Slashdot Mirror

← Back to Stories (view on slashdot.org)

Is the Outrage Over the FBI's Seattle Times Tactics a Knee-Jerk Reaction?

Posted by samzenpus on from the wait-a-second dept.

reifman writes The Internet's been abuzz the past 48 hours about reports the FBI distributed malware via a fake Seattle Times news website. What the agency actually did is more of an example of smart, precise law enforcement tactics. Is the outrage online an indictment of Twitter's tendency towards uninformed, knee-jerk reactions? In this age of unwarranted, unconstitutional blanket data collection by the NSA, the FBI's tactics from 2007 seem refreshing for their precision.

34 of 206 comments (clear)

  1. No. Just no. by Anonymous Coward · · Score: 4, Insightful

    Whoever thinks this is remotely a good thing needs to be beaten with a lead pipe. Not only is it clearly illegal, it's also a serious breach of trust.

    1. Re:No. Just no. by Mr+D+from+63 · · Score: 2

      Who trusts what they read on the internet anyway? Particularly by reading just one page of content that has no real meaningful impact to anyone but the criminal.

      Anyone who doesn't validate what they read on the internet deserves to be......misled.

    2. Re:No. Just no. by thaylin · · Score: 4, Informative

      What is illegal about it? They got a warrant, and sent a targeted email with a link people would not normally go to.

      --
      When you cant win, ad hominem.
    3. Re:No. Just no. by thaylin · · Score: 4, Informative

      And when someone searches or seizes your property without a warrant is it not illegal? You are defeated by your own statement, however I will add the definition which further defeats you.

      warrant
      wôrnt,wärnt/Submit
      noun
      1.
      a document issued by a legal or government official authorizing the police or some other body to make an arrest, search premises, or carry out some other action relating to the administration of justice.

      I think you needed to look up the definition, notice the last part.

      --
      When you cant win, ad hominem.
    4. Re:No. Just no. by Darinbob · · Score: 2

      Which part is illegal? The part where they got a warrant, or the part where they targeted only one person?

  2. Yes, but by nwaack · · Score: 5, Insightful

    Yes, it's a knee-jerk reaction. However, our government agencies have done this to themselves. Most of the outrage is probably coming from people who saw "FBI" and "website" in the same sentence and just assumed they did something bad. I can't say I really blame them all that much.

    1. Re:Yes, but by Anonymous Coward · · Score: 2, Informative

      Most of the outrage is probably coming from people who saw "FBI" and "website" in the same sentence and just assumed they did something bad.

      Nope, much of the outrage is coming from the Seattle Times who had their website spoofed.

    2. Re:Yes, but by jellomizer · · Score: 4, Insightful

      Nearly everything in the media is Knee-jerk.
      No one has the time to really dig threw and sift threw the facts and see both sides of an issue. We Want Good Guys and Bad Guys. No gray line.
      It is nice and neat and easy to know where you are at.

      --
      If something is so important that you feel the need to post it on the internet... It probably isn't that important.
  3. Re:People are scared by just_another_sean · · Score: 4, Funny

    what is the point of using the Web?

    Porn?

    --
    Creationist Textbook Stickers Declared Unconstitutional by CowboyNeal
  4. Why not? (Re:No. Just no.) by mi · · Score: 5, Insightful

    Not only is it clearly illegal

    Please, cite the violated law. Thank you.

    it's also a serious breach of trust

    Trust between which parties? The fake was sent to only one person — the suspect, who then became a convict. The suspect knows very well now, that it was a fake — so he continues to trust the actual Seattle Times as much as he did before.

    Also, we all know, that it is perfectly legal for police to lie — except, of course, under oath. So, which trust are you talking about?

    --
    In Soviet Washington the swamp drains you.
    1. Re:Why not? (Re:No. Just no.) by Anonymous Coward · · Score: 5, Interesting

      Not only that, but from what I can tell there was no malware. And the fake website was just a page on a website where the FBI could see the logs. They e-mailed him a link to a story. When he clicked on the link they could see the IP address which requested the story. Nothing I read says it was any more sophisticated than that. I'm not sure they'd even need a warrant to do this. It's no different then e-mailing him a phone number and looking at the caller ID when he calls it. That's not private information.

    2. Re:Why not? (Re:No. Just no.) by mi · · Score: 2

      Identity theft.

      There is no such law. I asked for a citation — please, be exact.

      Or more practically, try trademark dilution by tarnishment

      Ok, that's better. But have you read that law? It states — right at the beginning — that it is only applicable to commercial misuses of trademarks:

      Any person who, on or in connection with any goods or services, or any container for goods, uses in commerce any word, term, name, symbol, or device, or any combination thereof, or any false designation of origin, false or misleading description of fact, or false or misleading representation of fact [....]

      But that's my reading — IANAL... Seattle Times has plenty of lawyers — the law entitles them to damages. If they don't attempt to sue, then their legal department must have found, the law does not apply, contrary to what (some of) Slashdot thinks.

      --
      In Soviet Washington the swamp drains you.
    3. Re:Why not? (Re:No. Just no.) by ShakaUVM · · Score: 2

      >Does not apply to sting operations...

      Your reference says nothing about wire fraud.

      Here's the actual law -

      "Whoever, having devised or intending to devise any scheme or artifice to defraud, or for obtaining money or property by means of false or fraudulent pretenses, representations, or promises, transmits or causes to be transmitted by means of wire, radio, or television communication in interstate or foreign commerce, any writings, signs, signals, pictures, or sounds for the purpose of executing such scheme or artifice, shall be fined under this title or imprisoned not more than 20 years, or both"

      It's malleable enough that prosecutors can make it apply to basically anyone.

    4. Re:Why not? (Re:No. Just no.) by king+neckbeard · · Score: 2

      If they don't attempt to sue, then their legal department must have found, the law does not apply, contrary to what (some of) Slashdot thinks.

      Or, it's not worthwhile for them to bring a lawsuit. Discretion can be exercised for reasons other than not having the law on your side. That's a lot of how the patent troll racket works. Even if you could fight the troll and win, it is often not in your direct financial best interest to do so.

      --
      This is my signature. There are many like it, but this one is mine.
  5. Did they have a warrant? by gurps_npc · · Score: 3, Informative
    If they had a warrant, then it is perfectly good police tactics.

    If they did not have a warrant, then it is an illegal invasion of privacy.

    They electronically entered his computer and that is no different than entering his home. The fact that he had to click on it is meaningless. The creation of the malware would be illegal, without the warrant.

    Now, the police may not be smart enough (or ethical enough) to have asked for the warrant, but that is what is clearly needed.

    --
    excitingthingstodo.blogspot.com
    1. Re:Did they have a warrant? by r0nc0 · · Score: 2

      I'm not sure getting a warrant allows any entity to break the law as a means to an end, no matter how just that end seems to be. Entering the computer with a search warrant, fine. Creating and distributing malware? I believe that's against the law. Now, malware is a loaded term subject to broad interpretation, I'll grant you that, so really the line is pretty grey. While I'd be tempted to draw an extreme comparison to, say, killing someone because you have a warrant to do so in order to capture some other criminal - I can't say they are the same kind of black and white.

    2. Re:Did they have a warrant? by weiserfireman · · Score: 2

      They had a warrant. FTA " Furthermore and most importantly, the FBI obtained a warrant before executing these activities."

      It was more spyware than malware though, but that is a distinction without a difference in the minds of most people.

    3. Re:Did they have a warrant? by Knightsword · · Score: 2

      Did you even read past the headline, they posted a link to a spoofed site on his myspace page and tracked his I.P. address, when he clicked the link. The was no malware of any kind and I.P. addresses are public information.

    4. Re:Did they have a warrant? by silas_moeckel · · Score: 2

      The linked article.

      Yea a random no-name high school that is were the terrorists will strike. Terrorism by definition requires a political aspect and violence, it's doubtful the 15 year old have a political motive or any particular ability for violence. Since when do terrorists make bomb threats anyways they blow stuff up and claim responsibility not tell you specifically we put a bomb here get the people to safety before it blows. The FBI overreacted and was intentionally circumspect in their warrant.

      --
      No sir I dont like it.
  6. Re:answer to every headline - NO by thaylin · · Score: 4, Informative

    There was no entrapment. The person did a bomb threat, all they were doing was locating him.

    --
    When you cant win, ad hominem.
  7. What malware? by mi · · Score: 5, Informative

    The Internet's been abuzz the past 48 hours about reports the FBI distributed malware via a fake Seattle Times news website.

    From TFA:

    When the suspect clicked on the link, FBI software revealed his location and IP address to agents working the case.

    If there is a slashdotter, who — from reading the above "description" — does not realize, that there was no "malware" installed on the doofus' computer and the suspect's IP was obtained simply from the FBI's web-server log, ought to close his account (and change his name)...

    --
    In Soviet Washington the swamp drains you.
  8. Outrage meter: barely twitching by Qzukk · · Score: 4, Informative

    I'm having a hard time being outraged by a guy dumb enough to click a seattletirnes link on his myspace account.

    There are real things to be outraged over, like the time the government used a MITM attack at the ISP to serve malware on the real slashdot site.

    --
    If I have been able to see further than others, it is because I bought a pair of binoculars.
  9. Re:Why not? (Re:No. Just no.) "except under oath"? by Moof123 · · Score: 4, Insightful

    The double standards between law enforcement and the public are exactly the opposite of what they should be. As a trusted public official (with years of training dollars poured into them) they should be held to a higher standard, and face worse penalties for breaking the law than the general public. Sadly, our failing state is more intent on preserving power than protecting justice, truth, and the public.

  10. This is America... by Simulant · · Score: 2

    ... and if there's nothing to be outraged about we'll manufacture it.

  11. Re:Why not? (Re:No. Just no.) "except under oath"? by mi · · Score: 2

    face worse penalties for breaking the law than the general public

    Though I agree with you in general, we are yet to find an actual law, that the FBI have broken dealing with this case... All of the accusers so far have been unable to offer a citation.

    There are a number of problems with our law enforcement, but that's not the topic here.

    --
    In Soviet Washington the swamp drains you.
  12. Re:Just clicking the link? by chad.koehler · · Score: 2

    The second article has the information I was looking for. The MySpace page itself was anonymous, and was bragging about making the bomb threats. The direct email lead to the owner of the page.

  13. What I'm doing is just fine, by qeveren · · Score: 2

    ...because over there someone is doing something obviously much worse! That's how it works, right?

    --
    Don't just stand there, get that other dog!
  14. Re:Why not? (Re:No. Just no.) "except under oath"? by fustakrakich · · Score: 4, Insightful

    Sounds like you slept through the primaries :-)

    Sorry, man, those guys are only winning because people voted for them.

    --
    “He’s not deformed, he’s just drunk!”
  15. Re:Why not? (Re:No. Just no.) "except under oath"? by msauve · · Score: 2

    From the article: "Every effort we made in this investigation had the goal of..."

    Their whole rationale is nothing more than "the end justifies the means."

    --
    "National Security is the chief cause of national insecurity." - Celine's First Law
  16. Re:Why not? (Re:No. Just no.) "except under oath"? by el_chicano · · Score: 2

    Sorry, man, those guys are only winning because sheeple voted for them.

    FTFY

    --
    A man who wants nothing is invincible
  17. Re:18 US Code 1343, Wire Fraud by Frobnicator · · Score: 4, Interesting

    Re:18 US Code 1343, Wire Fraud .... Whoever, having devised or intending to devise any scheme or artifice to defraud [...]

    No fraud took place. Hoax, perhaps, but not fraud...

    Keep trying...

    So first you demand that people cite actual laws, and you refuse to accept things like "copyright infringement", "slander of title", or "defamation of character".

    And then when someone cites chapter and verse of the law you reply with a wikipedia link saying it isn't correct.

    No, for the law cited above it was fraud. The definition in that chapter is clear: "For the purposes of this chapter, the term “scheme or artifice to defraud” includes a scheme or artifice to deprive another of the intangible right of honest services." They were expecting the honest service of the specific newspaper. Instead they received a different service, an intentionally deceptive site that transmits something called a "computer contaminant" in the law. Chapter 63 (criminal fraud) doesn't have any of the now-common exceptions "except for law enforcement as part of an investigation". Officers can commit quite a lot of what would normally be crimes when they get court approval, but fraud is not on that list.

    Their malware is covered under at least one of the variations in the state law, RCW 9A.52.110, 120, and 130. Since the government may argue it wasn't done with the intent to commit another crime (since they were intending to enforce laws but accidentally committed crimes in the process) then 110 may be out, but 120 and 130 both apply.

    For copyright, you can pick quite a few different laws under title 17. Several of the exclusive rights in 106 were violated, as were 113. Their designs were protected so 1301. You can pick and choose quite a few more under Copyright as well, with a notable absence of court-authorized police action exemption.

    For trademarks the newspapers have certainly trademarked their logos, names, and probably a few other distinctive elements.15 USC 1114 seems to have that covered quite thoroughly, including penalties against DNS hijacking. And thanks to 15 USC 122, they cannot claim immunity for that one.

    Defamation is pretty strong since their use injures the newspaper's reputation. People will now pause and think "why should I go there since the government hijacks them"? While there is the statute, it is now the court's test that qualifies it. The four-prong test by the court is, first, a false element purported to be fact (in this case, they communicated that the false website was true), second that it was published (clearly the fact was published), third, actual fault on the person making the statement amounting to at least negligence (in fact, it amounts to the level of fraud, as covered above), and fourth, some harm to the subject of the statement (which can be shown as a harm to trust and harm to their stock). Again, there is no "official government action immunity" to commit fraud thanks to 42 USC 1983. Now if they had limited it to the very specific individuals under investigation this one might not apply as a legal intercept, but since they chose to throw a broad net and infected thousands, causing a huge impact to their brand the single authorized intercept exemption doesn't apply.

    I'm sure there are many more, but while some laws make exception for court-authorized police action, these specific laws do not.

    --
    //TODO: Think of witty sig statement
  18. Re:18 US Code 1343, Wire Fraud by mi · · Score: 2

    And then when someone cites chapter and verse of the law you reply with a wikipedia link saying it isn't correct.

    The citation requested must not only refer to actual law, but the referenced law must be applicable. Fraud is not — in my opinion.

    The definition in that chapter is clear: "For the purposes of this chapter, the term “scheme or artifice to defraud” includes a scheme or artifice to deprive another of the intangible right of honest services." They were expecting the honest service of the specific newspaper.

    No, I don't see, how the "victim" was deprived of anything, tangible or not. He could still go to the real seattletimes.com, nothing was taken away from him, nor was tricked into performing services. The law you are offering protects merchants (purveyors of tangible goods) and service providers (intangibles) against, essentially, non-payments.

    Under your reading, most April 1st jokes would be "wire fraud"...

    Finally, the law is limited to interstate communications, which probably did not occur. But that — had it been my only rebuttal — would've been weaseling out on my part.

    Their malware is covered under [...]

    What malware? They sent him a link, which he clicked, thus revealing his IP-address...

    15 USC 1114 seems to have that covered quite thoroughly

    False. Go back to law school. The 15 USC 1114 starts with "... use in commerce ...". The FBI did not engage in any commerce...

    Defamation is pretty strong

    There is no law named "defamation" — you know, what "citation" means, you've offered quite a few already (even though none apply). Why did you change to a generic legal term again?

    --
    In Soviet Washington the swamp drains you.
  19. What's wrong with the FBIs distributing malware .. by lippydude · · Score: 2

    If the Feds hacked the perps computer, then how can we be sure they didn't install fake evidence on the said computer?

  20. Updated Q&A to Answer Readers' Questions by reifman · · Score: 2

    I've posted a summary of common questions from this piece here: http://jeffreifman.com/2014/10...