Stories
Slash Boxes
Comments

SoylentNews is people

SoylentNews is powered by your submissions, so send in your scoop. Only 18 submissions in the queue.

FBI Allays Some Critics With First Use of New Mass-Hacking Warrant

posted by on Thursday April 27 2017, @02:01PM   Printer-friendly
from the don't-you-believe-it dept.

Phoenix666 writes:

Mass hacking seems to be all the rage currently. A vigilante hacker apparently slipped secure code into vulnerable cameras and other insecure networked objects in the "Internet of Things" so that bad guys can't corral those devices into an army of zombie computers, like what happened with the record-breaking Mirai denial-of-service botnet. The Homeland Security Department issued alerts with instructions for fending off similar "Brickerbot malware," so-named because it bricks IoT devices.

And perhaps most unusual, the FBI recently obtained a single warrant in Alaska to hack the computers of thousands of victims in a bid to free them from the global botnet, Kelihos.

On April 5, Deborah M. Smith, chief magistrate judge of the US District Court in Alaska, greenlighted this first use of a controversial court order. Critics have since likened it to a license for mass hacking.

General warrants were a key reason cited by the Founding Fathers for their rebellion against King George.

Original Submission

 
This discussion has been archived. No new comments can be posted.
FBI Allays Some Critics With First Use of New Mass-Hacking Warrant | Log In/Create an Account | Top | 38 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 4, Insightful) by kaszz on Thursday April 27 2017, @05:19PM

    by kaszz (4211) on Thursday April 27 2017, @05:19PM (#500801) Journal

    I'm not asking for regulations. Just liability to be imposed.

    Liability is coded in law which means lawyers etc. And the circus will be on. What you think and wish has no automatic connection to the consequences of your actions.

    I'm not asking for any kind of certification of IoT security. I'm not asking for any kind of recognized standard to be met. Just that if your IoT device gets hacked, the liability for damages is on the manufacturer.

    Nothing more.

    Liabilities are encoded in law and this will instead line the coffers of insurance corporations that can then make use of their oligopoly.

    I think it would provide all right right incentives. You wouldn't believe how many best practices there are about security for systems that handle credit card information. I would love to see even half PCI compliance requirements applied to IoT devices.

    Incentives will be perverted. And credit cards are routinely cracked because their security sucks.

    Better have a specific checklist that must be adhered to before the device may be connected to a public network or any wireless mechanism. That will give manufacturers a clear target and give less space for lawyers and insurance corporations to screw people.

    Otoh, BrickerBot perhaps does the job with security compliance quite good ;)

    Starting Score:    1  point
    Moderation   +2  
       Insightful=1, Interesting=1, Total=2
    Extra 'Insightful' Modifier   0  
    Karma-Bonus Modifier   +1  
    Total Score:   4