Too slow! FBI Shuts Down Hosting Service 928
Chope writes "If FBI agents showed up at your data center bearing a warrant, would you be able to provide them prompt access to customer data?
BZZZZT! I'm sorry, but you've taken too long to answer. We'll be confiscating all the hardware you use, er, used to use, to run your business. But we'll get it back to you 'real soon now.' Thank you for playing. CarrierHotels.com is carrying the story of a FBI raid on a web hosting company. When the hosting company didn't and/or couldn't provide the information the FBI was looking from its several terabytes of data within "several hours", the FBI decided it was more "efficient" to seize all the web servers and customer data as part of the FBI's investigation of a hacking incident."
script kiddy and spam proxy heaven (Score:5, Informative)
This is about the last data center on earth where script-kiddies can get free shell accounts.
This is a case were many servers got caught in the crossfire aginst the script kiddies and spamers.
Full Text (Score:5, Informative)
By Rich Miller
Carrier Hotels Editor
Posted Feb 19, 2004
If FBI agents showed up at your data center bearing a warrant, would you be able to provide them prompt access to customer data? How long would it take?
That's an important question in the wake of an FBI raid of Columbus, Ohio hosting company CIT Hosting last Saturday. Federal agents wound up shutting down the entire operation, seizing all the company's web servers and all customer data as part of its investigation of a hacking incident.
CIT Hosting, also known as FooNet, markets itself as "the leader in the IRC and DDoS protection business for the last 5 years." The company posted a web page informing customers that its data center was shut down, and instructing customers to contact the FBI if they needed access to their files.
"The FBI executed a search warrant issued by the United States District Court for the Southern District of Ohio regarding the IRC network that we host," the company said in its statement.
IRC (Internet Relay Chat) is a live chat system that allows users to create private discussion rooms. While IRC has a lengthy history of legitimate use, it is also a medium for discreet communication between hackers. CIT said the FBI was "investigating whether someone hosted on our network hacked and attacked someone else."
"After several hours of attempting to track down, inspect and audit the terabytes of data that we host, the FBI determined that it was more efficient (from their point of view) to remove all of our servers and transport them to the FBI local laboratories for inspection," the statement continued. "The FBI has assured us that as soon as the data has been safely copied and inspected, the equipment will be promptly returned. Unfortunately, the FBI has not been able to tell us when they will be completed with their inspection."
The seizure isn't standard procedure, and there's no way to know exactly what prompted it. CIT's account suggests the FBI may have lost patience with the process. The IRC-focused nature of CIT's business may also have been a factor.
But if you're a data center operator, you want to avoid any scenario in which the FBI gets impatient and starts hauling away your servers. Just one more item on the contingency planning checklist for the times in which we live.
Grass roots report (Score:3, Informative)
Rus
Returning Equipment (Score:4, Informative)
Look! I'm whoring! (Score:5, Informative)
From their site - don't forget to let the FBI know what you think! rwhite3@leo.gov
02/23/2004 CIT re-establishes service.
We have restored service at Equinix's Chicago Data Centers. We are in the same facilities as MSN and many fortune 500 companies. The facility has multi OC192 connections to the backbone.
The FBI has begun retuning equipment to CIT which is being shipped to our new facilities in Chicago.
At this time CIT will continue to provide dedicated DDOS Protected web hosting only.
CIT provides reliable and scalable solutions for customers of all sizes and services. Located in Equinix's Chicago Data Centers , CIT has access to all the major carriers without the need for local loop circuits.
Our Chicago staff is focused first and foremost on customer satisfaction, and will take every action necessary to accommodate each customer. Unlike many large ISPs, CIT prides itself in its ability to provide personalized service to each customer - if a customer calls twice for assistance, they can usually speak to the same representative. Our sales and support teams are allowed a great deal of flexibility to work together to resolve each customer's needs on an individual basis. Our success and rapid growth can be attributed to the satisfaction of our customers - word-of-mouth referrals account for a large portion of the new business we receive each month.
The IRC Network will remain down until further notice.
02/14/2004 FBI Confiscates all servers
Dear Customers of FOONET/CIT:
We regret to inform you that on Saturday February 14, 2004 at approximately 8:35 am EST, FOONET/CIT's data center in Columbus, Ohio temporarily ceased operations.
Here are the facts of what occurred:
The FBI executed a search warrant issued by the United States District Court for the Southern District of Ohio regarding the IRC network that we host. According to the warrant, it appears that the Bureau is investigating whether someone hosted on our network hacked and attacked someone else.
After several hours of attempting to track down, inspect and audit the terabytes of data that we host, the FBI determined that it was more efficient (from their point of view) to remove all of our servers and transport them to the FBI local laboratories for inspection. This was completed at 7:00 pm EST same day.
The FBI has assured us that as soon as the data has been safely copied and inspected, the equipment will be promptly returned. Unfortunately, the FBI has not been able to tell us when they will be completed with their inspection.
We have been told by the Special Agent in charge of the investigation that If you need access to your data you are asked to please contact the Bureau via email to rwhite3@leo.gov. Make sure to include in your email your name, mailing address, and telephone number with area code.
Since we wish to focus 100% of our efforts on restoring services, we would appreciate it very much if you do not attempt to contact us directly. Please rest assured that we are doing everything possible to restore service to you as quickly as possible.
To the many who have inquired, Paul and family are OK, although shaken by these events. They are at home and awaiting the blessed event of their new child's birth. We thank you for your good wishes and prayers.
Please check back here often. Through this site, we will keep you informed of ongoing developments as we know them.
Thanks again for your understanding.
Steve Jackson Games (Score:4, Informative)
Doug Moen
In other news.... (Score:2, Informative)
Arcticle text:
FBI Shutters Web Host
By Rich Miller
Carrier Hotels Editor
Posted Feb 19, 2004
Print This Story
If FBI agents showed up at your data center bearing a warrant, would you be able to provide them prompt access to customer data? How long would it take?
That's an important question in the wake of an FBI raid of Columbus, Ohio hosting company CIT Hosting last Saturday. Federal agents wound up shutting down the entire operation, seizing all the company's web servers and all customer data as part of its investigation of a hacking incident.
CIT Hosting, also known as FooNet, markets itself as "the leader in the IRC and DDoS protection business for the last 5 years." The company posted a web page informing customers that its data center was shut down, and instructing customers to contact the FBI if they needed access to their files.
"The FBI executed a search warrant issued by the United States District Court for the Southern District of Ohio regarding the IRC network that we host," the company said in its statement.
IRC (Internet Relay Chat) is a live chat system that allows users to create private discussion rooms. While IRC has a lengthy history of legitimate use, it is also a medium for discreet communication between hackers. CIT said the FBI was "investigating whether someone hosted on our network hacked and attacked someone else."
"After several hours of attempting to track down, inspect and audit the terabytes of data that we host, the FBI determined that it was more efficient (from their point of view) to remove all of our servers and transport them to the FBI local laboratories for inspection," the statement continued. "The FBI has assured us that as soon as the data has been safely copied and inspected, the equipment will be promptly returned. Unfortunately, the FBI has not been able to tell us when they will be completed with their inspection."
The seizure isn't standard procedure, and there's no way to know exactly what prompted it. CIT's account suggests the FBI may have lost patience with the process. The IRC-focused nature of CIT's business may also have been a factor.
But if you're a data center operator, you want to avoid any scenario in which the FBI gets impatient and starts hauling away your servers. Just one more item on the contingency planning checklist for the times in which we live.
Re:Grass roots report (Score:3, Informative)
Informative?
Did the mod' even read the stuff pointed to- it's basically a thread of:
In otherwords just like a /. thread but without the occassional useful post!
You know... (Score:5, Informative)
It's not like I agree with this, if indeed things happened as the article state... but a quick google [google.com] on FooNet (AKA / DBA CIT [cithosting.com]) turns up some VERY interesting results.
I google'd quickly [google.com] on a hunch, and sure enough I got some [ahbl.org] rather [completewhois.com] interesting [webhostingtalk.com] hits.
I claim to know nothing about SPEWS and how they go about adding to the blacklists, but they apparently are no stranger to it.
Furthermore, it seems that this IS NOT the first run-in with the FBI that FooNet/CIT has had: from here [blogspot.com], if you scroll down a bit, you'll see the following text: The FBI executed a search warrant issued by the United States District Court for the Southern District of Ohio regarding the IRC network that we host # We regret to inform you that on Saturday February 14, 2004 at approximately 8:35 am EST, FOONET/CIT's data center in Columbus, Ohio temporarily ceased operations. And this was from Feb. 14 ...
Another incident was reported out here [aginet.com] on 07/12/03 (search the page for "foonet") ... seems that 84898 spams swamped a box, and follow-up by FooNet sucked - e.g. they turned a blind eye.
There are far too many hits to return ... if you're interested in more, you can always head here [google.com]. For now, I'll close with this: I do not agree with the methods used, if they were as described ... however, FooNet/CIT is no stranger to the FBI, and perhaps this is all rolled in to the Feb. 14th notice ... maybe the FBI actually gave them 10 days to comply... I'd really like to see how this ends.
Re:More to the story (Score:2, Informative)
According to the linked forums:
the "datacenter" is being run out of some guy's basement;
the "datacenter" housed, among other things, IRC networks of somewhat dubious (at best) value;
many boxes were claimed to be owned;
and, as part of an ongoing investigation, none of the above is possibly true.
Since the owner is forbidden to talk (probably on the advice of his lawyer, not the FBI) about what's going on, it's a little useless to speculate. So, let's not jump to conclusions.
Other reports (Score:5, Informative)
I do wonder how cooperative CIT was. After several hours of requests for the info (with a warrent) the FBI must have been riled to say "F-this-S, haul it away!". Think about how much extra work that must have been. There's more to this story, pity no news service has looked into it yet.
Re:There's gotta be more to this (Score:5, Informative)
Rumors have ben flying for quite awhile that Paul (the owner) was either involved or turned a blind eye to DDoS drones on his network. Some rumors stated that he's DDoS competitors to prove the superiority of CITHosting's DDoS hardened servers.
Seeing as this "data center" seems to have been his basement, I'd bet his (lack of) logs, records, and monitoring left the FBI little choice but to seize the whole thing. And, we can assume he was uncooperative as he may have been involved or at least knoweledgeable.
The general reputation of Foonet also seemed to be a bit on the black hat side. No doubt there may have been some legitimate customers as well, but they seem to be known more for their spammers and script kiddies (and cheap shell accounts) than for their legitimate webhosting.
All in all, it looks to me like the FBI did what it had to do to effectively process the warrant. They were evidently going after a network, not a specific machine. Unfortunately, some legitimate customers got caught up in it.
It looks like CTIHosting was recently sold, and is being moved to a new data center in Chicago. Let's hope that it comes back as a legitimate business this time. They've already stated that IRC will be down indefinitely, so that's a good sign.
Re:In response to a hacking incident? (Score:5, Informative)
Re:More to the story (Score:5, Informative)
Maybe you looked at the wrong sources
Re:How about the sustained financial damage? (Score:3, Informative)
Re:In response to a hacking incident? (Score:5, Informative)
02/23/2004 CIT re-establishes service.
Hey, look, I tried my best, by submitting this three days ago:
2004-02-21 09:18:16 FBI confisticates (sic) ISP's servers: "more efficie (articles,usa) (rejected)
and it was rejected in about thirty minutes.
Maybe I should write more sensationalistic submissions?
But seriously folks, yeah, the FBI is returning the equipment now, but how much damage was done to an innocent ISP just because the FBI couldn't figure out how to do on-site data mining?
And if searching for evidence on a computer requires the FBI to physically cart the equipment to some distant lab, I guess we just write off any expectation that they'll be able to find data quickly in an emergency -- like, just off the top of my head here, for instance, wholly unlikely I'm sure, an imminent terrorist act?
Well, maybe a business got ruined, maybe the FBI can't scan data quickly enough to stop a terrorist crime in progress, but at least we all feel safer now that arch-criminal Tommy Chong is in jail.
Re:How about the sustained financial damage? (Score:5, Informative)
Of course, that was a long time ago, these days they would probably just have sent anyone suspected of having a copy of Illuminati to Guantanamo.
Re:More to the story (Score:5, Informative)
What you do not know. (Score:1, Informative)
(FYI: I know this guy, I've spoken to him (years ago), and I know what he's about)
He traded illegal software.
He traded illegal software from the boxes he had on FOONET. (ftp site(s), bot fileservs, etc)
He supported "script kiddies" in their DoS attacks on other providers from his boxes.
He supported abusive IRC bots on several IRC networks from his boxes.
This guy is not innocent, nor can the business he owns be concidered innocent.
What you don't know in this case CAN HURT YOU. I know that many people could not know this data, but it's a fact. With this guy's reputation, it's likely the FBI felt he was purposefully delaying the dissemination of information to them.
Foonet/Creative Internet Technologies (Score:5, Informative)
Re:How about the sustained financial damage? (Score:1, Informative)
Service always did suck but hey he was cheap... now I know why.
Re:Not fast enough (Score:5, Informative)
Never. Hard drives are forensically examined by being removed from their machines and duplicated (usually using dd). No investigator would ever boot a machine which is the subject of an investigation - auto-deletion scripts are just too easy to write.
Electronic Evidence Gathering (Score:5, Informative)
The FBI cart equipment away to their premises in order to duplicate the systems and environments. If ever you get into information systems forensics, they would at least perform 2 copies. One is kept as an exact duplicate (to keep for their investigation records) and at least another to actually run analysis against (since searching on an active system can change the data stored in it).
It also makes it easier to catalog what they are working with, and prevents any interference from the outside.
Re:All Your Rights Are Belong To Ashcroft (Score:5, Informative)
Doing some simple math, with a decentish disk controller, it will take 3 hours just to stream 1TB from disk to /dev/null. That assumes that the data is perfectly sequential and that no 'analysis' (such as accessing in a filewise manner, looking for a particular name of other data within the stream, etc).
Touching the data at all will easily double that to 6 hours. Add in more time because the volume is probably archival (read slower) rather than being set up as an enterprise DB system. Add even more since the server has other things to do running the business.
Most likely, what they were after was logs. Logs tend to be optimized to be stored quickly rather than for fast access. After all, logs are being stored constantly, but unless something unexplained is going wrong, they aren't analyzed at all. When they are analyzed, it's usually one of a handful of standard reports (such as logins, changes to suid, etc) and is only done over a reletivly short span of time.
Given the above, and that there were multiple TB of data to sift, it is not even vaguely reasonable to expect a complete result in less than several days.
If this report is even vaguely factual, I sincerely hope the person who made the decision to sieze is forced to spend the remaining years of his career in the basement sifting through endless lines of:
1337 d00d> D000dZ! I R s0 1337!
To the best of my knowledge, there is no posibility of an all encompassing regular expression that can translate 1337 to english.
And the moral of the story is (Score:5, Informative)
Re:I know all about this.... (Score:3, Informative)
so unless there was a piece of scotch tape that had to be broken to take out the ide cable to the hard drive, it's impossible to know.
Re:Yes the police can seize things with a warrant (Score:2, Informative)
Foonet will probably sue the FBI and seriously you can't reasonably expect 12 people to believe that the FBI needed to confiscate all their equipment to solve an investigation into someone else.
Re:More to the story (Score:5, Informative)
Re:Not fast enough (Score:1, Informative)
You're missing lots.
Ok, so it's faster to have to unplug all of the servers, carry them out of the building, put them on a truck, drive them several (dozens?) of miles, unload them from the truck...[snip]
There is no specific information on what crime (if any) was commited, other than the fact that IRC was involved. The FBI has an obligation to preserve the evidence and analyze it in a timely manner. Preserving the evidence does not mean sitting at the console browsing hundreds of directories looking for the relevent material (and possibly stomping all over evidence, i.e. MAC times, etc.).
If a forensic image [cops.org]is needed, and the FBI is ready with mobile imaging solutions [logicube.com] (or something similar), but the company is not helpful in locating the volume to be imaged (or even logically copied), then the agents on site might very well decide that seizing all the suspect hardware is in fact more efficient. The labs have far more imaging capabilities on faster equipment.
Remember that this is a criminal investigation of some sort. The evidence (especially computer based) is volatile both with regard to data and leads that can evaporate very quickly two or three hops back (suspect tracing). The FBI cannot sit around, in many cases, waiting for sysadmins to track down which server/volume is the one the containing the proported evidence. Language covering this sort of eventuality is covered in most computer search warrants, for good reason.
There is more to the story (Score:3, Informative)
The only problem is, no one really seems to know what is going on!
Speculation on cause has ranged from DDoS attacks to having to do with the Microsoft leaked source code.
Re:In response to a hacking incident? (Score:5, Informative)
I'm sorry to break this to you all, but this hosting provider is far from innocent. This particular provider has been a PITA for the major IRC networks for a long time due to the amount of DoS drone nets being held on private ircds hosted by foonet. Good riddance, and applause to the feds for finally dealing with this.
Re:In response to a hacking incident? (Score:4, Informative)
According to the ISP's original notice, the FBI tried to access the data on site for several hours, before giving up and carting the servers to the FBI labs.
Irvingnet (Score:4, Informative)
Re:Stupid feds... (Score:3, Informative)
I'm not surprised. I had a friend that had his machine hacked and had some threats left on his machine. He had hosted some political content. He called the FBI for help and talked to a reasonable sounding agent. Then they came to inspect his computer, after about an hour of looking around they wanted to take his computer with them. They didn't ask if they could copy the drive or anything of his files, but when he balked at the request to take his computer away they started accusing him hiding child porn. They never followed up on the case after he refused to have his computer diagnosed for an indeterminate time.
My guess is that the FBI is not being evil, they are just completely unqualified to deal with crimes involving computers. The solution might be to pass a rule that they must make a copies of the hard drives on site and give the victim/host/suspect a 2nd copy of the drives in a lockbox in addition to the original. This way they can't do any funny business that takes very long, and there is another copy to prove they didn't do any tampering off site. And this way their incompetence only costs us money not additional pain for the victims of crime or FBI investigations. If we had a legitamite government at this time I might even send them a letter suggesting such a thoughtful policy.
Re:Grass roots report (Score:3, Informative)
But if you skip a few pages on you see some intersting stuff a few days later: like this [webhostingtalk.com]
No one has any clue as to what the feds were lookng for. Though apparently the hosting service was very indiscriminate with what it hosted. Probably not the hot button "terrorist" or "kiddie porn" that people keep imagining; I rather think the FBI would have been much less polite in those cases.Re:They had a warrant (Score:2, Informative)
But I can't see any way to declare that it is the US. Sorry. Just saying it is, or singing that it is, doesn't make it true.
Re:More to the story (Score:5, Informative)
Ah. That explains a lot. The anti-spam folks (including SPEWS) have been trying to bring this ISP's child-porn-spammer problem to their attention for months. It hadn't worked; the child porn stayed up on their servers and the spammers kept blasting ads for it to all and sundry -- including a very worried biologist at my site, who wanted to know why he seemed to be on some spammer's list of paedophiles?
By the time the FBI got around to investigating, the ISP had probably (as "bulletproof bulker hosting" ISPs usually do) told their spammer customer that they were taking fire. Under those circumstances, the FBI's move was probably a good one -- to keep the child-porn spammers from deleting all their files and hiding their traces.
Be more suspicious (Score:3, Informative)
I would recommend that the ISP gets all the user data (non-executable) off into storage, wipe clean, re-install everything, copy data back on...Problem is that the setup for this would be exhaustive and time-consuming. However, if there is an IRC informant tool that has been added to this (I remember slashdot articles concerning a system developed by FBI or CIA on a system to snoop) it would conflict with the ISP's promise of security and privacy...
Re:All Your Rights Are Belong To Ashcroft (Score:3, Informative)
Re:Not fast enough (Score:3, Informative)
In Europe, most governments actually show that they care for the citizens that elected them. (There is always the knee-jerk reaction that you mention to anything reminding us of Nazi Germany, but since some people that lived through the holocaust are still alive today, and being reminded of that period is unsettling for them to say the least, that's one of the few areas where I think restrictions to free speech might be justifiable.) Social security ensures that good education and health facilities are available to anyone, including the poorest. Legal protection for citizens from large commercial entities is generally OK.
On the other hand, Europe is starting to suffer more and more from the same problems the US currently has. Our governments are becoming aware that a scared citizen doesn't question its government. Privacy and freedom are things for extremists, good citizens care about safety and nothing else. Social security is being slowly broken down, and large commercial entities are gaining more and more power over government decisions.
Not just CIT / FooNet's boxes (Score:3, Informative)
Re:All Your Rights Are Belong To Ashcroft (Score:4, Informative)
LVD SCSI: 3.5 hours
U160: 1.75 hours
U320: 45 min
This is assuming maximum transmission speeds across a single bus. I would hope that TB of data would be on properly organized RAID arrays, and thus would span across multiple SCSI buses, and thus, creating a mirror of said data, while not cheap, should not take on the order of more than a couple of hours, provided hardware is available.
Place the cost of that against the cost of shutting you down, and it's pretty obvious which one you want. Then again, I'm astounded that the FBI would shut down a business.More details from the company's news page (Score:2, Informative)
They were out of business from 14 to 23 February.
When they are back, they are only providing web hosting and not IRC. So the warrant was definitely related to IRC and they decided not to be in the business again?
http://www.cithosting.com/news.htm
02/14/2004 FBI Confiscates all servers
Dear Customers of FOONET/CIT:
We regret to inform you that on Saturday February 14, 2004 at approximately 8:35 am EST, FOONET/CIT's data center in Columbus, Ohio temporarily ceased operations.
Here are the facts of what occurred:
The FBI executed a search warrant issued by the United States District Court for the Southern District of Ohio regarding the IRC network that we host. According to the warrant, it appears that the Bureau is investigating whether someone hosted on our network hacked and attacked someone else.
After several hours of attempting to track down, inspect and audit the terabytes of data that we host, the FBI determined that it was more efficient (from their point of view) to remove all of our servers and transport them to the FBI local laboratories for inspection. This was completed at 7:00 pm EST same day.
The FBI has assured us that as soon as the data has been safely copied and inspected, the equipment will be promptly returned. Unfortunately, the FBI has not been able to tell us when they will be completed with their inspection.
We have been told by the Special Agent in charge of the investigation that If you need access to your data you are asked to please contact the Bureau via email to rwhite3@leo.gov. Make sure to include in your email your name, mailing address, and telephone number with area code.
Since we wish to focus 100% of our efforts on restoring services, we would appreciate it very much if you do not attempt to contact us directly. Please rest assured that we are doing everything possible to restore service to you as quickly as possible.
To the many who have inquired, Paul and family are OK, although shaken by these events. They are at home and awaiting the blessed event of their new child's birth. We thank you for your good wishes and prayers.
Please check back here often. Through this site, we will keep you informed of ongoing developments as we know them.
Thanks again for your understanding.
02/23/2004 CIT re-establishes service.
We have restored service at Equinix's Chicago Data Centers. We are in the same facilities as MSN and many fortune 500 companies. The facility has multi OC192 connections to the backbone.
The FBI has begun retuning equipment to CIT which is being shipped to our new facilities in Chicago.
At this time CIT will continue to provide dedicated DDOS Protected web hosting only.
CIT provides reliable and scalable solutions for customers of all sizes and services. Located in Equinix's Chicago Data Centers , CIT has access to all the major carriers without the need for local loop circuits.
Our Chicago staff is focused first and foremost on customer satisfaction, and will take every action necessary to accommodate each customer. Unlike many large ISPs, CIT prides itself in its ability to provide personalized service to each customer - if a customer calls twice for assistance, they can usually speak to the same representative. Our sales and support teams are allowed a great deal of flexibility to work together to resolve each customer's needs on an individual basis. Our success and rapid growth can be attributed to the satisfaction of our customers - word-of-mouth referrals account for a large portion of the new business we receive each month.
The IRC Network will remain down until further notice.
Re:In response to a hacking incident? (Score:4, Informative)
I'm sure that it's also quite hard on some of the clients. Depending on the business you are in being offline for over a week can be quite a stress on the business. The smart ones will have their own backups and will find another data centre to get them back online, but the odds of them switching back, I think, would be very slim.
Their equipment is being returned right now (Score:3, Informative)
From their site [cithosting.com]:
The rest of the page is chaff about who the company is, and things already quoted here.
This puts the downtime they experienced at about 2 weeks - which must have been very disruptive to their business, but not in line with most "the FBI is here" horror stories. Though I understand the FBI agents in this case not wanting to be any more disruptive than they have to be, it is incompetent of the FBI as an organization to not have a more unitrusive means of auditing large datahouses unannounced - although the companies they arrive at cannot possibly be prepared, the FBI must anticipate this frequent eventuality.A bit of behind the scene information (Score:5, Informative)
I know the Ashcroft-obsessed crowd will drown out this message, but I will say it anyway.
foo.net has, for the longest time, been protecting carders. They've been told so, repeatedly, by the anti-spam community and weaseled. My suspicion at this point is that either they are actively involved and/or some of their members are involved. FBI methods aside, foo.net isn't the innocent-victim they would have you believe.
Re:um... (Score:2, Informative)
Wow, where did you get that line of crap from? Any evidence discovered in the execution of a legally issued and legally executed search warrant is admissable in *any* court proceeding. If you stashed your kiddie porn in your employer's filing cabinets, who was coincidentally being searched for evidence of financial fraud, you'd better believe that they are admissable. As long as the warrant covers the area being searched, it's fair game.
And yes, I have first-hand experience with search warrants and their execution.
This is not a bad thing... (Score:5, Informative)
I run a large text based chat server (IRC), and as such we see frequent (D)DoS attacks. Far too many of these attacks in some way lead back to Foonet. It's even rumored that some of their employees harvest and sell Denial of Service drone networks... how's that for service! Since Foonet was raided a week and a half ago, we've seen maybe 25% of the DDoS attacks that we reguarly receive.
Bottom line... don't target "kiddies" as your primary customer base, and don't tolerate their abuse and things like this will not happen. But hey, what do I know.
Re:There's gotta be more to this (Score:3, Informative)
Instead, they confiscate everything and make you wait months or years to get it back, if you ever do.
Re:All Your Rights Are Belong To Ashcroft (Score:4, Informative)
Re:All Your Rights Are Belong To Ashcroft (Score:2, Informative)
Unfortuantly, neither of these are true. Due process is removed when a legal warrent has been disclosed. Also, the 4th amendment, search and siezure, is only disallowed when there is no warrent.
Oh, foonet? (IRC transcript) (Score:1, Informative)
would post the text, but the line length daemon sez no way %-)
Re:All Your Rights Are Belong To Ashcroft (Score:2, Informative)
Take a linguistics course. Learn how languages evolve and why they evolve in the distinct patterns that they do.
Language is always undergoing change. The only reason that style books need to be updated is to accommodate that. There is still debate going on about whether to introduce a gender-neutral third-person singular term, or if "they" or "s/he" or something else is acceptable. Google it for several impassioned pages.
So if it shows up in one of your style books, will you then correct everyone on it?
Is the actual court order available? (Score:4, Informative)
Unless the hosting service itself is involved in criminal acts, it is unlawful [cornell.edu] for the FBI to request a search or seizure of "work product materials possessed by a person reasonably believed to have a purpose to disseminate to the public a newspaper, book, broadcast, or other similar form of public communication, in or affecting interstate or foreign commerce". This includes hosting services; that was established in the Steve Jackson Games [eff.org] case. The service itself, not its users, has to be engaged in criminal activities before search and seizure can take place.
The FBI is usually quite careful about this, having been publicly embarassed in the Steve Jackson Games case. So the question is whether there are criminal charges against the hosting service.
Re:All Your Rights Are Belong To Ashcroft (Score:5, Informative)
I think his point was that the warrant didn't cover the other few dozen customers who also had data on these hard drives/arrays.
If the cops come busting into my local gym because somebody told them that Locker #514 has dope in it and they have a warrant to search said locker can they seize the entire bank of lockers because the owner couldn't find the key in time? Could they then charge me (the user of locker #515) if they found something incriminating in my locker when they never had permission to search it in the first place?
Think about it along those lines. What if they found pirated software (or god forbid the MS Source Code) or kiddie porn on an account that they weren't interested in and didn't have a warrant for? Can they then charge that guy or open an investigation?
Re:All Your Rights Are Belong To Ashcroft (Score:2, Informative)
They can't collect evidence relating to anything but the warrant, but that doesn't stop them from getting a another warrant. "Fishing Expeditions" are illegal meaning, they can't just seize things and search randomly. Warrants are usually pretty specific as to what you can look for.
Re:All Your Rights Are Belong To Ashcroft (Score:4, Informative)
DoD SOP (Score:1, Informative)
They aren't required to give it back either.
Good for the feds! (Score:2, Informative)