What that really means is that the FBI had no problems hacking over 8000 computer machines in over 120 countries around the world and all it needed was a single (in other words, one) warrant.
Something doesn’t sound right here? Right?
Let’s find out then.
If we can just shift out memories back to January of this year, we’ll do well to remember that Motherboard from vice reported that FBI was increasingly expanding the scope of its surveillance operations.
To put it another way, the FBI’s hacking operations had started to reach unprecedented levels because of whatever reason. Some media reports stated that the FBI not only hacked computers at will and without much due diligence but was able to infect computer machines with malware with the help of a single warrant.
Perhaps, the only positive aspect of this whole hack operation was that the computers in which the malware was deployed were basically of visitors who frequented child pornography websites in the deep dark web.
But that was the part which we already knew. Now, it has been revealed, that the hack operation was much much larger than it was initially reported to be. In fact, it was severals orders of magnitude bigger than initial estimations.
As indicated earlier in the article, the operation was basically carried out over 8000 IP addresses by the FBI. The organization hacked the relevant 8000 computers which were present in over 120 different countries.
Journalists now know a lot more about the whole operations thanks to a transcript from an evidentiary hearing that took place recently in an associated case.
Perhaps, very few would be surprised to know that the figures being quoted in the report are easily the largest in terms of sheer size that have ever come up as far as law enforcement agency hacking operations are concerned.
Of course, we’re assuming here if the FBI isn’t already working on an even bigger scaled hacking campaign in order to catch hackers or other cyber criminals.
But more important is the fact that the report bluntly shows that the future of managing and policing criminals and their activities on the internet is a bleak one in terms of proper permissions and following the rule of law.
Readers might not be privy to this but this news is important also because of the fact that it comes at a time when the United States government is in full motion to bring vast changes to the way criminals are found and caught in the country.
To allow law enforcement agencies “work” at their full potential, the government is working on introducing reforms that will basically allow magistrate judges to permit law enforcement agencies to mass hack any number of computer that they deem fit and the worst part is that the location of those computers has not been taken into account.
In other words, no matter where a specific computer may be located or present, the law enforcement agencies in the United States will soon be able to legally hack it for their motives whether justified or not justified.
Colin Freeman, who is a federal public defender, stated his own opinion about the situation at a hearing that took place at the end of October (that is according to the received transcripts) in which he said that the United States of America had never, in its history as a nation as far as he could tell, seen a warrant so utterly sweeping.
Perhaps, it is pertinent to mention here is that Colin Fieman is actually representing quite a number of defendants who have been involved in affected cases.
What do those cases revolve around?
Well, as mentioned earlier in the article, most of the cases are involved with FBI’s investigative activities regarding a dark web child pornography website by the name of Playpen.
According to reports that were published in the media in February 2015, the FBI was able to take control of the website but interestingly enough, instead of shutting down the website completely, the FBI decided that perhaps it was a better idea to run the site, Playpen, from a government owned server instead of the previous owner’s.
It has also been revealed that the FBI ran the site through the government servers for a period that lasted 13 days.
It was also reported that having control of the site did not do the agency much good because even though the FBI had administrative control of the child pornography website, the investigators with the agency could not find a way to discover the real IP addresses of users who visited the site.
Tor. Most of the users who visited Playpen, accessed the website through the use of the Tor network. The Tor network grants users anonymity and privacy when they are on the internet. And though, the Tor network has been used for some good as well, think Edward Snowden, it is mostly used by criminal minded people who do all sorts of illegal stuff on the internet with the help of the Tor network that provides them with almost unbreakable anonymity.
However, when we’re talking about the FBI, we’re talking about one of the best investigative agency in the world if not the best and as any investigative agency worth its salt would do, the GBI came up with a technique known as the network investigative technique which allowed them to circumvent the anonymity that users had gained because of the Tor network.
In other words, the FBI made use of a piece of malware that allowed them to see the real IP addresses of people who visited the child pornography website.
As the more savvy of users would have already figured out, the malware actually consisted of an exploit that compromised the functionality of the Tor Browser.
Not only that, but the malware was also capable enough to break into the computer of any visitors that visited that visited predetermined and preselected child pornography threads on the child pornography website Playpen.
The next part of the operation involved the malware taking note of the real IP address of the person who visited those specific areas of the child pornographic website and then sending the real IP addresses of the visitors back to the agency for further investigation.
Other documents that were filed in the court also revealed that the FBI was able to obtain well over 1000 IP addresses of the visitors who visited PlayPen and were the United States based users of the website.
As pointed out earlier, Motherboard from Vice had been following the story for over a year now and had found out that the FBI actually hacked computer machines of users who resided in other countries as well. Countries such as Australia, Denmark, Greece, Chile, Austria, some in the United Kingdom, Norway and Turkey were targeted as well.
And if it wasn’t clear enough already, then it should be known that these were only a minor portion of the countries that the FBI hacked in order to catch visitors who visited the child pornography website Playpen.
FBI hacked computers in some other countries as well and according to the latest transcript of a related hearing that has been published in the media, the FBI expanded its hacking operations to users who resided in well over 120 countries.
Christopher Soghoian, who is the principal technologist at the American Civil Liberties Union in a phone call with Motherboard from Vice, told reporters that the fact that a single magistrate judge could authorize the FBI to hack 8000 people in 120 different countries was truly terrifying.
It should be mentioned here that Christopher Soghoian has been involved in testifying for the defense in Playpen related cases.
According to the recently published transcript, it has also been unearthed that, strangely enough, the FBI not only hacked over 8000 individual computers but also hacked into what can only be described as a satellite provider.
During the hearing, Fieman noted that it was shocking that now the United States of America agencies were carrying out operations in outer space as well.
But the issue is not just limited to the 8000 users that were hacked or the FBI or even some public defendants, it has now been revealed that the Department of Justice also has had some form of involvement in the issue in the past few months as well.
The Department of Justice has actually been engaged in a rigorous battle with the relevant authorities on the validity of the warrant that the FBI used in order to carry out a hacking operation of such as large magnitude.
The Department of Justice recently filed some documents in the court according to which it was found out that there were actually fourteen court decisions according to which it was found out that the warrant used by the FBI was utilized in an inappropriate manner.
In other words, the warrant used by the FBI was not correctly issued in accordance with the Rule 41 of the Federal Rules of Criminal Procedure. For the uninitiated, the Rule 41 of the Federal Rules of Criminal Procedure essentially covers the bases of how authorities can and should issue search warrants for stated purposes.
What’s The Main Issue Then?
According to some media reports, the main issue isn’t why the FBI hacked into several thousand computers in order to catch visitors to a specific child pornography website, but the issue is that of jurisdiction.
To put it another way, the judge who issued the search warrant to the FBI which allowed the investigative agency to hack into thousands of computers actually did not have the appropriate authority to give permission for searches that were outside the judge’s own district.
The Magistrate Judge in question here is Theresa C. Buchanan in the Eastern District Of Virginia and now it has been uncovered that in as many as four cases, the courts have decided to actually reject all the collected evidence that was obtained as a result of using the malware because of violation of several laws.
Now Comes The Dangerous Part.
As of now, we knew that the FBI hacked into computers that were located in 120 different countries based on a flawed warrant that was issued by a Magistrate Judge who was not supposed to give out permission for searches outside her own district.
But, if the proposed changes to come into effect, and are likely to come into effect as early as December 1, 2016, the situation could be reversed. In other words, the same local magistrate judges would then be allowed to authorize investigate agencies through search warrants that would be outside their local district just like the case was with the Playpen investigation.
Ahmed Ghappour, who is a visiting assistant professor at UC Hastings College of Law and has also authored a paper titled “Searching Places Unknown: Law Enforcement Jurisdiction on the Dark Web”, in an interview given via a phone call to Motherboard said that the proposed changes would give rank and file law enforcement officers way too much discretion to conduct hacking techniques within and outside the United States of America.
On the other hand, Soghoian from the American Civil Liberties Union voiced his own opinion and states that with the changes to Rule 41, the case with Playpen would probably become the new normal as far as law enforcement agencies search warrants were concerned.
He also said that people should expect to see future operations, from FBI and other law enforcement agencies, of this scale, conducted not just by the FBI but by other federal, state and local law enforcement agencies as well and that we should all expect to see foreign law enforcement agencies hacking individuals in the United States of America too.
If that sounded a bit too far fetched then a report from Motherboard in August of this year unearthed that law enforcement agencies and authorities in Australia had been involved in hacking criminal suspects here in the United States of America. Though there were no details on how or when the Australian authorities granted a warrant that allowed them to hack individuals in the United States of America legally.