
Sending out press releases designed to provoke your suspect is a tried and tested method in law enforcement. What if they had a mission-critical email server that had been hacked but had to stay online no matter what? (Think of secure intelligence channels.) This press release could be to try and prevent him from coming back...
;)
It would also explain how they were able to send the email
One good turn - gets all the covers.
I guess I shouldn't hit below the belt like that but I'm still pissed off about millions of my dollars (And they were all MY dollars thptt!) being wasted on Virtual Case File. I bet some corrupt individuals got really, really rich off that project, too...
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
Originally I started thinking of this post as a joke, THEN I started thinking... what if the FBI really DID have a server with a collection of confiscated mp3's being held as "evidence" for "review" by agents at their convenience? And what if RIAA really did have such as hack-bot programmed and authorized to shutdown P2P systems?
Food for thought.
Why, oh why, didn't I take the Blue Pill?
Frankly, I think we've all been duped by this false news post.
An "E-mail system used to communicate with the public" sounds like an Internet facing SMTP gateway. I can't be sure, obviously, but that's the most likely type of a system that got "breached". The really juicy stuff, the e-mail servers that host the mailboxes, would be on the internal network, and much better protected against hacks.
If an SMTP gateway was supposedly "breached", what could that entail? Somebody was able to relay through the server? Wooo, big deal! There are like a bazillion open relays out there. Or someone installed a trojan that allowed them to intercept the SMTP traffic? Again, it is not a big deal. The e-mail messages were sent to the public, and SMTP traffic being sent to the outside mail servers isn't encrypted or secure in any way anyhow. It can be intercepted, and e-mail can be read, at any upstream router.
This has been blown out of proportions, IMO.
You folks? Gee, thanks alot, we don't trust you much either.
Slashdot: Playing Favorites Since 1997
A special agent is a federal investigative employee who has powers of arrest and is usually armed. This is "special" when compared to the powers of an ordinary federal employee, not to other agents within the FBI.
Only the powers of arrest part is "special". A mind-boggling range of government employees have federal permission to carry guns. (And this permission, like post-office driving rules, overrides state laws.)
This was apparently first noticed when an airport security employee leaked the list of agencies whose members could carry thorugh airports. In 1997, according to a GAO study (the source for info in this libertarian party press release) the nubmer of agencies was 45 and the number of gun-toters approaching 60,000 and had grown by over 2,400 in the previous year. I've heard nothing to indicate that the number has not continued to climb since then.
Some non-law-enforcement worker categories:
Poultry inspectors.
Disaster aid workers.
IRS auditors.
Some agencies with "special agents":
Small Business Administration
NASA
Department of Education
U.S. Fish & Wildlife Service
Department of Veterans Affairs
The Energy Department has access to machine guns and other agencies can summon tanks and military helicopters.
According to the Western Journalism Center these agencies have SWAT teams:
The National Park Service
the Department of Health & Human Services
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
They used to use carnivore to read our mail. Maybe they just thought it would be nice to take turns and let us read their mail for a while.