Slashdot Mirror
FBI Caught On Camera Returning Seized Server
sunbird writes "As previously covered on Slashdot, on April 18th the FBI seized a server located in a New York colocation facility shared by May First / People Link and Riseup.net. The server, which was operated by the European Counter Network ('ECN'), the oldest independent internet service provider in Europe, was seized in relation to bomb threats sent to the University of Pittsburgh using a Mixmaster anonymous remailer hosted on the server (search warrant). The FBI's action has been criticized by the EFF. Predictably, the threats continued even after the server seizure. On April 24th, the FBI quietly returned the server, without notifying either Mayfirst / People Link or riseup, and were caught on video doing it."
Due process and transparency?
This is borderline "coverup" activity.
"Flyin' in just a sweet place,
Never been known to fail..."
Sure it was heavy handed -- in about the same way as shutting down traffic for a major accident is heavy handed. You know we have the ability to just plow that wreckage off our highways and get on with our lives but noooo the police want to find out who was at fault and make sure everyone is okay. Even though it inconveniences thousands of people every day and, predictably, the accidents keep happening despite the police officers' efforts.
Predictably, the threats continued even after the server seizure
That's gotta be the stupidest part of this summary. The idea wasn't to stop the threats but to trace them! If logging wasn't turned off on that server, the FBI would have been able to trace it. That being the only thing they could do, they did it. I mean, if I was a student or parent, I would be really upset if the FBI said "Well, we could confiscate that server and mildly interrupt e-mail service for 300 people but it will only tell us who is doing it if logging is turned on and it's probably not so we're just going to go ahead and let this all continue to happen."
... with the safety and lives of hundreds of other people at the university in mind when it happened.
Yeah, hundreds of people were inconvenienced when their e-mail was disrupted
Big bad FBI, trying to follow the only lead they have on some sick pervert who gets off to bomb threats. Shame on them! Sometimes I think law enforcement is damned if they do, damned if they don't.
My work here is dung.
in other news, the local keystone cops returned a section of highway in the middle of the night, hoping to avoid being noticed...
that particular section of highway was used by a group of bandits to threaten passer-byes.
after that section was removed at great inconvenience to everyone involved, the bandits simply moved down the highway a couple of miles...
It never kept any log files or other personal identifying data, so they could probably make some serious coin auctioning it off to whoever wants to pay the most to get a first-hand look at the lastest guvernment spyware.
Let's call it what it is, Anti-Social Media.
I think the concern stopping them from using the server now is the fear that the FBI modified "something" to log or report on traffic going through the server.
Absent the implementation questions of whether there will be anything useful in the logs, when someone takes you equipment and returns it later without comment, it is not unreasonable to assume that something happened to it.
(Note: I have participated in DoJ forensic training. The FBI procedures should be similar.)
As to the validity of the concern: Investigators are not usually allowed to mount storage media in read/write mode. If they do so, any evidence obtained from that media will no longer be admissible in court. While many labs do have non-forensic connectors for storage media, they are usually not used for fear of accidentally tampering with the evidence.
Investigators will make copies of media and manipulate the copies, but the originals will never be changed.
This does not say that there is no way from them to put some kind of logging software/firmware/hardware on the server, but it is pretty unlikely.
They're long dead my friend, even if their dreams and ideals live on. Its up to the people of today to persevere and embody those ideals, and if that's not happening maybe its time to ask why not.
I assume you are joking? They are investigating criminal activities (rather ineffectively, apparently, but still investigating), so of course they are not going to state every action they take publicly.
As you pointed out, this is a VERY fast turn-around ... almost like they hope that people will use it in a "business as usual" fashion ... like a honeypot?
Not even telling them that it was back so that the owners could decide if they even wanted to risk leaving it in place? VERY suspicious.
The FBI also left a dolly to move the server. Unfortunately the dolly is filled with microphones and wi-fi packet recorders. The FBI also left a fruit basket as an apology. Unfortunately the fruit is laced with mind control chemicals. The FBI also left an apology note. Unfortunately the text is interlaced with words that activate their sleeper agent inside the company.
I mean I can play the conspiracy game all day, yeah if they installed spyware on it, the FBI are pieces of shit. At least have the decency to request the compliance of the company and let them decide to help you track down a scofflaw. At least you could then tell the parents and students that this company won't comply with your investigation so your hands are tied until further leads.
I mean, come on, you think that the FBI is that savvy? You think that any two bit network or systems engineer wouldn't be able to pick up on weirdness in network traffic or processes running from/on the machine phoning home to the FBI? Any company worth its salt that accepts a server or hardware back from anybody proceeds to rebuild it from scratch. Flash or upgrade the firmware if you want! It's so hilariously convenient that law enforcement is a barrel of bumbling idiots when they're supposed to be helping us and when they're trying to help us they are seventeen steps ahead of us and already have infiltrated my underwear drawer. In this story they go straight from idiots who can't understand that logging is turned off on this server to installing honeypot software/devices in two weeks into a device they just got. Right. VERY suspicious. And let's face it, this bomb threat guy has already moved on to another remailer and he's not going to return to this remailer that he has inconvenienced.
My work here is dung.
Apparently now they need to get a return warrant.
The threats continued after the server seizure. So one might expect the FBI to return the server with a courteous "Sorry, my bad" apology, maybe.
Why? They had a valid warrant, and the server isn't owned by Riseup or May First/Peoplelink. Why should they have to apologize to them, or notify them? In fact, according to Riseup's press release, this server didn't even contain any of their info.
How is this a "coverup"? There was a properly adjudicated warrant to seize the server in the first place (whether or not it was over-broad, and whether or not someone agrees with the reasoning). Law enforcement is not obligated to make public announcements — and this story was covered widely.
For the people saying this is a Fourth Amendment violation, do people really think the FBI just routinely rolls onto private property without a legal justification for doing so? Again, saying "we weren't notified of the server's seizure or return" has nothing to do with the legality of either action.
In the first discussion, many were lamenting the possibility that the server may not be returned for months, if ever; now it's been returned (probably after having its drive(s) imaged) in a timely fashion and that's a bad thing, too? The issue of notification or announcement is irrelevant to the law.
What I would be concerned about is if the FBI entered private property without permission and without a legal basis — for example, via continuing coverage by one or more warrants to enter the property. Notice that is not what is being alleged here, just what some people are assuming...
Normally, in a free society, any interactions with Law Enforcement would be above board and you would be notified.
Riseup and May First/Peoplelink weren't notified. They also didn't own the server or the space. Nothing says that the FBI didn't notify ECN.
It looks like you really need to understand some definitions before you use spout off.
Due Process is basically that law enforcement must follow the law. Show me where there is a law that requires law enforcement to inform everyone involved as to what they are doing. Considering that to put the server back the colocation company had to know about it as they had to let them in. Does it really matter if the FBI or the colocation compant told the server owner it was back?
Unreasonable search and seizure; It might have been iff they did not have a search warrant signed by a judge in accordance with Fourth Amendment.
Try reading the Bill of Rights sometime. The FBI broke the 6th law in that document (also known as the 4th amendment) which requires obtaining a search warrant from a judge prior to entrance.
You mean something like this? The warrant that was linked to not only in the article but also the summary?
And yes sometimes the bad guy gets away.
That would be a hilarious motto for any law enforcement agency! I'd opt for "We do everything within our legal rights to catch the bad guy."
That is preferable to harassing innocent people & treating them like criminals (example: patting down their breasts and crotches)
You are confusing the FBI and TSA.
(example: randomly searching through cars)
You are confusing the FBI and ... your local law enforcement? Who require probable cause?
(example: arresting people who publish anti-war pamphlets)
The FBI might have done that in the past during Vietnam but it was probably for other trumped up bogus charges and luckily today we have the EFF/ACLU to take up those cases when that happens. Got any recent examples or really any citations at all for this entire post?
(example: rounding-up asian-Americans & tossing them in jail cause it's world war 2)
Wow, dude, that was six decades ago ... yeah it was horrible and I think it's been publicly recognized as horribly racist and is a reason for public shame to the United States. I do not think that's happening today.
(example: assassinating Americans because you SUSPECT they might be terrorists)
Again, I think you're confusing the FBI with some other agency ...
(example: strip-searching old people before they can fly)
But you repeat yourself ... that's the TSA, not FBI. The TSA definitely has no purpose and needs to be dissolved.
(example: forcing a breast-feeding mom to stand in a glass jail for an hour, rather than let her take her pumping equipment home to her newborn kid)
What the hell? Citation?
INFORM yourself of what's happening in the world.
Yep, I'm the misinformed one here, got it. Hey, since all government actions are from the same people (you cross state and federal levels several times there) why don't you go tell your local county clerk to stop murdering Afghan children? Makes about as much sense as the rest of your rambling post ...
My work here is dung.
Probably because they didn't make a public statement about it.
Anytime a government agency does something, ideally they should state publicly wtf they're doing.
Absolutely! They're spending our tax money, they ought to be telling us how their using it. If someone returns a server, I want to know about. Send out a press release, that way camera crews can be there to ensure it's done properly. And the FBI agent files sends a memo about the return, send out a press release. Then we'll all be able to sleep well knowing that there's no out standing paperwork.
This should really apply to all government agencies. How else are we to know that our money is being well spent? Do you know how much money gets blown on "black" programs by the CIA? I think it'd be better for everyone if they told us what they were doing in all those projects. That agency is sorely in need of some more transparency and openness. With all the money they are spending, they ought to be sending out press releases all day long telling us what they're up to.
The benefits go beyond keeping track of taxpayer money. Think of the bin Laden raid. If they had sent out a press release about it the week before, news agencies could have sent reporters over to interview bin Laden to find out how he felt about his impending demise. And then they'd have film crews there to record the action as it happened. With a week's notice, Osama's crew probably could put together some Bollywood number to perform during the raid while the SEALs were taking a timeout to update their facebook status letting us know they were blowing up that crashed helicopter.
"Why should they have to apologize to them"
One of the ways society identifies shit people, and their fanbois, is by the way they never apologise or show any signs of remorse.
"Oops, I always forget the purpose of competition is to divide people into winners and losers." - Hobbes
I was wondering the same thing. I know people here like to cast "The Man" in the worst possible light, but are they really just bitching that the FBI didn't jump up and down and wave their arms so that people would know that the server was back?
The FBI re-installed the server without telling May First / People Link. They just put it back in the rack and reconnected it (and presumably turned it on). Who knows what they added to the server? I certainly wouldn't trust the FBI in this situation. If they had nothing to hide they would have returned the server to the facility operators so it could be re-install but the facility's personnel. This looks like the FBI were trying to sneak it back in.
It would be more like this:
You go into 7-11, pay for a frozen burrito, then proceed to the customer-use microwave to warm up your afternoon treat. While you wait for your snack to warm up: 2 FBI agents walk into the store, identify themselves to the manager, walk over to the microwave (with your burrito in it), unplug it, walk out the door with it, and drive away.
Now you're thinking, hey those 2 guys just stole a microwave and my burrito. In reality they had a warrant to seize the microwave and its contents, and properly identified themselves to the establishment housing the microwave.
It was a burrito dammit!.
Way to misrepresent the facts to make your case.
You know damn well nobody would make a fuss over a bag of chips.
Not sure the details in this case but I would not want to have a server returned without notice and plugged in.
so imagine you are an admin, Server "yoyo" is gone so you set up a replacement server using a backup. We call the new server "yoyo" as well. you tweek it as needed and life is good.
A few days later both servers are now online. Both called "yoyo" One is out of date perhaps but they both have the same name. try to serve the same requests perhaps. Do backups to the same network location
The possiblities for excitement and fun are limitless.