Slashdot Mirror

← Back to Stories (view on slashdot.org)

FBI Posts Fake Hyperlinks To Trap Downloaders of Illegal Porn

Posted by Soulskill on from the if-you-thought-getting-a-shock-site-link-was-bad dept.

mytrip brings us a story from news.com about an FBI operation in which agents posted hyperlinks which advertised child pornography, recorded the IP addresses of people who clicked the links, and then tracked them down and raided their homes. The article contains a fairly detailed description of how the operation progressed, and it raises questions about the legality and reliability of getting people to click "unlawful" hyperlinks. Quoting: "With the logs revealing those allegedly incriminating IP addresses in hand, the FBI sent administrative subpoenas to the relevant Internet service provider to learn the identity of the person whose name was on the account--and then obtained search warrants for dawn raids. The search warrants authorized FBI agents to seize and remove any "computer-related" equipment, utility bills, telephone bills, any "addressed correspondence" sent through the U.S. mail, video gear, camera equipment, checkbooks, bank statements, and credit card statements. While it might seem that merely clicking on a link wouldn't be enough to justify a search warrant, courts have ruled otherwise. On March 6, U.S. District Judge Roger Hunt in Nevada agreed with a magistrate judge that the hyperlink-sting operation constituted sufficient probable cause to justify giving the FBI its search warrant."

4 of 767 comments (clear)

  1. Re:Stating the obvious problem by Brian+Gordon · · Score: 5, Informative

    You should disable prefetching; a little-known fact is that cookies are exchanged when links are prefetched.. if you're on unsecured wifi (like my internet during the months I'm at school) all someone has to do is present you with a link to amazon or to wikipedia or to slashdot, and you don't even have to click it for the auto-login cookie to be exchanged. Those of you with credit card info saved on amazon, beware. ~~~~

  2. Re:Entrapment? by QuantumG · · Score: 5, Informative

    apologize? The FBI? You're kidding right?

    There is absolutely NO repercussions to a judge who authorizes a search warrant on shoddy evidence. Law enforcement can literally *lie* to get the warrant and, even if you can prove they were lying, there isn't a venue to file your complaint. Even if they cause damage to your property, you can't sue... they had a valid warrant. About the only people you *can* file your complaint with is the FBI.. who will action it, around the 4th of never.

    --
    How we know is more important than what we know.
  3. Re:How long until... by Adradis · · Score: 5, Informative

    Nimp.org link. Do not touch.

  4. Re:Stating the obvious problem by eh2o · · Score: 5, Informative

    That is why purchase transactions and personal data from amazon are served from a secure server. The secure server uses an independent cookie with the secure flag set, which cannot be transmitted except over https. Hijacking the unsecured session cookie won't get you much more than recommendations tailored to someone else's account. This is a standard design for a high-volume service that can't afford to have every page SSL encrypted.