In a surprising and worrying move, the FBI has dropped its case against a man accused of downloading child sex abuse images, rather than reveal details about how they caught him.
Jay Michaud, a middle school teacher in Vancouver, Washington, was arrested in July last year after visiting the Playpen, a dark web meeting place tens of thousands of perverts used to swap mountains of vile underage porn.
Unbeknown to him at the time, the FBI were, for about a fortnight, running the site after taking over its servers, and managed to install a network investigative technique (NIT) on his computer to get his real public IP address and MAC address. The Playpen was hidden in the Tor anonymizing network, and the spyware was needed to unmask suspects – about 1,300 public IP addresses were collected by agents during the operation.
According to the prosecution, a police raid on his home revealed a substantial hoard of pictures and video of child sex abuse on computer equipment. But now, guilty or not, he's now off the hook after the FBI filed a motion to dismiss its own case [PDF] late last month.
Why? Because Michaud's lawyer insisted that the FBI hand over a sample of the NIT code so it could be checked to ensure that it didn't breach the terms of the warrant the FBI obtained to install the malware, and to check that it wouldn't throw up any false positives.
US District Judge Robert Bryan agreed, saying that unless the prosecution turned over the code, he'd have to dismiss the charges. The FBI has since been arguing against that, but has now decided that it's better to drop the case than reveal its techniques.
-- submitted from IRC
(Score: 3, Interesting) by GungnirSniper on Monday January 09 2017, @04:32AM
I wonder who some of these out-of-nowhere editors are, being some have joined with little to no history of comments or submissions. They can see IPs on every post.
Tips for better submissions to help our site grow. [soylentnews.org]
(Score: 1) by charon on Monday January 09 2017, @07:19AM
Actually we can't. We only see a hash of the IP, which is usually consistent for a particular user. Maybe the site admins can, though I've never asked.
But of course, that's what an FBI agent would say...
(Score: 0) by Anonymous Coward on Monday January 09 2017, @12:55PM
> We only see a hash of the IP
How can someone say stupid shit like this unless they are a complete ignoramus without any clue of computer science, programming, mathematics and basic logic?
There are only 4 billion IP addresses, if you have a HASH of the IP address you HAVE the IP address!!!!
(Score: 2) by TheRaven on Monday January 09 2017, @02:01PM
sudo mod me up
(Score: 2) by tangomargarine on Monday January 09 2017, @03:45PM
unless they are a complete ignoramus without any clue of computer science, programming, mathematics and basic logic
Somebody needs to review the definition of a hash.
"Is that really true?" "I just spent the last hour telling you to think for yourself! Didn't you hear anything I said?"
(Score: 2) by tibman on Monday January 09 2017, @06:34PM
He's saying you could build an IP dictionary by hashing every single IP and doing a comparison against the target hash. You would have to know the has algorithm and salt though.
SN won't survive on lurkers alone. Write comments.
(Score: 2) by tibman on Monday January 09 2017, @07:06PM
Wanted to follow up. I poked around the source for a few min and it looks like a plain md5 hash is used. A rainbow table is doable. 16 bytes for IP and 16 bytes for md5 with a total of 4,294,967,296 records is ~137 GB. If someone could find a way show a user hash for a specific comment then i could be motivated to build the rainbow table with a small web front-end for people to use : )
https://github.com/SoylentNews/rehash/blob/e90330293ad9a27e3975a88ea8c17dccec74e130/Slash/Utility/Environment/Environment.pm#L3108 [github.com]
SN won't survive on lurkers alone. Write comments.
(Score: 2) by The Mighty Buzzard on Monday January 09 2017, @08:23PM
Yup, which is why we haven't bothered changing the hashing algorithm or anything. That small of a key space you don't gain anything by using a better algorithm. Use our .onion site or a VPN if it bugs you too much.
My rights don't end where your fear begins.