Slashdot Mirror

← Back to Stories (view on slashdot.org)

FBI Agent Posing As Journalist To Deliver Malware To Suspect Was Fine, Says DOJ (vice.com)

Posted by BeauHD on from the nothing-to-see-here-move-along dept.

An anonymous reader quotes a report from Motherboard: In 2007, an FBI agent impersonated an Associated Press journalist in order to deliver malware to a criminal suspect and find out his location. According to a newly published report from the Department of Justice, the operation was in line with the FBI's undercover policies at the time. Journalistic organizations had expressed concern that the tactic could undermine reporters' and media institutions' credibility. The case concerned a Seattle teenager suspected of sending bomb threats against a local school. FBI Special Agent Mason Grant got in touch with the teen over email, pretending to be an AP journalist. After some back and forth, Grant sent the suspect a fake article which, when clicked, grabbed his real IP address. Armed with this information, the FBI identified and arrested the suspect. The Associated Press, the Reporters Committee for Freedom of the Press, and other journalistic organizations condemned the move. They pointed out that an FBI agent posing as a reporter could create distrust between legitimate journalists and sources, and also raised issues with the way the malware was distributed through a fake news story. The new Department of Justice report noted that, today, this activity would require greater authorization, under an interim policy on impersonating members of the media that was adopted by the FBI this June. Now, for the agency to pretend to be a journalist as part of an undercover operation, an application must be made by the head of an FBI field office to the agency's main headquarters, reviewed by the Undercover Review Committee, and then approved by the deputy director, after discussion with the deputy attorney general.

43 of 74 comments (clear)

  1. Intent by Anonymous Coward · · Score: 3, Insightful

    They pointed out that an FBI agent posing as a reporter could create distrust between legitimate journalists and sources...

    This is a feature.

    1. Re:Intent by DaHat · · Score: 2

      And the fault of the Republicans apparently: http://money.cnn.com/2016/09/1...

      --
      Help Brendan pay off his student loans
    2. Re:Intent by AHuxley · · Score: 1

      Rewarming COINTELPRO https://en.wikipedia.org/wiki/...
      The techniques of dividing press and their contacts, whistleblowers.
      Freedom of the press is now just a cover to get access to domestic contacts, whistleblowers.
      Anyone wanting to contact the press now has doubts about their trackable research been found early on any computer before its ready for publication.
      The press now wonders what the next fake contact with a good story will push up on their computer, network and uncover all their contacts or unpublished work.
      Any research found could be a fake link to push unique malware down, any member of the press could then have a computer network that is wide open.
      FIRSTFRUIT for the domestic press covering any story? The Most Intriguing Spy Stories From 166 Internal Nsa Reports (May 17 2016)
      https://theintercept.com/2016/...

      --
      Domestic spying is now "Benign Information Gathering"
    3. Re:Intent by shaitand · · Score: 1

      Which is ridiculous. The republican centric news sources are so ridiculous nobody with critical thinking skills believes in them. The D flavor spin actually tries to sound intelligent and appeal to people who've taken a critical thinking course, relying on logic and avoiding obvious logical fallacies and rhetoric.

      The D media dropped all pretense during the Sanders v Clinton thing right through the convention. Of course D and R are really just two faces of the same ruling party designed to keep us divided.

  2. Why do I think by Anonymous Coward · · Score: 2, Insightful

    Why do I think that if he journalist impersonated an FBI agent, the DOJ's opinion would be very different?

    1. Re:Why do I think by bill_mcgonigle · · Score: 4, Funny

      Why do I think that if he journalist impersonated an FBI agent, the DOJ's opinion would be very different?

      Rules are for thee, not for me. Back to work, subject.

      --
      My God, it's Full of Source!
      OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
    2. Re:Why do I think by Anonymous Coward · · Score: 4, Insightful

      Because impersonating law enforcement is a crime and impersonating journalists isn't?

    3. Re:Why do I think by mark-t · · Score: 1

      Wouldn't that be covered under identity theft laws? Or does financial damage have to occur for such laws to come into effect?

      --
      File under 'M' for 'Manic ranting'
    4. Re:Why do I think by mark-t · · Score: 1

      The reporter the cop was impersonating.

      --
      File under 'M' for 'Manic ranting'
    5. Re:Why do I think by SuricouRaven · · Score: 1

      He didn't impersonate a real reporter. Just made up a name.

    6. Re:Why do I think by mark-t · · Score: 1

      Wouldn't such made credentials be fairly easy to discover as bogus? Like on the order of ease of being able to tell the difference between monopoly money and actual currency?

      --
      File under 'M' for 'Manic ranting'
    7. Re:Why do I think by lars_stefan_axelsson · · Score: 3, Informative

      Rules are for thee, not for me. Back to work, subject.

      That's a bit harsh IMHO. Impersonating a federal agent is a crime that has been on the books for a long time and with a substantial body of case law to support it. In this case, as a search was performed it's clearly illegal. (Interestingly it's not the impersonation as such that's a problem, otherwise it'd be difficult to make the X-files, but how you use it. Gaining anything of value, or performing a search are clearly out of bounds.)

      Note that this rule is there (mainly) to protect the public from fraudsters, not to protect the government.

      Journalists are, however, not a protected group in this sense. There are no laws on the books, and that's probably also for the best, lest every blogger in the land be hauled before the magistrate for "impersonating a journalist". So the lack of protection is arguably to the benefit of the freedom of the press.

      Now, impersonating a journalist for law enforcement purposes may be ill advised, no argument there, but but clearly not illegal. It's also noteworthy that the rules have since changed to make this practice less available.

      --
      Stefan Axelsson
    8. Re:Why do I think by TheCastro1689 · · Score: 1

      You don't think the Federal Government can make great credentials and toss up some news articles with the agent's undercover name on the byline? I am pretty sure they can, easily.

    9. Re: Why do I think by Anonymous Coward · · Score: 1

      Oh, and that's never happened. The myth here is the presumed high ethical code of journalism.

    10. Re:Why do I think by Anonymous Coward · · Score: 1

      Your point was exactly what I was thinking! Hilarious!

      Imagine if a journalist called an FBI office with something like, "This is agent Smith, assistant to the director at the NE regional office. Just need to get that list of information we were promised yesterday pronto!"

      And if it worked, wonder if they could say it was in line with "fairly standard operating procedure at the time". He! He!

    11. Re:Why do I think by david_thornley · · Score: 1

      You're not answering the question. You're walking it back one step. Why is one a crime and the other not?

      --
      "When you have eliminated the unacceptable, whatever is left, however improbable, must be the truthiness" - Holmes
  3. A link that grabbed an IP address? by Sowelu · · Score: 4, Insightful

    That's not malware. That's basically any webserver ever made. There's even URL shorteners that can redirect somewhere while grabbing the IP address of someone who passes through. It's sneaky but not even remotely illegal for anyone.

    1. Re: A link that grabbed an IP address? by alvinrod · · Score: 1, Insightful

      Doesn't matter. If it's on your computer and doing something you don't want or didn't agree to, it's malware.

    2. Re: A link that grabbed an IP address? by phantomfive · · Score: 2

      It wasn't on his computer (apparently). If you click on any link anywhere, the owner of the web server will get your IP address. That is how the internet works.

      --
      "First they came for the slanderers and i said nothing."
    3. Re: A link that grabbed an IP address? by amicusNYCL · · Score: 1

      It wasn't on his computer (apparently).

      But how the hell would any of us know that when the journalists covering this story apparently get their information from packs of pudding?

      Grant sent the suspect a fake article which, when clicked, grabbed his real IP address.

      OK, so he clicked a fake article, and the fake article that he clicked grabbed his real IP address (not his fake IP address).

      or...

      When the suspect clicked on the link to the write up, thanks to software encrypted in the link, he unwittingly identified his location and he was arrested a short time later.

      OK, so apparently some software was "encrypted in the link", which identified his location.

      What the hell are these people talking about? Was the kid just surfing from home without a VPN or any other protection and then they checked the Apache logs for his IP? Did they have a fancy for loop which logged every request header to look for the x-forwarded-for that his DIY proxy helpfully included? Did they use a browser exploit to infect him with something which phoned home?

      Hell if I know. Let's go with "software encrypted in the link", and pass the pudding.

      --
      "Our two-party system is like a bowl of shit looking at itself in a mirror." - Lewis Black
    4. Re: A link that grabbed an IP address? by jcochran · · Score: 2

      It's pretty obvious that you don't understand.

      FBI -> Gave URL of fake article to suspect.
      Suspect -> Clicked on URL.
      Web server hosting fake article logged IP address of requester , then sent article to suspect using the IP that was just logged.

      Note: ANY WEB SERVER WOULD HAVE DONE THE EXACT SAME THING. The FBI agent could have sent the URL of a real news article and on the log of that web server, the suspect's IP address would have been recorded. However, there would also have been a lot of other IP addresses recorded as well from other people who also looked at the news article rendering the issue into a needle in a pile needles search. The advantage of the fake article is that the only person who would request that article would be the suspect since the general public would have been unaware of the article and the URL to said article. No malware involved. Just a normal everyday web server with an URL known only to the FBI and given to the suspect. Suspect tricked into accessing the page and thereby giving his IP address to the FBI. They could have even make it so the web page didn't exist and having a 404 error sent back to the suspect. It would have had the exact same effect, but might have made the suspect cautious or aware that something unusual was going on.

    5. Re:A link that grabbed an IP address? by TroII · · Score: 1

      During subsequent online
      communications, the undercover agent sent the individual links to a fake news
      article and photographs that had the computer program concealed within them.
      The individual activated the computer program when he clicked on the link to the
      photographs, thereby revealing his location to the FBI.

      Is this saying the FBI has weaponized a zero-day whereby opening a specially crafted image file can cause code execution? I'm not sure how else to make sense of that paragraph.

      --
      "If there was a gay Afro-Puertorican Linux distribution, I'd give it a try" ~lucm
    6. Re:A link that grabbed an IP address? by dunkindave · · Score: 1

      make sense of that paragraph

      I think I found your error

    7. Re: A link that grabbed an IP address? by phantomfive · · Score: 1

      But how the hell would any of us know that when the journalists covering this story apparently get their information from packs of pudding?

      That is true of almost every news article everywhere.
      If we thought of that more often, we would argue less.

      --
      "First they came for the slanderers and i said nothing."
    8. Re: A link that grabbed an IP address? by rtb61 · · Score: 2

      No it is not about the software, it is about the fraudulent misrepresentation as being from a specific existing organisation that is criminal. Say for example, I pretend to be from your company, to engage with a violent crime gang. Now something goes wrong and that crime gang wants revenge. You and you employees have no idea what is going on, until a company picnic happens and that crime gang turns up for revenge, and shoot up you family and employees all without any warning, ha, ha, tough luck for you whilst the slimy shit bag agent stays perfectly safe.

      The crime is not in the software hack, the crime is in the fraudulent misrepresentation and placing of innocent citizens at risk. Like perhaps the next Associated Press Journalist who turns up to interview someone but gets shot in the face instead because they believed he was am undercover operative (not that shooting an undercover operative is ever acceptable, except with a camera and their photo published all over the internet).

      Under cover can only ever be fake people and fake organisations, they can never be allowed to pose as other people, from other organisation and in the slimiest most cowardly shit bag fashion imaginable, place those other organisations and people at extreme risk.

      --
      Chaos - everything, everywhere, everywhen
    9. Re: A link that grabbed an IP address? by amicusNYCL · · Score: 1

      It's pretty obvious that you don't understand.

      Oh, is it, professor? Thanks for briefly describing how a web server like Apache logs traffic. I'm pretty sure I included that in my comment, but I appreciate you pointing out that I don't understand and just saying it again.

      I'm glad that your level of communication is advanced enough that you can decipher what journalists mean when they say shit like "thanks to software encrypted in the link" and use "malware" distribution (even right in the headline!) to describe the normal operation of a web server.

      My only question would be whether they just logged IPs sending requests to the URL or whether he was on a VPN and they actually had to infect his computer with actual malware (which are 2 completely different actions regarding law enforcement and rights). But obviously I don't understand, and you're part of the FBI A-team, so thanks for taking the time to chime in and clarify things for all of us idiots.

      Still though, your explanation of how to send a URL that isn't publicly known to get the public IP of a specific person is kind of hard to understand, and totally not obvious even to people who work with web servers every day. Do you think you could rephrase that, maybe using units like how many pictures or songs they can store on the server? Maybe then I'll understand.

      Thanks so much.

      --
      "Our two-party system is like a bowl of shit looking at itself in a mirror." - Lewis Black
    10. Re: A link that grabbed an IP address? by dwillden · · Score: 1

      You realize that the Supreme Court has ruled that law enforcement can legally lie to you. There was nothing criminal or fraudulent about the actions of the FBI. Contrary to your claims, undercover is not restricted to fake people or organizations, just precautions must be taken so that the claimed identity and organization is not blown by the actual person or organization.

      It is not illegal for the authorities to lie to you to get you to admit to a crime. They can't or lead you into an incriminating statement but they can definitely claim a false identity and feed you false information that leads you to providing incriminating evidence.

      --
      I'm too lazy to compose a creative sig.
  4. Credibility? by Anonymous Coward · · Score: 2, Funny

    "Journalistic organizations had expressed concern that the tactic could undermine reporters' and media institutions' credibility. "
    I think they do a good enough job of doing that themselves these days.

  5. What Journalist Credibility? by Anonymous Coward · · Score: 1

    I guess if they had any left they MIGHT have a case. But given the sorry state of Journalism in general I can't see that the FBI is doing anything to harm them than Journalists do to themselves today.

    Besides, why are these 'special snow-flakes' worth any more protection than say a Plumber, Electrician or other profession that needs 'integrity' as part of their selling feature...I'm sure the FBI 'impersonate' all kinds of professions all the time, I doubt anyone cares to worry about that.

    A specific Journalist has integrity or doesn't. He has a reputation or doesn't. Attempting to impersonate an individual is likely grounds for a law suit/sanctions. As a profession or 'group' Journalists are no more worthy of 'protection' than any other profession, so they can go piss up a rope for all I care.

  6. He posed as a reporter for a reason. by Anonymous Coward · · Score: 1

    "Journalistic organizations had expressed concern that the tactic could undermine reporters' and media institutions' credibility" and "They pointed out that an FBI agent posing as a reporter could create distrust between legitimate journalists and sources" are both hitting on exactly the reasons that the FBI chose this particular ruse over any of their other options. The FBI and the CIA both want it to be impossible for the press to do their job, because when independent investigation occurs then all of a sudden the story is out of control.

    This is an element of the story that should not be underplayed.

    1. Re:He posed as a reporter for a reason. by Archangel+Michael · · Score: 1

      Sorry, but the "Journalistic organizations" just told me that 78 degrees was "Sweltering" heat.

      Or, alternatively, lumping all "Journalistic Organizations" from the best to the worst, together as a singular unit, an representing that as totally wholesome, is at best very poor journalism ;)

      --
      Agent K: A *person* is smart. People are dumb, stupid, panicky animals, and you know it.
    2. Re:He posed as a reporter for a reason. by david_thornley · · Score: 1

      FWIW, 78 is unhealthy if the humidity is high enough. I have trouble functioning at a dew point of 70 or higher.

      --
      "When you have eliminated the unacceptable, whatever is left, however improbable, must be the truthiness" - Holmes
  7. undermined? by bloodhawk · · Score: 3, Funny

    "Journalistic organizations had expressed concern that the tactic could undermine reporters' and media institutions' credibility." Seriously? you have to have some credibility and integrity before it can be undermined.

    1. Re:undermined? by reboot246 · · Score: 4, Informative

      Amen! The media has reached its lowest level of trust ever, according to the most recent poll.

      Anybody who blindly trusts any media outlet is beyond stupid.

    2. Re:undermined? by Richard_at_work · · Score: 1

      And since when is it the job of the DoJ or any law enforcement agency or officer to consider the credibility of reporters as a whole or individually?

    3. Re:undermined? by bloodhawk · · Score: 1

      No, I would actually put them below the FBI. media and journalism has reached lows that is an utter disgrace. It is partly the fault of the consuming public but the idea that any credibility exists in those ranks at all nowadays is laughable.

  8. They're policy not law by Bruce66423 · · Score: 1

    The new standards are not retrospective, but provide rules for the future. They are not a function of a court order, but a change implemented by the FBI on its own initiative. It therefore has no impact on previous events.

  9. That's bad... by darkpixel2k · · Score: 4, Insightful

    Don't do that.

    For the same reason why when the cops asked if they could 'borrow' our ambulance to serve a high-risk search warrant because they wanted to catch the suspect unaware...the suspects will start shooting real ambulances.

    --
    There's no place like ::1 (I've completed my transition to IPv6)
    1. Re:That's bad... by NG+Resonance · · Score: 1

      Money and power.

    2. Re:That's bad... by david_thornley · · Score: 2

      The hunt for Osama wound up seriously hurting efforts to eliminate polio, because nobody in that part of the world counts on doctors and nurses to not be working for the CIA.

      --
      "When you have eliminated the unacceptable, whatever is left, however improbable, must be the truthiness" - Holmes
  10. Cat let go of their tongue? by DriveDog · · Score: 1

    Now the AP cries fowl. Why weren't they speaking out against abuse of other reporters and news organizations?

  11. Warrant please? by shaitand · · Score: 1

    Who cares about the journalist thing, that is the definition of going undercover. But you can't put on a girl scout uniform and bug my computer, install cameras, wiretap me, search (including digital searches), etc.

  12. What about the cable guy? by Agripa · · Score: 1

    Contrast impersonating a news professional with impersonating a cable repair person:

    http://arstechnica.com/tech-po...