Stories
Slash Boxes
Comments

SoylentNews is people

posted by janrinok on Monday January 09 2017, @12:58AM   Printer-friendly
from the something-to-hide? dept.

In a surprising and worrying move, the FBI has dropped its case against a man accused of downloading child sex abuse images, rather than reveal details about how they caught him.

Jay Michaud, a middle school teacher in Vancouver, Washington, was arrested in July last year after visiting the Playpen, a dark web meeting place tens of thousands of perverts used to swap mountains of vile underage porn.

Unbeknown to him at the time, the FBI were, for about a fortnight, running the site after taking over its servers, and managed to install a network investigative technique (NIT) on his computer to get his real public IP address and MAC address. The Playpen was hidden in the Tor anonymizing network, and the spyware was needed to unmask suspects – about 1,300 public IP addresses were collected by agents during the operation.

According to the prosecution, a police raid on his home revealed a substantial hoard of pictures and video of child sex abuse on computer equipment. But now, guilty or not, he's now off the hook after the FBI filed a motion to dismiss its own case [PDF] late last month.

Why? Because Michaud's lawyer insisted that the FBI hand over a sample of the NIT code so it could be checked to ensure that it didn't breach the terms of the warrant the FBI obtained to install the malware, and to check that it wouldn't throw up any false positives.

US District Judge Robert Bryan agreed, saying that unless the prosecution turned over the code, he'd have to dismiss the charges. The FBI has since been arguing against that, but has now decided that it's better to drop the case than reveal its techniques.

-- submitted from IRC


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 0) by Anonymous Coward on Monday January 09 2017, @12:55PM

    by Anonymous Coward on Monday January 09 2017, @12:55PM (#451421)

    > We only see a hash of the IP

    How can someone say stupid shit like this unless they are a complete ignoramus without any clue of computer science, programming, mathematics and basic logic?
    There are only 4 billion IP addresses, if you have a HASH of the IP address you HAVE the IP address!!!!

  • (Score: 2) by TheRaven on Monday January 09 2017, @02:01PM

    by TheRaven (270) on Monday January 09 2017, @02:01PM (#451448) Journal
    Only if it's an unsalted hash or you know the salt, and it's a cryptographic hash that is longer than 32 bits.
    --
    sudo mod me up
  • (Score: 2) by tangomargarine on Monday January 09 2017, @03:45PM

    by tangomargarine (667) on Monday January 09 2017, @03:45PM (#451484)

    unless they are a complete ignoramus without any clue of computer science, programming, mathematics and basic logic

    Somebody needs to review the definition of a hash.

    --
    "Is that really true?" "I just spent the last hour telling you to think for yourself! Didn't you hear anything I said?"
    • (Score: 2) by tibman on Monday January 09 2017, @06:34PM

      by tibman (134) Subscriber Badge on Monday January 09 2017, @06:34PM (#451555)

      He's saying you could build an IP dictionary by hashing every single IP and doing a comparison against the target hash. You would have to know the has algorithm and salt though.

      --
      SN won't survive on lurkers alone. Write comments.
    • (Score: 2) by tibman on Monday January 09 2017, @07:06PM

      by tibman (134) Subscriber Badge on Monday January 09 2017, @07:06PM (#451572)

      Wanted to follow up. I poked around the source for a few min and it looks like a plain md5 hash is used. A rainbow table is doable. 16 bytes for IP and 16 bytes for md5 with a total of 4,294,967,296 records is ~137 GB. If someone could find a way show a user hash for a specific comment then i could be motivated to build the rainbow table with a small web front-end for people to use : )

      https://github.com/SoylentNews/rehash/blob/e90330293ad9a27e3975a88ea8c17dccec74e130/Slash/Utility/Environment/Environment.pm#L3108 [github.com]

      --
      SN won't survive on lurkers alone. Write comments.
      • (Score: 2) by The Mighty Buzzard on Monday January 09 2017, @08:23PM

        by The Mighty Buzzard (18) Subscriber Badge <themightybuzzard@proton.me> on Monday January 09 2017, @08:23PM (#451601) Homepage Journal

        Yup, which is why we haven't bothered changing the hashing algorithm or anything. That small of a key space you don't gain anything by using a better algorithm. Use our .onion site or a VPN if it bugs you too much.

        --
        My rights don't end where your fear begins.