Are UK Police Hacking File-Sharers' Computers?

superglaze writes "Following its takedown earlier this week of the music blog RnBXclusive, the UK's Serious Organised Crime Agency (SOCA) has claimed that "a number of site users have deleted their download histories" in response. Given that the site didn't host copyright-infringing files itself, how do they know? We've asked, but SOCA refuses to discuss its methods. A security expert has pointed out that, if they were hacking using Trojans, the police would themselves have been breaking the law. Added fun fact: SOCA readily admits that the scare message it showed visitors to the taken-down site was written 'with input from industry.'"

Browser exploits?

[AmiMoJo]

Perhaps they were using browser exploits to determine if people had cleared their history or cache. Most (all?) of the major browsers used to allow Javascript to detect if links had been visited, so it could check known pages on the site to see if they had been accessed. Similarly the server can tell if files are in the browser's cache because it doesn't re-download them.

Combine that information with IP address logs and you know... well, nothing actually, but if the message they posted on the site is anything to go by they either don't understand that or are just lying deliberately. My guess is that this claim is the latter.

If you look at the site now the threats have been removed, like someone told them to stop breaking the law themselves. The result of IPCC complaints probably.

Re:So write them a letter if you are not in the UK

[TheRaven64]

If it is an admission by a police officer, then don't write to SOCA, write to the IPCC, who have the power to investigate claims of misconduct by members of SOCA.