FBI grabs server, then returns, internet privacy violated?

Printer-friendly version

Author: 

Blog About: 

Taxonomy upgrade extras: 

http://redtape.msnbc.msn.com/_news/2012/05/11/11647813-the-f...

This is plain weird and a bit scary too. The FBI siezed a server dedicated to helping create a safe, anonymous communication environment for folks in other countries seeking a better life, according to the owners of the server. See what you think? Are they right to suspect the returned server has been interferred with or are they paranoid? Should they be able to take the server through the claim of national security or terrorism?

Comments

security

im surprised they went that far
all the fbi(or any police agency)
had to do was either bring a copy
of cofee on a usb stick and/or
have m$ include it in the next
software upgrade, providing
it was a windows server.
and that app once installed
is virtually untraceable.

NOT going to work...

Number one, no one with any sense at all runs secure servers on Windows.

Number two, the EFF, Electronic Frontier Foundation, generally will outright ignore you if you aren't using software and hardware that is recognized by them as being "Open" - GNU, BSD, and friends.

Number three, nothing on Windows is "virtually untraceable". That's the whole reason these people wouldn't have been running Windows in the first place. Windows servers have more holes than a million pounds of Swiss cheese.

Abigail Drew.

Not quite

"nothing on Windows is "virtually untraceable"."

Not quite. The one thing that is guaranteed to be untraceable on Windows is the single tickbox or registry entry you need to change to make the ****** box do what you want it to, not what they think you want it to...

Solely Linux for 12 years and immensely relieved to be so!

Penny

Unfortunately, all they have

Unfortunately, all they have to do is convince a judge to give them a warrant. Period.

That said, the people that own the server aren't going to put it back in service. Period. The system will be wiped completely, and only data put back in place.

edit -

The server is almost guaranteed to not be Windows. MixMaster is designed to run best on UNIX/LINUX/BSD.


I'll get a life when it's proven and substantiated to be better than what I'm currently experiencing.

Don't reuse the server

I suspect the FBI Lab is fully capable of replacing a chip with one programmed to execute any commands they want. And harddrives are simply too cheap to take a chance with the old one. Different server, new HD.

In this kind of situation, paranoia is a survival trait.


"Life is not measured by the breaths you take, but by the moments that take your breath away.”
George Carlin

Uuuuhhhh.. You mean

Uuuuhhhh.. You mean reprogram the CMOS EEPROM? That's the only programmable chip in the computer that would do what you're talking about. Reflash the firmware, and you've fixed that issue, if it even was one - or get a new one from the motherboard manufacturer.

Come on people, there is a difference between fantasy and reality. I'm a paranoid, but I'm also good at my job, and have a good idea of what can be done and can't. Tracking bugs are mostly software - there's not enough ROOM in programmable chips. The only other way to do that is to _add_ hardware. meaning new cards in the system, which would be VERY obvious.

They wouldn't reuse the hard drive anyway, because you'd want to keep the chain of evidence clean.


I'll get a life when it's proven and substantiated to be better than what I'm currently experiencing.

With Bib on this one.

ALTHOUGH! There IS a possibility that they COULD have pulled a chip somewhere off the mobo and replaced it, chipset maybe. I highly doubt they'd be able to pull that off with a chip programmed to do what it's supposed to still and ALSO what they want... Possible, but too improbable to really concern yourself over.

Even if they did manage it somehow, they'd have left obvious desoldering and resoldering marks. Almost as glaringly obvious as putting all new hardware in :P

Doctoring the operating system or other software on the machine, or the CMOS, are much more likely, and also quite easy to fix, as Bib said.

Heck, once a full audit is done, it should be fairly easy to remove the offending bits without touching anything else at all. All this talk about never putting the server back in use is silly.

Abigail Drew.

As I've done motherboard

As I've done motherboard repairs as well, there's generally only one chip on the board that can be altered without enormous amounts of expensive equipment. That's the CMOS EEPROM. Everything is SMD (Surface Mount) now, which is generally considered non-repairable. If they _knew_ that nobody would open it, you could have some ability to patch something else into an empty space, but it'd be VERY blatant to anyone with even a passing idea of how the machine should look :)

Hard drives have some firmware as well, but that's insane to even think about altering, and wouldn't do much good anyway. They could stick something into the boot sector to load a hidden partition or set of files (rootkit), but that gets fixed by a low level format - and again, replacing the drive to keep the old drive for evidence fixes that issue as well :)


I'll get a life when it's proven and substantiated to be better than what I'm currently experiencing.

Two Questions

Regarding the taking of the server. The first is: was it legal to take the server? I'm no lawyer, but I'd say yes. After all they did serve a subpoena signed by a judge. The second question is: was it ethical to take the server. Again I'd have to say yes. Regardless of what the primary server use was, the FBI had a reasonable suspicion that terroristic threats had passed through it. It is the FBI's job to follow any leads they may come across, even if they turn out to be dead ends. They would be remiss in their duties if they didn't.

As for potential tampering, they can't go wrong suspecting the server has been tampered with. If they are smart they'll swap out the server, installing one with a new out-of-the-box harddrive, and restore from backups. Then take the old HD and reformat it with a ballpeen hammer. The return of it after only four days says one of two things to me. Either the FBI Lab found nothing so they got the server returned as quickly as possible because they supported the fine work these people are doing; or the FBI Lab installed all manner of data logger programs and at least one backdoor into the server so they could covertly log into it anytime they wished. Guess which one I believe?


"Life is not measured by the breaths you take, but by the moments that take your breath away.”
George Carlin

Computer Major Arabs.

I used to have a lot of contact with Muslims at Portland State University in Portland, Oregon. It has 28,000 registered students. Almost every Saudi I ever met there was a Computer Science Major. I have a Saudi friend who was recently told he could not register there because Homeland Security has a red flag on that University, because there are too many Muslims.

I was Muslim. So, while you and the owners of that server may be the most flag waving Americans you have ever met, it makes you wonder what all those Middle Eastern Computer majors are doing?

I can see the FBI running a sub routine that would allow them to send and receive traffic without even the SYS OP knowing they were doing it.

Recently I was told that my Samsung Galaxy II can be tracked by law enforcement. Yayyyyy! That's great! It's like having a free body guard to watch over me. I feel so much more secure.

G

Technically, any device with

Technically, any device with location tracking on it (for google locations, for example) can be tracked by law enforcement. If it's cellular based, it's even easier to track.

My wireless stays off on my tablet most of the time, and I disable everything but 911 on the phone. I'm quite capable of figuring out where I am by myself, thank you.


I'll get a life when it's proven and substantiated to be better than what I'm currently experiencing.

Opinions...

> See what you think?

Yawn. This doesn't surprise me in the least since the Patriot Act was passed. There are way too many powers given to governments in the United States these days.

>Are they right to suspect the returned server has been interferred with or are they paranoid?

If it were my server that was taken and returned, I'd immediately retire and replace it. I'd be 98% sure there's an untraceable, unremovable program on there that will allow them to monitor traffic.

> Should they be able to take the server through the claim of national security or terrorism?

Ethically? No, they shouldn't be allowed to do this.

Legally? They probably have their choice of at least 5 laws that allow them to do this.