04:53 GMT +312 December 2019
Listen Live
    The FBI's reasoning comes across a bit contradictory.

    Digging One’s Own Grave: FBI In the Middle of Another Hacking Scandal

    © Flickr / Yuri Samoilov
    Tech
    Get short URL
    256
    Subscribe

    When it comes to computers and the internet, the Federal Bureau of Investigation is having difficulty bringing their methods on a par with their legacy of catching bad guys. Just weeks after the agency paid over $1 million to hack an iPhone, the FBI has another cyber-related problem, this time regarding pornography involving children.

    Continuing a long tradition of going undercover to buy illegal drugs as a means to catch dealers, the FBI took control of a child porn website so as to apprehend users. But this time, instead of buying illicit materials, they resorted to selling, a comparison made by federal judge William G. Young, after the agency allowed the server to continue functioning, serving visitors for almost a year.

    Since the server hosting the illegal content was encrypted using Tor, users had anonymity. The FBI then installed malware on the devices of users (a method called "network investigative technique" or NIT) that reported the IP addresses of those infected machines back to the agency.

    The FBI, finding themselves in another "security vs privacy" conundrum, quickly issued warrants by a magistrate judge in Virginia which had no legal power in Massachusetts, where the computer of one Alex Levin, suspected of trading child pornography, was located.

    Levin was charged with possession of child pornography. The charge was supplemented with evidence which reportedly included eight files containing illegal imagery. However, Levin's public defender successfully argued a technicality, stating that the warrant the FBI used to authorize the NIT was not valid because it violated Rule 41 of federal criminal procedure, restricting magistrate judges from authorizing warrants outside their geographical jurisdiction.

    In Thursday's ruling, federal judge William G. Young said that the evidence against Levin, including the "eight media files allegedly containing child pornography," must be suppressed.

    "The resulting search was conducted as though there were no warrant at all," Levin said.

    Rule 41 is currently being reviewed by Congress, but it will take some six months before any change can come into effect. According to Senator Ron Wyden, "this is a serious, complicated issue that Congress needs to consider quickly, to ensure our laws are keeping up with technology." The FBI, though, acted before the changes to the rules were made, taking the straight, but illegal, path instead.

    The FBI's error will most likely cause Levin's case to be dropped, jeopardizing other pending cases.

    According to Electronic Frontier Foundation staff attorney Mark Rumold, "At this point, there were so many problems with the way the FBI conducted this investigation that the Department of Justice should just stop bringing these cases."

    Related:

    FBI Paid More than $1Mln to Hack Terrorist iPhone
    FBI Face Detection Software Tracked Down Third Suspect in Brussels Attacks
    Apple, FBI Witnesses to Testify at Congressional Encryption Hearing
    FBI Paid Hackers for Technical Tip to Unlock San Bernardino Shooter IPhone
    American Muslims File Lawsuit Against FBI Over Terrorist Watchlist
    Tags:
    Hacking, scandal, child pornography, U.S. Department of Justice, Federal Bureau of Investigation (FBI), Virginia, Massachusetts, United States
    Community standardsDiscussion
    Comment via FacebookComment via Sputnik