SoylentNews is people
SoylentNews
A federal judge for the Eastern District of Virginia has ruled that the user of any computer that connects to the Internet should not have an expectation of privacy because computer security is ineffectual at stopping hackers.
"Hacking is much more prevalent now than it was even nine years ago, and the rise of computer hacking via the Internet has changed the public's reasonable expectations of privacy," the judge wrote. "Now, it seems unreasonable to think that a computer connected to the Web is immune from invasion. Indeed, the opposite holds true: In today's digital world, it appears to be a virtual certainty that computers accessing the Internet can—and eventually will—be hacked."
The judge argued that the FBI did not even need the original warrant to use the NIT [Network Investigative technique/Toolkit] against visitors to PlayPen, a hidden service on the Tor network that acted as a hub for child exploitation.
(Score: 4, Informative) by butthurt on Saturday July 02 2016, @06:55AM
/article.pl?sid=16/06/25/1650257 [soylentnews.org]
(Score: 2, Interesting) by Anonymous Coward on Saturday July 02 2016, @10:14AM
Yeah and this story leaves out important details of what actually was done e.g.
The NIT also instructed Matish’s and other suspects’ computers to send information about the OS running on it, its name, its MAC address, and its active operating system username to the server controlled by the FBI.
And because of that some ignorant people here got the impression it's not like breaking into a house.
However there is one additional bit of information that might be interesting to malware authors:
https://assets.documentcloud.org/documents/2840404/Declaration-of-FBI-Special-Agent-Daniel-Alfin.txt [documentcloud.org]
Special Agent Daniel Alfin, who sought the warrant, declared that the NIT program is not malware.
"The NIT utilized in this investigation was court-authorized and made no changes to the security settings of the the target computers to which it was deployed," he said. "As such, I do not believe it is appropriate to describe its operation as 'malicious.'"
(Score: 2, Funny) by Anonymous Coward on Saturday July 02 2016, @11:05AM
Special Agent Daniel Alfin, who sought the warrant, declared that the NIT program is not malware.
"The NIT utilized in this investigation was court-authorized and made no changes to the security settings of the the target computers to which it was deployed," he said. "As such, I do not believe it is appropriate to describe its operation as 'malicious.'"
So stealing (or copying, depending on your stance regarding "all information wants to be free") banking info, personal info, login info, etc isn't "malicious"? Interesting. I guess that means if someone installs a keylogger and/or data harvesting software on every computer in the FBI it isn't "malicious". I'm sure some defense attorneys are going to use this in the very near future, and will probably call Mr Alfin as a defense witness.
(Score: 0) by Anonymous Coward on Sunday July 03 2016, @11:11AM
(Score: 1) by kurenai.tsubasa on Saturday July 02 2016, @05:59PM
Thanks for the link! This was interesting:
I have personally executed the NIT on a computer under my control and observed that it did not make any changes to the security settings on my computer or otherwise render it more vulnerable to intrusion than it already was. Additionally, it did not “infect” my computer or leave any residual malware on my computer.
It's still murky whether this is some kind of drive-by download or else a browser exploit (or Flash being Flash and insecure). In my mind, how exactly the code got on the computer is an important bit that clicking through the comments section here hasn't revealed yet. It's important to distinguish the computer responding to a request from the internet as it was designed to since we don't want to say that typing in the wrong URL on a website constitutes hacking from delivering a package that either exploits a browser/Flash bug or else executes outside the context of a browser.
I tossed around one scenario in my other comment where Flash might serve up a MAC address or username by design, which I think would fall under “peering through the window.” And yeah, Flash sucks, but I think exploiting even one of its flaws goes beyond peering through windows. After all, just because most home locks are easy to bump key doesn't mean that using a bump key is access by design.
(Score: 2) by The Mighty Buzzard on Saturday July 02 2016, @10:36AM
Heh, poor eds.
My rights don't end where your fear begins.