SoylentNews is people
SoylentNews
ArsTechnica reports that Matt Campbell, a North Little Rock attorney who represents police department whistleblowers supplied an external hard drive to the Fort Smith Police Department for them to copy emails and other evidence. When it was returned, he discovered that it contained three well-known trojan viruses:
According to court documents filed last week in the case, Campbell provided police officials with an external hard drive for them to load with e-mail and other data responding to his discovery request. When he got it back, he found something he didn't request. In a subfolder titled D:\Bales Court Order, a computer security consultant for Campbell allegedly found three well-known trojans, including:
- Win32:Zbot-AVH[Trj], a password logger and backdoor
- NSIS:Downloader-CC[Trj], a program that connects to attacker-controlled servers and downloads and installs additional programs, and
- Two instances of Win32Cycbot-NF[Trj], a backdoor
All three trojans are usually easily detected by antivirus software. In an affidavit filed in the whistle-blower case, Campbell's security consultant said it's unlikely the files were copied to the hard drive by accident, given claims by Fort Smith police that department systems ran real-time AV protection.
"Additionally, the placement of these trojans, all in the same sub-folder and not in the root directory, means that [t]he trojans were not already on the external hard drive that was sent to Mr. Campbell, and were more likely placed in that folder intentionally with the goal of taking command of Mr. Campbell's computer while also stealing passwords to his accounts."
Will the Fort Smith Police Department be held accountable? Place your bets...
(Score: -1, Troll) by Anonymous Coward on Wednesday April 15 2015, @11:55AM
Whadda ya know? Another hyperventilating article, complete with overblown editorial comments, from our resident over-reactionary Phoenix.
Lawyer sends cops a thumbdrive. Cops copy files to drive. Lawyer and his IT "expert" find trojans in the copied directory. They were placed there because the files were not put in the "root" directory of the drive. They're fucking TROJANS (if you don't know the difference between a trojan and a virus, then please stop adding ignorant comments). I don't know how the absence of them being in the "root directory" means anything about intent. The other bit of "damning" evidence is that the police say they run a secure network, implying that these trojans would have been discovered, so obviously they were put there on purpose. For all of you who don't live in your parent's basement and actually work, what is the likelihood that a podunk department runs a secure locked-down system? I've been at companies with real IT staff that don't have their systems locked down.
It makes for nice lawyer-ese arguments in their laundry list of complaints thrown at the wall to see what sticks, but color me underwhelmed. But it is the perfect kind of story to sell here so I do understand why it makes the cut as it is the perfect blown out of proportion story that elicits the now common uninformed outrage here.
(Score: 5, Touché) by rondon on Wednesday April 15 2015, @12:14PM
I feel like I need to make a meme of Dorothy and her friends skipping along the yellow brick road. Except, instead of Dorothy I will name her "Ad Hominem," instead of the Cowardly Lion I will name him "False Dichotomy," and instead of the Tin Man I will name him "Circular Logic."
The Strawman gets to keep his name.
Then I will post this meme on all the posts on Soylent that spew their righteous rage while using every single one of these false arguments.
(Score: 1, Informative) by Anonymous Coward on Wednesday April 15 2015, @01:24PM
You forgot toto the k-9 equivocation.
(Score: 0) by Anonymous Coward on Wednesday April 15 2015, @07:18PM
So many people here like to shut down arguments with accusations of ad hominem and other terms that they pick up on Wiki. But it is clear that they don't really know how to use those words.
(Score: 0) by Anonymous Coward on Thursday April 16 2015, @12:43AM
It's clear that you don't know how to put forth an actual counterargument, rather than just saying that someone is wrong about something.
And whether they looked something up on "Wiki" or not is utterly inconsequential to whether or not it is correct. There's also the fact that, being strangers on the Internet, you have absolutely no idea where they came across the knowledge.
(Score: 2) by quadrox on Friday April 17 2015, @06:17AM
It is difficult,s ometimes even impossible, to prove a negative. GGP makes accusations about various logical fallacies without pointing out exactly where these fallacies have occured. Given the fact that the accusation is entirely baseless, should GP have quoted every single sentence with a statement "this is not an ad-hominem, nor circular logic, nor a strawman, nor ..."? That's just dump.
Instead, the burden of proof lies with GGP, and since he has not seen fit to provide any so far, we may assume it does not exist.
(Score: 2) by quadrox on Friday April 17 2015, @06:18AM
Yes yes goddamnit I should have previewed, but when will we get an edit button? Those spelling errors are atrociuous.
(Score: 1) by rondon on Thursday April 16 2015, @12:04PM
Is this performance art? Did you just use an ad hominem attack with the word ad hominem in it? I do not have the capacity to tell if this is high level satire or you don't have a clue wtf you are talking about.
Either way, I applaud you good person. You are either incredibly clever or... something else all together, I suppose. Would it be terribly meta if I now accused you of stupidity, or being a troll?
(Score: 1, Informative) by Anonymous Coward on Wednesday April 15 2015, @01:59PM
Ahh, Señor Douche Nozzle Troll, I'll bite ...
This guy is a lawyer. Handling a very public case that already involves the police department. Anything and everything he does regarding this case will be scrutinized by the PD, the judge(s), Attorney General, perhaps other state and/or federal agencies, and let's not forget the the press (those bastions of credibility and accuracy that they are). If he's going to make this kind of accusation he'd better make sure he has a shit-ton of documentation & evidence, or he's going to be sacrificed by everyone who sticks their nose into this.
My bet is on the lawyer. Not that I like (or even trust) lawyers. But the police in our country have already established them selves as untrustworthy in so many ways that I wouldn't trust them enough to ask them the time of day. Remember, they now refer to the citizens of their communities as "civilians" and have marked us the "enemy" with regard to their militarization practices. I'm taking the police at face value, which isn't good at all.
(Score: 3, Insightful) by wantkitteh on Wednesday April 15 2015, @02:38PM
1) Blank drive goes to cops.
2) Cops put data on drive.
3) Cops return drive.
4) Virus found in a sub-directory that didn't exist before 2 happened.
5) Cops claim they have secure system.
Result - cops are either ignorant about the true security of their system, or their malicious and did it deliberately. I don't really care for the "either" or the "or". At least the either only affects this case, the or has pretty terrifying connotations.
(Score: 3, Insightful) by sjames on Wednesday April 15 2015, @07:21PM
Actually, the 'either' isn't so good either. It implies that their sloppy handling of computer security routinely taints evidence with who knows what.
The or implies that they do it deliberately and are trying to spy on defense attorneys.
(Score: 2) by wantkitteh on Thursday April 16 2015, @08:21AM
*nods* True, nothing about this situation is good.
(Score: 2) by hemocyanin on Wednesday April 15 2015, @03:25PM
Viruses are usually self replicating while trojans usually require some user interaction. One of the plaintiffs the lawyer represents was named "Don Bales". The trojans were found in a directory named "D:\Bales Court Order".
There are some directories that can be assumed to exist on every computer system, and some that obviously are unique. Given that "Bales Court Order" is obviously unique, this directory is in the latter category. A virus would want to be in the root directory so it would be automatically executed when the drive was mounted and it would be hard for a super-clever non-root-dir virus writer to anticipate the directory name we have here (though it could also randomly pick a directory, but then it would have to replicate itself some time after mounting the drive or else the directory would not be found because it wouldn't exist when first mounted -- this is all beside the point if these trojans require planting and clicking).
Anyway, placing the files in a unique subdir makes it look like they were hoping the lawyer would click on them and execute them while trying to read court orders related to Bales.
So why don't you stop posting ignorant comments?
(Score: 0) by Anonymous Coward on Wednesday April 15 2015, @07:57PM
Ignorant? So tell me what is supposed to happen next. When the lawyer clicks on the files and launches these old and well-known trojans, some time later his system is compromised by the trojan author. Since the police are OBVIOUSLY trying to break into his system, I suppose they simply contact the person in Russia or wherever that person lives who wrote the trojan to get access.
OR, since they are obviously trying to break into the system, the police must be the authors of the trojans. To me, that is the bigger story, that a podunk police force writes and deploys trojans. And in fact, THIS POLICE FORCE MUST ACTUALLY BE THE SOURCE OF THESE TROJANS!!! Now THAT is the story. Norton and MacAfee and those guys can update their descriptions of these trojans because we now have DEFINITIVE PROOF for the source of these files.
OR, perhaps they simply copied the files off of their virus-infested Windows 98 computer, or more likely, their virus-infested Windows XP computer that doesn't have AutoPlay disabled, thus infecting every thumb drive plugged into it.
You guys really need to be hit with a clue-by-four. Do you really fucking believe this is an attempt of these police to break into the lawyer's computer? I can't imagine what you're like when you go to one of those web sites that pops up a window warning you that they detected a virus on your computer. But hey, who am I to ruin your post-apocalyptic police state fantasy.
(Score: 0) by Anonymous Coward on Thursday April 16 2015, @12:48AM
Do you have the source code to these trojans? Why would the police hand them out to begin with?
As said above, either they are ridiculously negligent (and no evidence from them can be trusted since any evidence could be tainted) or they are malicious. Neither possibility is good for them, or good for society.
(Score: 0) by Anonymous Coward on Wednesday April 15 2015, @03:37PM
A Trojan is an inhabitant of Troja, and a virus is a specific type of pathogen. A Trojan virus is therefore a pathogen that is endemic in Troia.
SCNR