An FBI Hacking Campaign Targeted Over a Thousand Computers (vice.com)

← Back to Stories (view on slashdot.org)

An FBI Hacking Campaign Targeted Over a Thousand Computers (vice.com)

Posted by Soulskill on Wednesday January 6, 2016 @04:10AM from the go-big-or-go-home dept.

derekmead writes: In order to fight what it has called one of the largest child pornography sites on the dark web, the FBI hacked over a thousand computers, according to court documents reviewed by Motherboard and interviews with legal parties involved.

Just a month after launch, a bulletin board called Playpen had nearly 60,000 member accounts. By the following year, this number had ballooned to almost 215,000, with over 117,000 total posts, and an average of 11,000 unique visitors each week. Many of those posts, according to FBI testimony, contained some of the most extreme child abuse imagery one could imagine, and others included advice on how sexual abusers could avoid detection online.

But after Playpen was seized, it wasn't immediately closed down, unlike previous dark web sites that have been shuttered by law enforcement. Instead, the FBI ran Playpen from its own servers in Newington, Virginia, from February 20 to March 4, reads a complaint filed against a defendant in Utah. During this time, the FBI deployed what is known as a network investigative technique (NIT), the agency's term for a hacking tool.

138 comments

Min score:

Reason:

Sort:

Not hacking by 110010001000 · 2016-01-06 04:26 · Score: 5, Insightful

They weren't hacking. They were obtaining the IP address of connected machines who were using Tor to access child porn sites. I just call that good investigation. Your IP address isn't private information, just like your postal address isn't.
1. Re:Not hacking by Anonymous Coward · 2016-01-06 04:31 · Score: 3, Informative
  
  They used some form of malware/trojan to extract certain information. That's the greypoint from the FA:
  “Basically, if you visited the homepage, and started to sign up for a membership, or started to log in, the warrant authorised deployment of the NIT,” Fieman said. From here, the NIT would send a target's IP address, a unique identifier generated by the NIT, the operating system running on the computer and its architecture, information about whether the NIT had already been deployed to the same computer, the computer's Host Name, operating system username, and the computer's MAC address."
2. Re:Not hacking by Anonymous Coward · 2016-01-06 04:33 · Score: 0
  
  But it seems like they were using a firefox bug to obtain their real ip(not the tor ip). So it pretty much is hacking. But I'm ok with that kind of hacking...
3. Re:Not hacking by 110010001000 · 2016-01-06 04:37 · Score: 1
  
  Maybe I misunderstood, but I thought the NIT was placed on the servers hosting the sites (and maybe the Tor nodes) and used flaws in the connecting client computers browsers to get IP addresses, etc. Probably from the HTTP headers. I didn't think they installed NIT on the client computers themselves. I might we wrong. That is the problem with these sensationalist stories: you never know what they really did. In my opinion if you are just capturing information that the client machine is willing to send (even via a flaw) it isn't really hacking. More like monitoring.
4. Re:Not hacking by 110010001000 · 2016-01-06 04:44 · Score: 1
  
  Right...but is that really hacking? Maybe it is. They are just using a bug to obtain information from a machine that connected to their compromised site. I'm sure lots of companies do that too. If I craft some JavaScript that sends me your MAC address via a bug in the JS implementation when your machine connects to me, is that hacking? Or just clever programming.
5. Re:Not hacking by Anonymous Coward · 2016-01-06 04:45 · Score: 1
  
  You can't extract certain details like the MAC Address, Computer hostname/username from HTTP traffic alone, unless you've got something running in the browser ex-filtrating that kind of information.
  It could be possible to extract most of that information via Javascript, but I'm assuming that most of their targets had NoScript or JS turned off in the Tor Browser (or whatever they used with Tor). I think that kind of information retrieval would fall into the category you're thinking off, active fingerprinting and the like.
6. Re:Not hacking by 110010001000 · 2016-01-06 04:50 · Score: 2
  
  Right...you would need a flaw in the browser that is going to send you that information. I'm not sure if that is "hacking", or just monitoring. After all, the client machine initiated the connection to the host machine, which then obtained the information. I doubt there is a law against this. If you connect to my machine why can't I obtain as much information about your machine as I can, using any means? I mean maybe it is hacking, but it isn't clear cut. There are no laws that I know of that says you can't exploit bugs to obtain mac addresses of machines that connect to you.
7. Re:Not hacking by Anonymous Coward · 2016-01-06 05:00 · Score: 0
  
  Exploiting a bug in software to get information you shouldn't be able to get is pretty much the definition of hacking...
8. Re:Not hacking by 110010001000 · 2016-01-06 05:07 · Score: 3, Insightful
  
  I just call it clever programming. After all, your computer is connecting to ME and sending me information that I am requesting. I'm not logging/breaking into your machine and getting the information. There are no laws that state what "information you shouldn't be able to get".
9. Re:Not hacking by RenderSeven · 2016-01-06 05:24 · Score: 4, Informative
  
  They apparently had a warrant, so it probably doesnt matter if its hacking or not. However as to what they can collect without a warrant, IANAL but expectation of privacy would almost certainly be the litmus test or at least a factor. A conversation in public is fair game but a conversation in your home is privileged even though "flaws" in your home allow exploits like laser microphones to listen. Some of it comes down to deciding if consuming online media is "speech" and thus (arguably) protected (loss of anonymity can be considered "chilling effect"). Without SCOTUS guidelines it seems to depend on the judge, and what he had for breakfast.
10. Re:Not hacking by Anonymous Coward · 2016-01-06 05:28 · Score: 0
  
  "if you walk into their house, why can't they do anything they want to you including sticking things up your bum?"
  The law is poorly written enough that "hacking" is whatever the authorities want it to be. See the AT&T iPhone user list guy.
11. Re:Not hacking by Anonymous Coward · 2016-01-06 06:01 · Score: 0
  
  Go ahead and try it. I'm pretty sure you will end up in jail if you do the same thing on the same scale.
12. Re:Not hacking by lgw · 2016-01-06 06:17 · Score: 1
  
  And if you connect to a bank, and exploit a flaw in their web server to extract customer information? Is that just clever programming? There are laws that state what "information you shouldn't be able to get": any information that you weren't authorized to get. The only thing that makes this legal, FBI or no, is the warrant. Fortunately, the FBI did the right thing here and got a warrant, so there's no gray area.
  
  --
  Socialism: a lie told by totalitarians and believed by fools.
13. Re:Not hacking by gweihir · 2016-01-06 06:35 · Score: 3, Informative
  
  Except when your software (TOR) does not give out your IP address willingly. Then some kind of hacking/cracking/compromise technique is used and that is highly problematic. In a sane legal system it would also compromise any and all evidence found on the target computers as it typically comes with the ability to change things on the target and do so without trace.
  This cure here may well be much, much worse than the disease. If the targeted group were a different one, this might be called "state-sponsored terrorism." Anybody that believes these techniques are only used against child pornographers is kidding themselves. Just have a look at the history of the FBI.
  
  --
  Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
14. Re:Not hacking by gweihir · 2016-01-06 06:43 · Score: 1
  
  So you think all breaking into computers is legal? Because that is all "capturing information that the client machine is willing to send (even via a flaw)". That flaw might make it willing to send, say, 500'000 user data sets.
  If the FBI campaign against freedom hosting is an indicator (or if this is actually the same thing), then they sent malware to the target browser that compromised it via a JavaScript exploit. It then took over the client browser process to determine from the OS what the IP address of the local computer is. There is no gray area here, this is just what criminal hackers do. Incidentally, this gives them the ability to put any file they like on the target system and it should invalidate any and all evidence found on the target machine. Also, in the campaign against freedom hosting, they caught a lot of people doing entirely legal things, like accessing their tor-mail account.
  
  --
  Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
15. Re:Not hacking by gweihir · 2016-01-06 06:48 · Score: 1
  
  Incidentally, what they did is highly criminal for any person the warrant does not cover. (And they have no way of finding out before they attack....) An argument can be made that this is anybody using a computer outside of the US. Just think of a modified example where the Chinese Government hacks users of a TOR web-forum devoted to discussing freedom using a warrant that does also allow hacking the computers of US citizens or Europeans, or with a warrant only covering China, but they ignore that. See the problem?
  
  --
  Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
16. Re:Not hacking by Anonymous Coward · 2016-01-06 08:24 · Score: 0
  
  You have no rights vis-a-vis other governments.
17. Re:Not hacking by HiThere · 2016-01-06 09:24 · Score: 1
  
  Not hacking, but it sounds like entrapment.
  
  --
  
  I think we've pushed this "anyone can grow up to be president" thing too far.
18. Re:Not hacking by Anonymous Coward · 2016-01-06 09:24 · Score: 0
  
  They used some form of malware/trojan to extract certain information. That's the greypoint
  Really? Adding a javascript item that simply sends a locating packet through the clearnet is the greypoint? Here I thought it was the FBI admitting that they were complicit in distributing child pornography for over a week. There are ways to take over the site and nail the people with javascript enabled, while not actually serving out porn. But apparently that's too hard for them, so fuck it.
19. Re:Not hacking by AHuxley · 2016-01-06 10:51 · Score: 1
  
  Re "If you connect to my machine why can't I obtain as much information about your machine as I can, using any means?"
  Senator: Let's monitor P2P for illegal files (April 17, 2008)
  http://www.cnet.com/news/senat...
  "But in about half its cases, for purposes of longer-term tracking, the software captures "unique serial numbers" from the person's computer ... "
  It seems the get a unique "number" policy is an older method thats been used for a while now.
  Is the number created from a larger set of details about a computer as seen down from the web or within a computer OS by pushed down gov crafted bespoke software?
  But the MAC address was listed as something thats also been collected. Some consumer grade OS helps? Or gov software enters without any AV heuristic and behavioural protection been alerted to something new/different.
  Third party outgoing software firewalls would not be alerted.. or AV products set to a high detection setting...
  
  --
  Domestic spying is now "Benign Information Gathering"
20. Re:Not hacking by sumdumass · 2016-01-06 12:33 · Score: 1
  
  Sort of. A JavaScript-enabled exploit need not be present in some or most cases though. TOR is essentially a tunnel into your network to the destination computer. Its sort of like you had no router to proxy or masq your private ip. Using information from the tcp packet which is necessary to send results from a page view back, you can use simple network tool like angry ip scanner and Xprobe2 almost as if you were on the network.
  You can use different tools to discover the mac address and fingerprint the OS. Once this is done, at least for Windows systems (especially if Windows networking is enabled ) you can find information about the user logged in and so on. I would suggest that almost everything they discovered could likely be found without installing any software remotely. But if they needed to install something along the same lines as the tools, you could use PsExec or similar. Actually, you could do all your fingerprinting with that tool provided you have a little information about the computer (which you might get from a website registration process ) . You can also use PsExec to download a copy of the registry and security SAMs (my mind is drawing a blank at the moment but the same process to recover or change Windows passwords )
  The one wrench in this would be if they had a firewall enabled on the computer using the TOR connection. It would block scanning and some will gladly alert the user with annoying pop-up notifications. The FBI might have a program that wraps a bunch of these tools up and automates their usr.
21. Re:Not hacking by gweihir · 2016-01-06 15:13 · Score: 2
  
  Sorry, but that is bullshit. Sure, it may work if somebody incompetent set up a normal browser to work over TOR, or actually is grossly stupid enough to really set up LAN tunneling over TOR (But to what end? It would not do anything useful...), but with a competent set-up or the TOR browser bundle, there is no way to do what the FBI did without compromising the browser process. And, incidentally, with the freedom-hosting attack, they did exactly this: They sent malcode to the browser and took it over. As far as we know they did not do a lot with the compromised browser, but that is besides the point.
  
  --
  Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
22. Re:Not hacking by gweihir · 2016-01-06 15:55 · Score: 2
  
  Actually, forget what I said about this being possible on misconfiguration. Your statements are so far removed from how TOR works that I got confused as to what you were saying.
  So: For a client TOR installation, this is impossible without compromising the target browser over an existing (!), client-initiated connection. You cannot initiate a connection, scan, ping or do anything else from the server side to a TOR client. The network will not route your packages. You cannot even address the target as you only see the IP address of the exit-relay, but that one is terminating many connections from clients. Seriously, TOR is not a VPN. What you can do is attacks against hidden services, but anybody can connect to them via TOR. But again, you cannot scan the network there, you can only attack the service itself, i.e. usually the web-server running there.
  Your statements are complete, unmitigated nonsense.
  
  --
  Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
23. Re:Not hacking by AmiMoJo · 2016-01-06 16:58 · Score: 1
  
  It's worse than that. Imagine someone wrote a virus that set up a TOR connection and downloaded a few dodgy web pages into a Truecrypt container with disposable key. Really basic, script kiddie stuff. Now the FBI comes along and arrests everyone they can get an IP address for, and of course because the virus opens the page in a hidden IE window it gets hacked.
  Now imagine some enterprising paedophile writes such a virus and infects as many people as possible, and themselves. They get arrested, but go free because it was all the virus doing it, and look how many other innocent people got caught up! In fact you might as well abandon the entire investigation now. Sorry, I can't decrypt that Truecrypt container, the virus destroyed the key.
  
  --
  const int one = 65536; (Silvermoon, Texture.cs)
  SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
24. Re:Not hacking by sumdumass · 2016-01-06 21:13 · Score: 1
  
  How naive you are.
  The tor routing has no clue to what or the size of the payload your browser requests. It will route anything sent in response to you connecting to my server. You can in fact run applications over TOR and if you can do that with ease you can also run network tools in response to connections to a server.
  The browser generally has no firewalling to stop this.
25. Re:Not hacking by gweihir · 2016-01-07 00:41 · Score: 1
  
  I did say you can attack only within the context of an existing connection. But that is it. If you attempt send any other packets to the client they will a) be dropped by the TOR exit relay and b) will be dropped on client side, as a client does not open a server socket and hence does accept absolutely no connection requests. In addition, there is not even a way to address the client in these other packets, so the idea does not make any sense at all.
  The thing is that you cannot "run network tools" against a client with an unknown IP if all you have is an existing connection. You can only run them against the TOR exit node, which gives you absolutely nothing. Seeing that does need some minimal understanding of what "network tools" are and what they do and how TOR and TCP/IP works. Apparently you completely lack that knowledge. There is no tunnel in TOR. TOR does connection routing and that only for client-side initiated connections.
  Incidentally, you do not understand how firewalls work either and what they are good for. If there is no service running on a host (and the a browser certainly will not run any listening-sockets), a firewall is completely immaterial. The target TCP/IP stack drops all packets sent outside a connection unless there is a server-socket listening for them.
  Seriously, how incompetent and arrogant can you get? You do not even understand the very basics.
  
  --
  Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
26. Re:Not hacking by gweihir · 2016-01-07 00:51 · Score: 1
  
  Well, pedophile images are already used in scams and, get this, the police in some countries advises people to not tell them about these criminal acts as the very possession of these images is illegal. How completely broken must a law be to have the effect that innocent people cannot tell the police anymore about crimes committed against them? That is just pure evil.
  The scenarios you describe and others like it are actually something that is pretty sure to happen at some time and this is why making the possession of some specific bits illegal is so stupid. Sure, production of this material must be illegal and commercial distribution must be so too, as both directly do or contribute to child abuse. But possession and non-commercial distribution without law enforcement having to prove intent is extremely easy to abuse in a digital, networked world.
  
  --
  Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
27. Re:Not hacking by kmoser · 2016-01-07 06:07 · Score: 1
  
  From here, the NIT would send a target's IP address, a unique identifier generated by the NIT, the operating system running on the computer and its architecture, information about whether the NIT had already been deployed to the same computer, the computer's Host Name, operating system username, and the computer's MAC address."
  So, basically Windows 10 telemetry.
28. Re:Not hacking by david_thornley · 2016-01-07 07:54 · Score: 1
  
  If it was A warrant, that warrant is unconstitutional. A warrant has to be specific, and it needs to be supported by probable cause that someone swears is true. If somebody notices what looks like child porn, and is willing to swear to it, a warrant could be issued to search any computers in the house for child porn. A warrant that covers the whole country is not in any way specific.
  
  --
  "When you have eliminated the unacceptable, whatever is left, however improbable, must be the truthiness" - Holmes
29. Re:Not hacking by Anonymous Coward · 2016-01-08 05:05 · Score: 0
  
  However as to what they can collect without a warrant, IANAL but expectation of privacy would almost certainly be the litmus test or at least a factor. A conversation in public is fair game but a conversation in your home is privileged even though "flaws" in your home allow exploits like laser microphones to listen.
  It's not that simple. An expectation of privacy can certainly exist in a public place. For example, if you're walking with a friend down a deserted road in a National Park or National Forest, then you are certainly in a public place. Nevertheless, in practice people in such situations certainly have conversations that they consider private, in fact this is common, hence demonstrating an expectation of privacy in a public place.
  For a more pointed example, you might think about the fact that somebody in that situation might be miles from the nearest restroom. If they step behind a tree, out of side of the trail, to relieve themselves, they are certainly in a situation where they have an expectation of privacy. It would not in general make sense for the government - or anybody else, whether independent of the government, or acting as agents of the government - to be able to put hidden cameras behind the tree, record the event, then put the video on the internet (or play it in court).
  A strong right to privacy arises directly under the Bill of Rights, as a right "retained by the people" (9th Amendment) and "reserved to the people" (10th Amendment), and clearly this right also protects people to some extent in public places (depending upon the circumstances).
  No action by Congress is required for this right to exist (and no action by Congress, or ANY entity of government can prevent this right from existing, by definition of what it means to say "retained by" and "reserved to" the people) and actions that infringe this right - whether by government officials, or private citizens - are a violation of the Bill of Rights. Laws and precedents to the contrary are illegal.
  The 1st Amendment specifically and explicitly prevents Congress from passing laws intended to infringe freedom of speech or the press, but that does not mean that people can do whatever they want. Nothing in the text of the Bill of Rights prevents it from being directly asserted against private entities. The Founding Fathers were well aware of the dangers posed to freedom by private entities such as the East India Company, and US government entities have been willing on occasion to use third party agents in a manner that violates fundamental rights and hence the law.
  It's the combination of recording and making the recordings available that's the problem, but given the vulnerability of data to hacking, even making the recording in the first place can be reasonably restricted (which in many cases requires a warrant specific to a local situation). For example, it would be reasonable to put a hidden camera in a park covering a parking lot where car windows have been broken by vandals, with a warrant. That doesn't mean the government can do anything it wants with the recordings, however. Private security cameras do not require a warrant, if the placement is otherwise reasonable (for a man to put a camera in the women's changing room would not be reasonable), but fundamental Bill of Rights limitations do apply to what is done with the data.
Good by Anonymous Coward · 2016-01-06 04:27 · Score: 0, Insightful

This is a legitimate use of hacking.
1. Re:Good by malditaenvidia · 2016-01-06 04:30 · Score: 1
  
  This sort of thing makes you wish they had used the other type of hacking.
2. Re:Good by ShanghaiBill · 2016-01-06 08:13 · Score: 3, Interesting
  
  It is not so clear that this is "good". There is not much evidence for a causal link from porn to sexual crime. Most countries that have liberalized their pornography laws have experienced a decline in sexual violence toward women and children. Child porn is illegal even if is entirely animated, or made with adult actors portraying adolescents. That pushes the entire genre onto the dark web. If, instead, the law only banned the actual abuse of children, rather than thought crime, there could be a legal market that would drive out most of the material involving actual harm to children.
3. Re:Good by matbury · 2016-01-06 09:06 · Score: 1
  
  If, instead, the law only banned the actual abuse of children, rather than thought crime, there could be a legal market that would drive out most of the material involving actual harm to children.
  AFAIK, the FBI can't prosecute US citizens for thought crimes. If they had a lawful warrant and prosecuted people for criminal behaviour, i.e. passing on the products of criminal acts (against children), then I don't see any problem with what they're doing. This is an actual case of the FBI doing what they're supposed to do instead of going after political dissidents and whistle blowers. We should be praising these actions, not criticising them.
4. Re:Good by ShanghaiBill · 2016-01-06 09:43 · Score: 2
  
  AFAIK, the FBI can't prosecute US citizens for thought crimes.
  Then you are obliviously ignorant, and probably should spend a few minutes educating yourself about American child porn laws before you comment on them again.
  
  prosecuted people for criminal behaviour, i.e. passing on the products of criminal acts (against children) ...
  This NOT what they are doing. Child porn is illegal, even if it involves NO CHILDREN whatsoever. Many of the people being prosecuted were making or viewing animations or adult actors, not anything involving actual children.
5. Re:Good by Vitriol+Angst · 2016-01-06 14:48 · Score: 2
  
  I agree. While I abhor sexual abuse of children (required statement), it's an easy target of outrage but has far-reaching consequences to charge criminal offenses of people who view such things on the internet. It is a thought crime -- the abuse of the children is the people making the content -- and I think it should end there.
  Free access to porn has shown a relative drop in rapes. Violence in games shows a huge drop in violence (relative to the same demographic without video games -- though not sure where they find those anymore).
  I think the next battlefield will be on realistic sex robots. People will be morally outraged if they look this way or that. There's no abuse because it's a mechanism. If it stops rapists, sex addicts and molesters from doing damage to real people -- what is the harm?
  I think too often we have morals based laws, that don't really meet the public interest of; "what does the most good for the most people?" Sure, we all might be creeped out by someone's preferences, but by not criminalizing the USE of materials, we can better get the CREATORS of harm. And in the future, STDs, Prostitution, and Sexual offenses may take a nose dive as Sexbots hit the scene.
  It would be interesting to see the real stats on whether viewing makes someone more or less likely to abuse a kid. Perhaps there's a difference when there is a blog of people reinforcing how "OK" it is. The real question is; what path prevents child abuse?
  
  --
  >>"ad space available -- low rates!!!"
6. Re:Good by Vitriol+Angst · 2016-01-06 15:02 · Score: 2
  
  AFAIK, the FBI can't prosecute US citizens for thought crimes.
  But how is a website or BBS showing material NOT a thought crime? You might say; the materials are prohibited. But we could outlaw bibles, and then everyone with a bible would be an outlaw. What ABOUT the bible is illegal? Reading the words, of course. They'll say it's possession, but really, it's in what you might learn, think and how it might change your behavior. No clear smoking gun on Pedophilia.
  So this is a thought crime. They can see, view and hear but don't DO. Crime is an act that harms people. Until someone actually affects a person or property -- no crime. The only crime is based on prohibited material.
  Is the crime in viewing an actual minor, or in viewing someone who LOOKS like a minor -- or a cartoon? What if I'm married to a 26 year old woman who 4 feet tall and looks really cute? Do I go to jail? Sure these people may clearly be looking for kids -- or maybe someone likes tiny women, but how do you define such a thing and does it really matter?
  The user in this case is assuming there is privacy. They are viewing material to get stimulated. They didn't touch anyone.
  I hate taking the side of Pedos -- but we don't even know if all these people are actual pedophiles. Some of them might just be into extremes and next week they'll be looking at chubby chicks. Some of them may have been abused in the past. If you criminalize this -- you don't have a situation where people can seek help. There are so many cases in our own history where stigmatizing causes MORE of the thing we are trying to reduce.
  This is thought crime -- pure and simple. And if the rights of people who have done NO HARM are not considered, as reprehensible as they are, then the long arm of the law might do a reach-around into something else, like colluding with each other to change laws we think are wrong.
  
  --
  >>"ad space available -- low rates!!!"
7. Re:Good by Phronesis · 2016-01-06 17:07 · Score: 1
  
  Child porn is illegal, even if it involves NO CHILDREN whatsoever. Many of the people being prosecuted were making or viewing animations or adult actors, not anything involving actual children.
  Didn't Ashcroft v. Free Speech Coalition 535 US 234 (2002) overturn that and rule that the First Amendment protects cartoons, animations, and other works that do not show the sexual violation of actual children?
8. Re:Good by david_thornley · 2016-01-07 08:01 · Score: 1
  
  Last I looked at the US Federal law, it wasn't child porn if it didn't have an identifiable individual, under 18 when the porn was produced, doing something sexual (and there were restrictions on what constitutes that). Definitions can differ in other jurisdictions, and some states may have more sweeping laws.
  Of course, this doesn't mean the FBI can't investigate, or a Federal prosecutor file charges, if none of the porn they find meets that standard.
  
  --
  "When you have eliminated the unacceptable, whatever is left, however improbable, must be the truthiness" - Holmes
Slippery Slope by duke_cheetah2003 · 2016-01-06 04:32 · Score: 5, Insightful

Bit of a slippery slope when Law Enforcement is breaking laws to catch criminals. This is not good policing in my opinion. There should be no excuse for breaking the law, especially in an effort to enforce the law. Law enforcement should never be 'do as I say, not as I do.'
A simple test is.. if a citizen did this to another citizen, would that be against the law? Last I checked, hacking your neighbors computer and collecting information from it is definitely against the law. (Unless you're Microsoft and say you're going to do it in your EULA, bit that's a different can of worms.)
1. Re:Slippery Slope by Anonymous Coward · 2016-01-06 04:38 · Score: 3
  
  Police use military equipment and armored vehicles to selectively enforce laws around the US, the slope slipped a looong time ago
2. Re:Slippery Slope by 110010001000 · 2016-01-06 04:39 · Score: 2
  
  If your neighbors computer connected to yours, and you collected information about it, is that against the law? If I understood it, they were gathering information of computers which were accessing the sites.
3. Re:Slippery Slope by Anonymous Coward · 2016-01-06 04:40 · Score: 0
  
  So with that FUL. The police have to stop at each red light when chasing a bank robber?
4. Re:Slippery Slope by Anonymous Coward · 2016-01-06 04:40 · Score: 0
  
  They had a warrant, so they weren't breaking the law.
5. Re:Slippery Slope by Penguinisto · 2016-01-06 04:41 · Score: 4, Insightful
  
  As long as they got warrants (even if they're "John Doe" warrants), they're in the clear, methinks.
  I suspect that it would pretty much follow the same legal framework as wiretapping, albeit the 'tap' is put directly in the 'phone', without knowing fully who owns said phone.
  If this is indeed the case, I have zero problems with it - covertly swipe a website/host via legal means, and use it as a honeypot to catch/trap offenders, using a modified wiretap warrant/framework to 'tap' the computers that connect to said site. Assuming everything is properly documented and that the procedure is transparent enough to stand up in court, you then monitor that user's activities to not only collect evidence but to identify the user behind it.
  The only real problems would be with computers used by multiple individuals, in which case you'd have to suss out which user is responsible. Another problem would be to have a procedure (and malware) in place that doesn't give a defense attorney enough credible ammunition to claim his client was framed, or that evidence was 'planted'. This is why the procedure(s) would have to be transparent to all (it would become that way anyway come the first court case, if the prosecution wanted any hope of winning a conviction.)
  
  --
  Quo usque tandem abutere, Nimbus, patientia nostra?
6. Re:Slippery Slope by kwiecmmm · 2016-01-06 04:42 · Score: 2
  
  Not really, this is the same as turning someone in the mob and using them against others.
  I am against government surveillance, but this seems to be just the government using an illegal site to figure out who is using it. They just kept the site running for a couple weeks to catch and track down its users, who were breaking the law by being on a child porn site.
7. Re:Slippery Slope by Anonymous Coward · 2016-01-06 04:44 · Score: 0
  
  Your simple test is too simple, and, if you don't mind my saying so, a bit idiotic.
  That's why your test is (thankfully, in this case) NOT the test used to determine if law enforcement officials have just cause to gather information during the course of a criminal investigation.
8. Re:Slippery Slope by bill_mcgonigle · 2016-01-06 04:47 · Score: 2
  
  This is why the procedure(s) would have to be transparent to all
  "In theory" ... they'd also obey their Constitutional restrictions. I the real world, they're lawless and get by on parallel construction. The government was instituted to protect our liberties and now it's our greatest threat against them.
  "When you gaze long into an abyss the abyss also gazes into you."
  
  --
  My God, it's Full of Source!
  OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
9. Re:Slippery Slope by phantomfive · 2016-01-06 04:50 · Score: 1
  
  A simple test is.. if a citizen did this to another citizen, would that be against the law?
  Then no one would ever get arrested and put into jail, for any reason whatsoever.
  
  --
  "First they came for the slanderers and i said nothing."
10. Re:Slippery Slope by Anonymous Coward · 2016-01-06 04:55 · Score: 0
  
  This is pretty much like executing a search warrant. If you wonder by scene of a crime you might be observed; your presence recorded; you might be questioned and etc. In this case if they were executing some form of search warrant it would be completely legal and admissible in court.
  Also FBI is not police; they are one of the 3 letter agencies and as such have special dispensations to carry out their mandate. To cite few things that they do: fighting organized crime, counter-terrorism; counter-intelligence(ie they catch spies) and etc.
  So no sorry it is NOT a slippery slope.
11. Re:Slippery Slope by messymerry · 2016-01-06 05:03 · Score: 2
  
  NOBODY in the United States is excused from their obligation to honor the provisions of the Constitution,,,especially when they took an oath on it. Questions???
  
  --
  Dear Microlimp: I give you 2 valid product keys for win7 and you reject both of them. Piss off you wankers!!!
12. Re:Slippery Slope by Anonymous Coward · 2016-01-06 05:04 · Score: 0
  
  Bit of a slippery slope when Law Enforcement is breaking laws to catch criminals. This is not good policing in my opinion. There should be no excuse for breaking the law, especially in an effort to enforce the law.
  
  I agree, although I admit I'm torn. I *DO* want the police to follow the law because this is a very, VERY slippery slope.
  At the same time, I find it difficult to knowingly let these people get away with what they're doing. Yes, I understand that the majority of them (probably) aren't actively engaged in actual, physical abuse of a child....but still. If it was my child, I admit I'd be all for them doing this even though it almost certainly contravenes some law(s).
  I wouldn't feel this way for almost any other crime (maybe not even murder) but in this case I gotta admit, I'm reluctantly okay with it.
13. Re:Slippery Slope by Anonymous Coward · 2016-01-06 05:13 · Score: 0
  
  So, you didn't actually read that Wikipedia article, did you? "parallel construction is used is to protect sources (such as undercover agents or informants)" Yeah, I'm not going to get an undercover agent or informant murdered for a prosecution.
14. Re:Slippery Slope by turbidostato · 2016-01-06 05:20 · Score: 1
  
  "Yes, I understand that the majority of them (probably) aren't actively engaged in actual, physical abuse of a child....but still. If it was my child, I admit I'd be all for them doing this even though it almost certainly contravenes some law(s)."
  Revenge, while understandable, shouldn't be the basis of a legal or ethical system. Even moreso on a country that claims to be "the land of the free".
  Under current moral standards it seems Nick Ut would have been processed because of "the girl in the picture" instead of winning a Pulitzer.
15. Re:Slippery Slope by Anonymous Coward · 2016-01-06 05:38 · Score: 0
  
  For a moment I thought you were referencing the child pornography the FBI intentionally housed on their servers.
16. Re:Slippery Slope by killkillkill · 2016-01-06 05:47 · Score: 3, Insightful
  
  Uhh... I read it
  
  Reuters revealed that the Special Operations Division (SOD) of the U.S. Drug Enforcement Administration advises DEA agents to practice parallel construction when creating criminal cases against Americans that are actually based on NSA warrantless surveillance
  And the sited article:
  http://www.reuters.com/article...
  Of course two senior DEA agents said your quote, so it must all be hogwash.
17. Re: Slippery Slope by Anonymous Coward · 2016-01-06 06:04 · Score: 1
  
  Parallel construction is ALSO used to protect illegal intelligence gathering methods and other wanton lawlessness on the part of government agencies. I'm all for putting those methods in direct jeopardy when the law is broken.
  Fortunately that does not seem to be the case here, unless of course there's more to this than they let on, such as maybe the FBI being behind the origin of the site in the first place. No proof or even suspicion of that at this time of course, but given their track record of manufacturing 'terrorists' for the purpose of arresting them and making a public show of it, who knows?
  That's really the problem with this sort of thing as it relates to law enforcement and technology. I want to believe they did good here. I really do. It's just that given past behavior I have a hard time trusting anything they say, and it's sad things have come to that.
18. Re:Slippery Slope by Citizen+of+Earth · 2016-01-06 06:07 · Score: 1
  
  The FBI has also confessed to operating a web site that distributes extreme pedo-porn. When will the FBI director be doing a perp walk?
19. Re:Slippery Slope by Locke2005 · 2016-01-06 06:14 · Score: 0
  
  I subscribe to the theory that when you break the laws of a country (i.e. by distributing child porn), you should forfeit the right to be protected by those same laws. I would like to think they got warrants for any intrusion into client computers. Yes, we need very clearly stated rules about what law enforcement is allowed to do, and those rules need to be updated increasingly frequently as technology changes.
  
  --
  I've abandoned my search for truth; now I'm just looking for some useful delusions.
20. Re:Slippery Slope by Anonymous Coward · 2016-01-06 06:48 · Score: 0
  
  (Some) of your rights are forfeited when you are convicted of breaking the law. That happens after the trial, not before, and during the collection of potential evidence.
  So you are in favor of not being protected by the laws of the country and the forfeiting of right pre-trial?
21. Re:Slippery Slope by gweihir · 2016-01-06 06:53 · Score: 1
  
  There is also the little problem that by the way TOR works they have no idea where a target computer is before they break in. This makes what they did "state-sponsored organized crime" if they even caught one user not on US soil and may well make it "state-sponsored cyber-terrorism" in some countries. Not good at all. Just think of the same scenario but with the Chinese doing it (where all pornography is illegal) or the Iranians (where all non-Muslim religious writing is illegal). See the problem?
  
  --
  Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
22. Re:Slippery Slope by gweihir · 2016-01-06 06:57 · Score: 1
  
  Indeed. This can only be justified by "regardless of what it is, if the FBI does it it is legal". That does not work with the rule of law and is only possible in a full-blown police-state. As soon as they had the possibility to switch it off, they had both a moral and a legal imperative to do so immediately. In a very real sense, they committed mass-child-abuse.
  
  --
  Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
23. Re:Slippery Slope by ScentCone · 2016-01-06 07:04 · Score: 1
  
  Police use military equipment and armored vehicles to selectively enforce laws around the US, the slope slipped a looong time ago
  Do you understand how silly you sound?
  
  How much metal is a vehicle allowed to have before you consider it illegal for a police department to use? Please be specific.
  
  --
  Don't disappoint your bird dog. Go to the range.
24. Re:Slippery Slope by Anonymous Coward · 2016-01-06 07:11 · Score: 0
  
  It's about military-classifications used domestically, not about armor thickness.
25. Re:Slippery Slope by Thaelon · 2016-01-06 07:45 · Score: 1
  
  What if the connection was accidental/unintentional? Or some rogue process did it?
  More a general question than this specific case, but just a thought.
  
  --
  Question everything
26. Re:Slippery Slope by WOOFYGOOFY · 2016-01-06 07:57 · Score: 1
  
  Yeah I am all for what they did and the way they did it. Your comment however:
  I subscribe to the theory that when you break the laws of a country (i.e. by distributing child porn), you should forfeit the right to be protected by those same laws"
  is the definition of fascism. No one knows if you broke the law until a jury or judge says so. What you're saying is, let's have no laws set upon the police because they only go after people who are (suspected of) breaking the law. That makes zero sense.
  If we implemented that policy, we'd have cops framing everyone they suspected or really, after a little while under your regime, anyone they just didn't like.
  Sure framing people is illegal and immoral but hey, no laws apply to law breakers so have at it.
  We need the criminal justice system to work properly so people have faith in it and its results. That means protecting the accused whether you like them or not. Absent that, their is lawlessness everywhere, on the part of ordinary citizens, who would there's nothing fair about "the law" and law enforcement which would quickly devolve into thuggery, blackmail, racketeering, extortion and murder.
  Do you think you're the first person to contemplate how law should be applied to people accused of a crime? This goes back centuries and the subject has been the focus of generations and generations of the world's best minds. Trashing it all for some idea you get into your head because it "makes sense to me!" is a frightening prospect. It's also the roots of fascism, which always needs lots of shallow-thinking "sounds good to me! " types like you to actually bring them to power.
  You need to take a serious, searching and thorough moral inventory of yourself and you need to examine the criteria you're accepting of when coming to conclusions about how you would like to see society structured.
27. Re:Slippery Slope by Anonymous Coward · 2016-01-06 08:27 · Score: 0
  
  I would tend to agree. How much harm did the FBI do by allowing the distribution of child pornography to continue, especially on their own servers?
28. Re:Slippery Slope by Anonymous Coward · 2016-01-06 08:44 · Score: 0
  
  If a company put up a web site that tries to figure out who you are when you use their web site.
  If the company used every trick they could think of to convince your computer to tell them.
  If the company corrupted the collection of web browsers to make it easier for them to do this.
  Oh, never mind, that is just how web targeted advertizing works.
  Unless they hurt the client's computer, perhaps what the FBI did is not much worse that best commercial practice.
  I wonder if they were clever enough to tweak site privacy rules to provide fair warning that it allowed that sort of thing?
  Perhaps the bad behavior is identify theft of the original site owners and deception of the users as to the site's owner's identity.
29. Re:Slippery Slope by ScentCone · 2016-01-06 08:49 · Score: 1
  
  It's about military-classifications used domestically, not about armor thickness.
  OK. And, which specific feature of a "military" truck is it that makes the law enforcement person riding around in it a criminal? Please be specific.
  
  --
  Don't disappoint your bird dog. Go to the range.
30. Re:Slippery Slope by JimMcc · 2016-01-06 08:56 · Score: 1
  
  How much metal is a vehicle allowed to have before you consider it illegal for a police department to use? Please be specific.
  To keep this on the subject matter I'll quote what Supreme Court Justice Potter Stewart said about porn, "I know it when I see it". Military grade vehicles look quite different than civilian vehicles. You certainly would notice if your local sheriff's deputy started patrolling your neighborhood in a HumVee instead of a Crown Vic.
31. Re:Slippery Slope by JimMcc · 2016-01-06 09:00 · Score: 2
  
  What if the connection was accidental/unintentional?
  According to the FA, the information was only captured when the user started the login process, or started the registration process. I don't know about you, but if I accidently landed on a child porn website the very first thing I would do would be to get out of it. I certainly wouldn't start to register as a user to the site.
  
  Or some rogue process did it?
  That's a different issue, but a highly unlikely event.
32. Re:Slippery Slope by dcollins117 · 2016-01-06 09:05 · Score: 1
  
  As long as they got warrants (even if they're "John Doe" warrants), they're in the clear, methinks.
  I suspect you are right but the problem I have is that the only information a judge receives when deciding whether to issue a warrant is provided soley by the LEO and the prosecution. There should be some mechanism for the accused to defend himself against malicious prosecution, IMHO.
  Given the opportunity to only present one side of the story I could paint anyone as a baby-shaking, dog-kicking, drug-dealing, devil-worshiping, child-molesting, panty-sniffing terrorist psychopathic monster.
  What judge is going to deny a warrant based on that presentation.
33. Re:Slippery Slope by Anonymous Coward · 2016-01-06 10:21 · Score: 0
  
  No law was broken. They had a warrant first.
34. Re:Slippery Slope by Anonymous Coward · 2016-01-06 10:22 · Score: 0
  
  Cited article, BTW.
35. Re:Slippery Slope by Beeftopia · 2016-01-06 12:09 · Score: 1
  
  A simple test is.. if a citizen did this to another citizen, would that be against the law?
  I'm not sure that's a good test:
  1) If one citizen deprives another of his liberty, that's kidnapping. If the government does it, it's incarceration.
  2) If one citizen forcibly takes money from another, that's robbery. If the government does it, it's a fine.
  3) If one citizen kills another, that's murder. If the government does it, it's capital punishment.
  Why does this curious dichotomy exist? Because we elect people who will maintain law and order, to promote justice and all the other stuff in the preamble to the Constitution. Sometimes they have to apply force sometimes to achieve these ends because there are people willing to apply force to do evil, like robbery, kidnapping and murder.
36. Re:Slippery Slope by Anonymous Coward · 2016-01-06 12:32 · Score: 0
  
  Like I said, you're suggesting that it's primary purpose is so that illegal surveillance can be used to attack people, yet your link suggests that it's used to protect informants and undercover agents.
37. Re:Slippery Slope by sumdumass · 2016-01-06 12:53 · Score: 1
  
  The warrant process is not a prosecution. It is a check on LEO in gathering evidence that they could not legally or constitutionally otherwise have done. The prosecution will only start after evidence of a crime is collected.
  What you are missing is that they are supposed to inform the judge that there is reason to believe baby-shaking, dog-kicking, drug-dealing, devil-worshiping, child-molesting, panty-sniffing terrorist psychopathic monster is or has participated in a specific crime.
38. Re:Slippery Slope by tehcyder · 2016-01-07 01:00 · Score: 1
  
  I think you need to think through the consequences of giving all potential criminals advance notice of warrants that are going to be served against them.
  
  --
  To have a right to do a thing is not at all the same as to be right in doing it
39. Re:Slippery Slope by david_thornley · 2016-01-07 08:08 · Score: 1
  
  Legal protections are for the innocent, yes, but people are innocent until proven guilty in a court of law. Removing protections from someone accused of a heinous crime makes it more likely that law-abiding citizens will be convicted once accused.
  
  --
  "When you have eliminated the unacceptable, whatever is left, however improbable, must be the truthiness" - Holmes
40. Re:Slippery Slope by david_thornley · 2016-01-07 08:12 · Score: 1
  
  Technically, the prosecution in a legal case should be required to show the entire chain of evidence, under actual rather than theoretical pan of perjury. At that point, the defense lawyer challenges evidence, usually in a pre-trial hearing. If the defense lawyer can show that evidence was gathered improperly, that evidence cannot be legally presented. There isn't currently a requirement to provide names, although the Constitution does say the defendant has the right to confront his accusers.
  That's not the practice, unfortunately.
  
  --
  "When you have eliminated the unacceptable, whatever is left, however improbable, must be the truthiness" - Holmes
41. Re:Slippery Slope by david_thornley · 2016-01-07 08:15 · Score: 1
  
  I don't know the laws in question. It is possible that they explicitly allow for use by law enforcement for honeypots. There isn't anything automatically illegal about child porn, it's illegal because there are laws specifically against it.
  
  --
  "When you have eliminated the unacceptable, whatever is left, however improbable, must be the truthiness" - Holmes
They had a warrant... by gQuigs · 2016-01-06 04:40 · Score: 5, Informative

The issue was did this one warrant let the government hack into everyone who tried to use Tor to connect this hidden site. Tor prevented the FBI from determining their IP address without further attacks on individual computers. The other issue is if the Judge knew they were authorizing this many computers to possibly be hacked.
I believe they waited until the user tried to login, create an account, or something like that, so just accidentally browsing to the site shouldn't have triggered the attack.
From the facts I have from this article, I think the FBI did the right thing.
1. Re:They had a warrant... by phantomfive · 2016-01-06 04:49 · Score: 2
  
  The answer is yes, they did have a warrant, that allowed anyone who logged into the site to be hacked (according to the article).
  
  --
  "First they came for the slanderers and i said nothing."
2. Re:They had a warrant... by fermion · 2016-01-06 05:08 · Score: 2
  
  It did not seem to be a fishing expedition where everyone who passed by was targeted. This seemed to be good police work and shows we don't need to violate civil rights in order to protect the innocent. Creating an account on something like this is pretty much intent to commit a crime. And is no different than working on any other marginal website. When you go to a web site there are all sorts of crap that can be put onto your computer. It is why we have to run so protected now. Any website can be a vector to take over and destroy a computer. It is so common it hardly seems like it is breaking the law. So the authorities are held up to higher standard than the criminals, which is good.
  
  --
  "She's a scientist and a lesbian. She's not going to let it slide." Orphan Black
3. Re:They had a warrant... by Perl-Pusher · 2016-01-06 05:36 · Score: 1
  
  I'm not concerned with the hacking. What concerns me is they hosted a child pornography site. That's kind of like posing as a an assassin to catch people who hire hitmen yet carry out the assassination.
4. Re:They had a warrant... by Anonymous Coward · 2016-01-06 05:55 · Score: 0
  
  The difficulty being the FBI has exactly zero credibility in following the law, and it always seems they manage to take down some pornographer or terrorist site right after they've been taken to task for "procedural oversite".
  At this point the FBI is just as much on trial to prove they followed the letter of the law, otherwise this just seems like a convenient bust to garner support for other less than lawful activities they've already been busted on.
5. Re:They had a warrant... by Gr33nJ3ll0 · 2016-01-06 05:56 · Score: 3, Informative
  
  They took over a known child pornography site, and continued to operate it. They used an existing service (not set up a new one) and monitored existing users (nothing about enticing new ones). I don't see this as being hugely different from sitting outside an business known for selling drugs, and writing down the info of everybody who goes in, or tapping the lines, and recording phone numbers. Further they got a warrant to do exactly that.
6. Re: They had a warrant... by radi0man · 2016-01-06 06:07 · Score: 1
  
  Did they do the right thing by actively facilitating the mass distribution of child pornography?
7. Re:They had a warrant... by Anonymous Coward · 2016-01-06 06:37 · Score: 1
  
  it is hugely different, what they did was take over the drug business and continued running it
8. Re:They had a warrant... by Anonymous Coward · 2016-01-06 06:50 · Score: 0
  
  I fail to see how being the govt makes it ok. Right is right and wrong is wrong.
9. Re:They had a warrant... by Anonymous Coward · 2016-01-19 10:55 · Score: 0
  
  ... operate it. .
  That's all you need to reduce that to. The FBI OPERATED A CHILD PORNOGRAPHY SITE.
  (FTFA) the FBI ran Playpen from its own servers in Newington, Virginia, from February 20 to March 4.
  There is no warrant for that, and frankly, it is reprehensible. Government needs to act within the bounds Law itself.
two words: sovereign immunity by Anonymous Coward · 2016-01-06 04:42 · Score: 0

two words: sovereign immunity
Don't get it by Anonymous Coward · 2016-01-06 04:49 · Score: 0

I have a question about a site like Playpen, besides the fact that I don't even understand how people find sites like that, is it really full of horrible pics of little kids being (essentially) raped? Or is it more like pics of young teens, say 14 to 17 years old having technically illegal but generally consented sex? I ask, b/c it really boggles my mind that so many people (60,000 accounts on one underground site) would want to see pics of the former. It is a more understandable if it is the later. The difference between these two, to me, are worlds apart. And I just can't imagine so many people would get off on looking at pics of egregious exploitation of children. So either most of these pics aren't as egregious as the media tends to make us think, or there are a whole lot of people out there that have no conscious whatsoever.
1. Re:Don't get it by 110010001000 · 2016-01-06 04:56 · Score: 1
  
  There are over 3 billion Internet users. The number that accessed these sites is a small fraction of Internet users. A small fraction of the public are pedophiles, and a significant portion of them probably seek out these sites in order to fulfill their deviant behavior, since it is so easy to obtain via the Internet. What i don't get it how an adult can find children sexually attractive. There are no normal cues that trigger sexual interest. I just feel sorry for the exploited children.
2. Re:Don't get it by gfxguy · 2016-01-06 04:58 · Score: 1
  
  It's all about the percentages, not the raw numbers. United Nations says over 3 billion people are using the internet. 60k from 3B is really not a large number, relatively speaking.
  
  --
  Stupid sexy Flanders.
3. Re:Don't get it by tsqr · 2016-01-06 05:05 · Score: 1
  
  From TFS: "Many of those posts, according to FBI testimony, contained some of the most extreme child abuse imagery one could imagine, and others included advice on how sexual abusers could avoid detection online."
4. Re:Don't get it by onepoint · 2016-01-06 05:05 · Score: 1
  
  well look at it differently ... 400,000,000 general population of males from USA and Europe give or take a little, 1% is 4 million, 1% of that is 40,000 so with 215K, that means that there is a lot of people ( about .0005% ) that like this stuff. So the FBI most likely knows a large percentage of them now in the USA. Problem now is what to do with them all. and what does this tell us about society. How about the poor FBI team that had to deal with the web site, those people are psychologically damaged for life ( I got to think that the other .9995 are not into this ).
  as to what the images are, I got no clue, but I got to think it's like that south park episode
  
  --
  if you see me, smile and say hello.
5. Re:Don't get it by gfxguy · 2016-01-06 05:07 · Score: 2
  
  I don't get it, either, but again, if you're playing percentages, there's always someone... if it's not prepubescent kids, it's animals, or feet, or fat, or insert whatever. They say psychopaths make up 1% of the population... that's a LOT of psychopaths out there... people who not only don't care about hurting other people, but can get off on it.
  
  --
  Stupid sexy Flanders.
6. Re:Don't get it by GameboyRMH · 2016-01-06 05:33 · Score: 1
  
  I don't know what was on this site in particular, but I know that there are many darknet forums filled with egregious, very non-jailbait child porn, right down to infants. People find them by word-of-mouth and darknet pages (like the infamous "hard candy" page, a hidden list of child porn .onion sites on The Hidden Wiki).
  We're a fucked-up species and a certain proportion of adult humans are sexually attracted to children for some reason...it's clean over 1% even by the most conservative estimates, and 1% of 7.1 billion is 70 million, so there are way more than enough for a forum to have 60k users.
  If it makes you feel better, even among these, many "have a conscience" and see CP as one of the least harmful ways to get their rocks off.
  
  --
  "When information is power, privacy is freedom" - Jah-Wren Ryel
7. Re:Don't get it by Anonymous Coward · 2016-01-06 05:53 · Score: 0
  
  The FBI agents will be fine, after a few days with their sheep
8. Re:Don't get it by gweihir · 2016-01-06 07:02 · Score: 1
  
  Interesting thing, instruction how people "could avoid detection online" are not illegal, or even immoral. What is the point of including this piece of information?
  
  --
  Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
9. Re:Don't get it by tsqr · 2016-01-06 10:56 · Score: 1
  
  Interesting thing, instruction how people "could avoid detection online" are not illegal, or even immoral.
  
  (a) Offense defined.--A person commits an offense if, with intent to hinder the apprehension, prosecution, conviction or punishment of another for crime or violation of the terms of probation, parole, intermediate punishment or Accelerated Rehabilitative Disposition, he:
  (1) harbors or conceals the other;
  (2) provides or aids in providing a weapon, transportation, disguise or other means of avoiding apprehension or effecting escape;
  (3) conceals or destroys evidence of the crime, or tampers with a witness, informant, document or other source of information, regardless of its admissibility in evidence;
  (4) warns the other of impending discovery or apprehension, except that this paragraph does not apply to a warning given in connection with an effort to bring another into compliance with law; or
  (5) provides false information to a law enforcement officer.
10. Re:Don't get it by tehcyder · 2016-01-07 01:12 · Score: 1
  
  It's all about the percentages, not the raw numbers. United Nations says over 3 billion people are using the internet. 60k from 3B is really not a large number, relatively speaking.
  And yet a not dissimilar proportion of terrorists means that all Muslims are terrorists, in many people's eyes here.
  
  --
  To have a right to do a thing is not at all the same as to be right in doing it
11. Re:Don't get it by tehcyder · 2016-01-07 01:14 · Score: 1
  
  Interesting thing, instruction how people "could avoid detection online" are not illegal, or even immoral. What is the point of including this piece of information?
  Telling someone how to hide isn't a crime. Telling an escaped serial killer how to hide is.
  
  --
  To have a right to do a thing is not at all the same as to be right in doing it
So the gov knowingly ran a child porn site? by sgrover · 2016-01-06 05:14 · Score: 2, Insightful

I haven't seen it in the comments yet, but by seizing the site and NOT shutting it down, the government chose to run a child porn server. Does that not then put them under the same legal scrutiny as those they were investigating? Of course I did not read the article and may be missing a bunch of detail, but if the gov was actively serving child porn, then THAT is a crime in my eyes - regardless if it was a honeypot or not.
1. Re:So the gov knowingly ran a child porn site? by guruevi · 2016-01-06 05:58 · Score: 5, Interesting
  
  In the United States, the federal government has sovereign immunity and may not be sued unless it has waived its immunity or consented to suit; there are exceptions for tort and contract law.
  It's a very interesting legal stance if the government says it has sovereign immunity, they claim to have not committed any actions that would invoke the tort exceptions. Therefore, running a child porn website does, according to the government, not do any harm to any potential victims (which is what tort is) and thus dissemination of child porn which is 'illegal because it harms the children', may then fall under first amendment protections just like any other website.
  
  --
  Custom electronics and digital signage for your business: www.evcircuits.com
2. Re:So the gov knowingly ran a child porn site? by gweihir · 2016-01-06 07:05 · Score: 1
  
  This begs the question why possession of CP is illegal. The usual argument is that it continues to harm the victims.
  
  --
  Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
3. Re:So the gov knowingly ran a child porn site? by Anonymous Coward · 2016-01-06 07:11 · Score: 0
  
  You're discussing civil law; the PP asked about criminal law. It's not well legislated or adjudicated, but in general, any crime that requires a "mental state" (possession with the intent to sell) is not prosecutable. Further, the "public authority" defense is a very old piece of common law, though clearly spelled in several state's statutes and recognized in every jurisdiction in the US. Read http://www.stanfordlawreview.org/print/article/breaking-law-enforce-it-undercover-police-participation-crime
4. Re:So the gov knowingly ran a child porn site? by Anonymous Coward · 2016-01-06 08:46 · Score: 0
  
  That isn't an appropriate use of 'begs the question'. See: https://en.wikipedia.org/wiki/Begging_the_question
TLDR: no hacking was done by Anonymous Coward · 2016-01-06 05:24 · Score: 0

It was just a flash applet than ran.
Users of that site that used TOR without flash or Tails would not have been 'hacked'
Old news by campuscodi · 2016-01-06 05:47 · Score: 1

Didn't the FBI already admit to this in the summer of 2014? Don't see any new information on this topic. I think they actually caught a man that made false bomb threats in Seattle in August 2015 using this very same method.
My Neighbor is a Pedo by Anonymous Coward · 2016-01-06 06:32 · Score: 0

I accidentally opened a neighbor's mail. . . It's mis-delivered a lot in my complex. It was a DVD, and the description of the content made it clear what it was. Mentions of "peach fuzz" and "violated for the first time."
What do I do? I opened his mail, by accident, but that doesn't matter to Johnny Law; it's illegal. The neighbor gets similar packages frequently, and my stomach turns whenever I see them.
I'm stumped.
1. Re: My Neighbor is a Pedo by Anonymous Coward · 2016-01-06 08:05 · Score: 0
  
  Step up to his door, blow a hole in his face with a shotgun, then poop in the hole.
2. Re:My Neighbor is a Pedo by Anonymous Coward · 2016-01-06 09:48 · Score: 0
  
  I accidentally opened a neighbor's mail. . . It's mis-delivered a lot in my complex. It was a DVD, and the description of the content made it clear what it was. Mentions of "peach fuzz" and "violated for the first time."
  What do I do? I opened his mail, by accident, but that doesn't matter to Johnny Law; it's illegal. The neighbor gets similar packages frequently, and my stomach turns whenever I see them.
  I'm stumped.
  1. Maybe your neighbor has a teenage kid.
  2. If it's going via postal mail, then it might just be some kinky Japanese cartoons, which I'm not sure are really illegal.
  3. File an anonymous tip with the Post Office Inspector General that child porn is showing up at that address.
3. Re:My Neighbor is a Pedo by Anonymous Coward · 2016-01-06 18:09 · Score: 0
  
  1. Maybe your neighbor has a teenage kid.
  2. If it's going via postal mail, then it might just be some kinky Japanese cartoons, which I'm not sure are really illegal.
  3. File an anonymous tip with the Post Office Inspector General that child porn is showing up at that address.
  Thanks. It's not #1. It's not #2, because the DVD cover had plenty of photos fitting the description.
  My girl and I were ooked-out by it, and put it in the trash chute. There was no way I was going to open it to verify the contents on the DVD itself. Just possessing it would have been a crime, or at least considered one by the local LEOs.
  Might try #3. Then again, having a (potentially) registered sex offender next door would lower my property values. I'm not that mercenary, but the FBI and so on are paid (by my taxes, willingly) to keep this garbage from happening. Why should I have to pay again?
  The local LEOs want to keep their raises by keeping crime stats down. They would probably say, "Don't do it again," look the other way, and not even write a citation. Hmmn, bet then again, the mail did cross State lines... That puts it firmly above the local level to the Federal, meaning the FBI or USPS PM Gen.
  OK. I'll photo the next few that I notice, with addresses readable, but of course unopened. After some heavy-duty meta-data sanitization, I'll anonymously tip electronically.
Options by Anonymous Coward · 2016-01-06 06:39 · Score: 0

I'm completely against all forms of C.P. But I am even more against government overreach.
My suggestion to anybody accused of anything by government is to let them meet static. No response to anything, and require a warrant if they show up at your house (even if they say they don't need one).
And ALWAYS require a quick and speedy trial BY JURY! Remember it only takes 1 juror to be convinced you are innocent, and juror's are more and more concerned about government overreach.
1. Re: Options by Anonymous Coward · 2016-01-06 08:08 · Score: 0
  
  If you're against the govt you're with the pedos. You wouldn't be on the side of the pedos if you hadn't a vested interest in protecting them. Therefore, you're a pedo yourself. Off with your head!
Meh by Anonymous Coward · 2016-01-06 07:07 · Score: 0

The funniest thing was enjoying people who were supposed to fight against THAT, supporting THAT! Humans are so interesting... Said nobody ever.
Now sociecity only need to close the remaining 99.9% of the created by UDP... Think about UDP being somekind of 77 virgins tale You know? It was a good idea until we find this technolofy was just a really big mistake.
Accidental tourist? by teknosapien · 2016-01-06 07:20 · Score: 1

I wonder how many of those 11,000 unique visits were accidental or a product of phishing(goatse.cx)
Now granted I think this is deplorable and disgusting (think of the Children!)
But I think they need to really scrutinize the data that they have so that innocent mistakes/typos/bad linkage are not falsely accused

--
no matter how good it is, it is human nature always wants to make things better
1. Re:Accidental tourist? by tehcyder · 2016-01-07 01:25 · Score: 1
  
  I don't think many people end up on the legendary "dark web" by accident.
  
  --
  To have a right to do a thing is not at all the same as to be right in doing it
2. Re:Accidental tourist? by teknosapien · 2016-01-07 03:54 · Score: 1
  
  Though that maybe true, there are some that end up there for reasons other than child exploitation.
  
  --
  no matter how good it is, it is human nature always wants to make things better
3. Re:Accidental tourist? by david_thornley · 2016-01-07 08:24 · Score: 1
  
  They won't reliably get convictions for just visiting a website. However, a visit is grounds for further investigation, probably leading to taking copies of all the hard disks in the house. If they find significant amounts of kiddie porn there, they've got a very good case.
  
  --
  "When you have eliminated the unacceptable, whatever is left, however improbable, must be the truthiness" - Holmes
What else is there to say by WOOFYGOOFY · 2016-01-06 07:40 · Score: 1

GO FBI GO !!!!
1. Re:What else is there to say by Anonymous Coward · 2016-01-06 08:19 · Score: 0
  
  Show me on the doll where the bad man touched you.
2. Re:What else is there to say by tobiah · 2016-01-06 14:51 · Score: 1
  
  Your thoughts about touching the doll have been recorded and sent to the proper authorities. Please remain calm while our extraction team executes a warrant within one standard deviations of your present location.
  
  --
  "The ability to delude yourself may be an important survival tool" - Jane Wagner -
Mixed feelings by davidwr · 2016-01-06 07:41 · Score: 1

I'm glad that the site was (eventually) shut down. The article didn't mention it, but I hope the kids in the pictures are all identified, located, rescued if they were still in an abusive situation, and offered a lifetime supply of mental-health help (yeah yeah, I know, some number > 0% of abused children don't need mental help later, but the offer should be there for those who do need it).
I have little or no problem using these types of warrants if they are used to prevent crimes or identify victims, but I have a real problem with the "fruits" of the warrants being used to actually prosecute people. If the feds had simply seized contraband, helped kids that needed help, and made the perps who were stung publicly admit what they did in exchange for no criminal prosecution, that would seem to be a better solution from civil-liberties point of view. Unfortunately, it would stink from a fairness-to-the-victim point of view and it would also likely incite vigilante behavior from neighbors and others, leading to a net increase in criminal behavior. It would also be an incentive for a false confession for people who were really innocent ("So, my wifi got hacked but if I don't admit guilt and submit myself to unearned public ridicule you will send me to trial and at best my lawyers will bankrupt me? Where do I sign?") Hence my mixed feelings.
I also blame the buggy Tor bundle for making this easy for the feds:
Why wasn't it designed with an intermediate layer that filtered out any traffic not destined for the TOR network?
Example:
* Initialization from boot CD: Go to known locations and retrieve canonical, signed list of TOR entry points and download signed version of current TOR software.
* Start "lowest layer", which block all traffic except to/from known Tor entry points.
* Start TOR software. Even if there is a bug in the TOR software that would allow contacting an IP address other than known-good entry points, it would be blocked by the lower layer.
Start "mid-layer" which blocks all traffic except to the local TOR interface that is running in the immediately-lower layer.
Start a "high-layer" which applications run in. Applications are all socks/proxied to the local TOR software running at a lower layer. Exploits at this layer would not be able to get "out" to the "real internet" as they would be blocked by the lower layers. They couldn't even determine the machine's "real" local-LAN IP address that the lowest layer can see, they only know what they are told by the TOR layer, which is probably a NAT or other fake address.

--
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
1. Re: Mixed feelings by Anonymous Coward · 2016-01-06 09:45 · Score: 0
  
  So, it's really ok for them to put more children in danger, because these guys will totally announce to the children they're about to kidnap that they were previously part of a pedophilic porn ring.
  Yea, no. Go back to Sanfrancisco.
2. Re:Mixed feelings by david_thornley · 2016-01-07 08:27 · Score: 1
  
  I'm talking about something I don't know about here, and will take steps not to know about, but some activities in child porn seem also likely to physically harm the victims as well as causing mental harm. We shouldn't forget about that.
  
  --
  "When you have eliminated the unacceptable, whatever is left, however improbable, must be the truthiness" - Holmes
3. Re:Mixed feelings by davidwr · 2016-01-07 10:33 · Score: 1
  
  I'm talking about something I don't know about here, and will take steps not to know about, but some activities in child porn seem also likely to physically harm the victims as well as causing mental harm. We shouldn't forget about that.
  By the time the photograph is taken, the physical harm has already been done (I'm not saying more physical harm won't happen in the moments after the camera is turned off, but it's not directly related to the child porn being created).
  The danger of distribution of child porn outside of controlled environments (law enforcement, clinical/therapeutic environments, etc.) is that it may create a demand for new child porn, which does mean kids getting hurt.
  Distribution of child porn of still-living victims (and we hope all of them are still alive, save for those who have already died of old age) is that the knowledge that photographs were taken and that they either are definitely "floating around" out there or the uncertainty as to whether they are "out there" or not is a lifelong psychological burden.
  The distribution of child porn also puts a psychological burden on the loved ones of the children in the photographs (assuming of course that those loved ones weren't involved in the creation or distribution of the porn and weren't involved in abusing the children in any other way).
  But as far as distribution creating "new" physical harm to the original victims, no it doesn't (for this purpose, I'm not counting secondary physical harm, such as ulcers or harm resulting from attempted or successful suicides - those come from the BELIEF that the image is or may be circulating, not the actual circulation of the image, and they are at their root a psychological problem and the long-term treatment is, at its root, psychology-based).
  
  --
  Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
4. Re: Mixed feelings by davidwr · 2016-01-07 10:44 · Score: 1
  
  I think you missed my point:
  I'm talking about cases where but for acts by law enforcement that I read as illegal, law enforcement would not have known who committed the crime in the first place.
  Anyone granted "immunity" under the proposal I made would be a public pariah. Sure, they wouldn't have a criminal record or sex-offender status but they would be all over the news. That alone makes it almost impossible for them to hang around any kid or teen whose parents or adult neighbors are paying attention. It's also removes a barrier for those people caught up in child porn who want to get therapy - I would imagine many of them are afraid to see a therapist because they are afraid that "mandatory reporting" laws apply to the crimes they committed, whether or not they really do (I think all U.S. states have mandatory-therapist-reporting for "contact" abuse, but I don't know if any, some, or all have such a laws if a patent admits to viewing child porn or admits that they are likely to do so in the future - my guess is some or all do - I am not a lawyer).
  Again, the big reasons I'm not wholly in favor of this proposal is that it's obviously unfair to the victims and (because it is correctly-perceived as being unfair to victims) it encourages "vigilante justice" - which means it encourages future crimes (albeit with an unsympathetic victim).
  
  --
  Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
5. Re:Mixed feelings by david_thornley · 2016-01-08 06:24 · Score: 1
  
  I think we're in agreement here. People physically and mentally hurt by horrible crimes should get the care they need. Distribution of child porn can lead to further mental harm, and can encourage scum to make more such, causing more physical and mental harm.
  
  --
  "When you have eliminated the unacceptable, whatever is left, however improbable, must be the truthiness" - Holmes
Exception to the rule by Anonymous Coward · 2016-01-06 08:19 · Score: 0

Usually when FBI (or similar three letter organisation) hacks thousands of computers it's a barely disguised self-interested invasion of privacy. Not in this case though. They found a site facilitating a truly appalling crime and used their brains to take advantage of the situation and round up as many of the perps as possible. That is a *good* thing.
Can't wait for the SJW spin by Anonymous Coward · 2016-01-06 09:43 · Score: 0

Next on Salon: FBI abuse rights of poor pedophiles
Also read by s.petry · 2016-01-06 09:48 · Score: 1

The Franklin Cover-up. The pretense that Government people are altruistic angels guarding over us all is idiotic. People really need to get a grasp of that fantasy and treat it for what it is.

--
-The wise argue that there are few absolutes, the fool argues that there are no probabilities.
Meanwhile at the Vatican... by Anonymous Coward · 2016-01-06 14:38 · Score: 0

I'm sure they're all laughing their asses off. Biggest group of pedos in the world and they have outlets in every town on the planet.
Counterintelligence by fulldecent · 2016-01-07 03:01 · Score: 1

One interpretation of this article is that FBI (or contractors) has non-public, zero-day, or old-but-unpatched vulnerabilities which it is using against client machines to collect information. We assume that only misconfigured machines are vulnerable.
A benefit of this knowledge is that it may be possible collect these exploits with a REVERSE honeypot. Simply use a MORE secure browser (Tails in Tails + non-extradition origin + Tor Browser). Then spider the Dark Web but make sure your spider DOES follow post requests and do data fuzzing. This is the most likely to register as an intelligence target.
You could determine a successful exploit occurred if: the outer Tails or the inner Tails (virtualization) sent any traffic to the network. Normal non-exploited behavior would be that all traffic (spidering) would occur only with the innermost Tor Browser connection. So this would require three levels of "wire level" logging. As soon as you detect exploited behavior, stop everything, publish the logs and then act like Gene Hackman in Enemy of the State.
Of course this can all be done without any human interaction with unsavory websites, it can be legal based on origin location and it can arbitrarily secured against detection. Older versions of Tor Browser and known exploits could be used to validate this system. Sorry, this probably belonged as a blog post or a GitHub new repo first commit!

--
-- I was raised on the command line, bitch
sad and silly at the same time! by Anonymous Coward · 2016-01-07 07:48 · Score: 0

what sucks is that it's really easy to make babies and it's what nature wants us to do and then
people just "fuck away" and don't give a damn what happens to that output ...
i hope the people who actually made these babies also get their beef and then some ... but damnit
now we have to baby-sit the parents too?