Wow. What a shock. The FBI will get its bonus hacking powers after all Three last-ditch legislative efforts to block the changes to Rule 41 of the Federal Rules of Criminal Procedure have failed, and from tomorrow the Feds will find hacking your PC a lot less of a hassle. The rule change was introduced by the Supreme Court in April. It will allow the FBI and police to apply for a warrant to a …
The US has passed a law saying they can hack into the computers of anyone, including people outside the US.
I wonder what their response would be if a foreign government passed a law stating that in that case, any of their citizens could legally hack into US government computers?
And quite naturally there will be a resistance from the general public as well. More and more people are using stronger security measures, and the uptake of things like Qubes OS and Tails is increasing. I have faith that we'll see more protective software developed for the general public. The internet is a natural ecosystem which will evolve "FBI resistant" strains of software.
"Act of war" will be very hard to prove definitively unlike Pearl Harbor, Fort Sumter, etc. where you know who the two sides were. Not that various slimes aka politicians will not accuse the enemy of the day with hacking when suits their purposes.
So, which of the US and UK is really going for gold in the race to sidestep civil liberties due to their being, frankly, inconvenient?
Perhaps some form of Top Trumps (*) card game could resolve this. It could sport sections like "CCTVs deployed" and "Constitutional ideals subtly broken" (**)
Cheers
Jon
(*) or not: BBC News
(**) OK the UK doesn't have a constitution, per se, or a bill of rights (Bill of Rights)
PS How the heck did I get a thumbs up on submit? I thought I'd submitted already and was editing my post again but the Submit counter tells me otherwise. Am I really that good? (nope - wine involved)
So this is to identify the address of one 'target' (criminal) after having identified a probable crime, or is it a free-for-all to hack and sniff random computers that have used Tor or VPN?
Not that it makes a difference for us non US residents. As I understand, we are in the free-for -all category anyways.
The big advantage is that it lets them "judge shop"
If you don't think that a Californian judge will give you a warrant to hack Apple, or a Washington one approve of hacking the Clinton foundation - you just need to find a good-old-boy/true-patriot in Alabama somewhere and have them approve your warrant for anywhere in the country
Many places that I've worked at required me to use a VPN if I wanted to log in from home. How many people are going to have their computers hacked by the FBI just because they are required to use it for work?
Probably will go after anyone using HTTPS next. Sure, it looked like they were connecting to a bank but you can't be too careful with those terrorists. /s
"This extension of law enforcement hacking powers has occurred with no Congressional debate or vote, simply by an administrative change."
IMO this is even more worrying than the changes to to Federal Rules of Criminal Procedure (which are already deeply worrying).
This is not how democracy is supposed to work, and history is full of precedents that show how this sort of thing can be used to undermine civil rights and individual freedoms.
This happens to be something the Obama administration wants. They're the ones who are implementing the policy through the Justice Department and Federal Communications Commission.
Congress has given powers to the executive branch to implement policies such as this in order to streamline certain processes and defer to experts in many of the different fields comprising the executive branch. So the only way to reverse it, is for Congress to pass a law restricting some of this power it turned over to POTUS (so to speak).
Does the rule need to be tweaked and reigned in a bit... yes; however, the underlying purpose does need to be an option for law enforcement. I'm thinking you'd change your mind on this a bit once your identity is stolen, along with account information and find your bank account is zero on payday.
Instead of whining like a little nine year old; why not take 15 minutes and email your representative to effect change? Instead of blaming Trump and the entire right wing... you might want to stay in school a bit longer and pay attention to how the government works, who is responsible, and what you can do about it.
Right now all 3 branches of government are okay with this addition to rule 41. Throwing a fit and being ignorant is no way to get it changed.
Yes, I know. One of my representatives is the Senator Wyden who keeps cropping up in stories about US computer issues.
I shall indeed write a strongly worded letter!!!
There! Fixed that.
What? NOT fixed? OK, perhaps there is something wrong with representative democracy as currently practiced in the US. Ya think? Paris wonders.
The Great Liberal White Hope in the form of the Magical Negro let everyone down.
Clinton voters just didn't want to face that fact.
(Before the cry of "racism" comes up, no: the Magical Negro is just a mental aberration of whitey: The Magical Negro is a supporting stock character in American cinema who is portrayed as coming to the aid of a film's white protagonists. Magical Negro characters, who often possess special insight or mystical powers, have long been a tradition in American fiction etc. etc.)
It is fun to write to your representative (MP in the UK), I do on a regular basis.
100% of the time it makes not a jot of difference either to the law or the way my MP votes
About 20% of the time a response arrives form my MP - always a reprint (not even a rewrite) of the governments stated position, my representative is a greasy pole climber who would sell his daughters, shoot his mother and lick the brown hole of anyone he needs to on his way 'to the top', totally shameless
I welcome our new overlords, ironically including their disturbing authoritarian streak. Reason being that (open-source) software developers are a bunch of liberal-libertarian-anarchist types. Trump's victory was their first wake-up call. FBI hacking powers are the second. I assume they're on Twitter today waking up to the fact that HTTPS and TOR are not nearly adequate protection. Not that they'll do anything about it.... until Trump starts locking up and deporting their Twitter friends.
This is a lesson everyone of all political stripes needs to learn: never trust governments.
Based upon the wording, it sounds like it would be legal to honeypot (bait) the FBI and hack them using the same backdoor connection, which was "authorized" by the same warrant.
The definition of a honeypot is that there is no legitimate traffic, and all is subject to deep packet forensics and scrutiny.
Bonus points if the determined endpoint is the Chinese embassy located in the United States.
Government X can do what every they want to a citizen of country Y. And Government Y can do whatever they want to a citizen from X. As long as there is information exchange between X and Y to stop terrorism, both governments have full access to all the data of both countries, warrants not needed.
Governments will enforce back doors into operating systems such as android, windows, and your UEFI etc. Almost every Bios/UEFI has a piece of code from Absolute Software which enables "Lojack" tracking of that system, for metadata. With processor serial numbers, and IP addresses, the days of online free and anonymous expression are numbered. Sites have even started to do away with individual user accounts in exchange for credential caching via a google or facebook ID.
The days of anonymous public protest are also numbered. Add facial recognition scan of the news video compared to the pictures collected from your phone and hard drive, and they know where you live, and how you vote. It promotes a fear to demonstrate. Wear your anonymous mask if you like, but your cell phone's ESN / IMEI is already broadcasting where you are. They know who arrives first to organize the protest, and who leaves last. They can follow the organizers via their cell phones after the protest. If you're a member of the press who arrives early, you might even be classified as an organizer for even covering the event, pressuring freedom of the press.
The Egyptian revolution of 2011 took 17 days to overthrow a gov't which had been in place for 30 years. This scares government leaders when they see crowds protesting. In turn they try to scare us, with comments like tracking of those running VPN and TOR. Be not afraid, and run VPN and TOR, join the EFF, and listen to Off the Hook 2600. We the People are in charge, not a few thousand government officials. We the billions, control this planet. We need a data bill of rights.
This post has been deleted by its author
I'm a Private Internet Access customer, and I use their VPN for anonymous web browsing and other related tasks. I asked their customer support how they're approaching the new Rule 41, and this was their response. This may help others on here who subscribe to privateinternetaccess.com for their VPN service.
"The recent change to Rule 41 of the Federal Rules of Criminal Procedure would allow a federal magistrate judge to issue a search and seizure warrant for electronic media if the location of the information is concealed through technological means or if it is a hacking case that involves computers in at least five judicial districts.
Even if a warrant was issued to PIA about searching and seizing electronic media, because we do not log internet activity, there is no way to trace the activity to a specific user.
Because this rule change allows the government to hack individuals outside of the United States, it is ever important that our subscribers remain vigilant and maintain best practices for protecting their privacy. That means not letting yourself be socially engineered and protecting your network against potentially malicious traffic.
While a VPN can help protect your privacy, it is only one of several tools that when used together protects the privacy of you and your family. If you would like more advice on how to secure your privacy, you can view our Best Practices Guide which is available at https://helpdesk.privateinternetaccess.com/hc/en-us/articles/229655847-Security-Best-Practices"
My thoughts about this are basically that it's really very important to use a VPN provider that is as "off the record" as possible, and doesn't keep log files. It might not solve the whole problem, but at least it helps to thwart the FBI's best attempts at de-anonymizing VPN users.
Yes, "elections do have consequences." However, in what other democratic republic can the one who garnered the most votes (even by a substantial margin) still lose the election?
We may well be about to reach that point beyond which the answer to the question, "What do you think about the United States of America?" will be,"It was a good idea."
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
