funsec mailing list archives
Re: FBI CP sting
From: Bruce Ediger <eballen1 () qwest net>
Date: Thu, 20 Mar 2008 15:05:41 -0600 (MDT)
On Thu, 20 Mar 2008, Alex Eckelberry wrote:
The FBI has recently adopted a novel investigative technique: posting hyperlinks that purport to be illegal videos of minors having sex, and then raiding the homes of anyone willing to click on them.
That's just weird. Since the "video" files contained nothing illegal,
they must take "clicking on them" as an indicator that other illegal
things went on in the house containing the computer with the IP address
in question. Does that stand up in court? If so, why does it stand up?
Where's the presumption of innocence?
Couldn't someone like the recently apprehended SWATTER "lil Hacker" make
some people's lives miserable by gaining access to an IP address via an
open wireless AP and "clicking on a video"? Couldn't the nearly super-
powered Red Army CyberWar Battalion hack into, say Michael Hayden's home
PC, and send "click" to the "video", getting the FBI to do a little
Harrasment & Interdiction on someone who has to be the Battalion's
Greatest Enemy?
Why do they need someone to "click on a video" if Carnivore I mean DCS-3000
is so frigging good? Can't the NSA just give the FBI a few hints about who
to monitor based on the Tap Rooms in AT&T central offices? Maybe they will
after Agent Mulder kicks in Hayden's door at 3am some morning.
Also, how do they account for programmatic access? Googlebot, msnbot "Yahoo!
Slurp", and a few other apparent bots scan my web server all the time. For
giggles, I put a "robots.txt" file forbidding access to a couple of enticingly
named directories ("porn", "payroll", stuff like that) that didn't actually
exist in the htdocs/ directory. At least one person or bot has tried to access
those directories. I have to conclude that a mis-guided recursive "wget" of
the wrong IP address might get my door kicked in and all my computers
confiscated.
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
Current thread:
- FBI CP sting Alex Eckelberry (Mar 20)
- Re: FBI CP sting Bruce Ediger (Mar 20)
- Re: FBI CP sting mark seiden-via mac (Mar 20)
- Re: FBI CP sting Kitsune (Mar 20)
- Re: FBI CP sting mark seiden-via mac (Mar 20)
- <Possible follow-ups>
- Re: FBI CP sting Thomas Raef (Mar 20)
- Re: FBI CP sting Paul Ferguson (Mar 20)
- Re: FBI CP sting Rich Kulawiec (Mar 20)
- Re: FBI CP sting Jacob Appelbaum (Mar 20)
- Re: FBI CP sting Rich Kulawiec (Mar 20)
- Re: FBI CP sting Randy Mueller (Mar 21)
- Re: FBI CP sting Gadi Evron (Mar 21)
- Re: FBI CP sting Bruce Ediger (Mar 20)