Forgot your password?
typodupeerror
The Courts Government Privacy The Internet United States News Your Rights Online

'Full-Pipe' FBI Internet Monitoring Questionably Legal 211

Posted by Zonk
from the frag-em-all-sort-em-out-later dept.
CNet is running a piece looking at what they refer to as a 'questionably legal' internet surveillance technique being employed by the FBI. In situations where isolating a specific IP address for a suspect is not possible, the FBI has taken to 'full-pipe' surveillance: all activity for a bank of IPs is recorded, and then data mining is used to attempt to isolate their target. The questionable legality of this situation results from a requirement that, under federal law, the FBI is required to use 'minimization'. The article describes it this way: "Federal law says that agents must 'minimize the interception of communications not otherwise subject to interception' and keep the supervising judge informed of what's happening. Minimization is designed to provide at least a modicum of privacy by limiting police eavesdropping on innocuous conversations." Full-pipe surveillance would seem to abandon that principle in favor of getting to the target faster.
This discussion has been archived. No new comments can be posted.

'Full-Pipe' FBI Internet Monitoring Questionably Legal

Comments Filter:
  • by mfh (56) on Tuesday January 30, 2007 @11:57AM (#17814440) Journal
    RTFA people.

    It's employed when police have obtained a court order and an Internet service provider can't "isolate the particular person or IP address" because of technical constraints
    This extends the police's right to examine a crime scene, only. They have to be looking for someone, for a particular case and anything they find is bound to the rules surrounding that action.

    If you're doing something wrong, and they happen to catch you because they were looking for someone else -- then you shouldn't have been doing whatever it was you were doing.

    That's fair.

    What this means is that there are circumstances when ISPs cannot isolate IP addys or individuals, then it's ok to sniff the whole pipe. Why not? Why should the cops have to pussyfoot around BS red tape just to do their jobs?

    Now if they do this when they had the opportunity to perform IP isolation calls properly -- then we have to apply a sober and proportionate response to that kind of human rights abuse. And that means we the people will have to have the particulars behind such cases when this method is employed, in full detail. Do you think we'll get it?
    • by d3ac0n (715594) on Tuesday January 30, 2007 @12:03PM (#17814520)
      I was about to say the same thing.

      If they are UNABLE to isolate the IP addy, but they have a good idea which ISP it's coming from , then doing a "full pipe" exam would be the logical next step, and the smallest step they could take. This would fit into the "minimalize" concept. I don't see what the big deal is here.

      Now, if they were doing "Full Pipe" exams without CAUSE (IE: just out fishing to see what they can catch) then I would have a problem with that. But with cause, this is perfectly legit and appropriate.
      • Re: (Score:2, Insightful)

        by Nitage (1010087)

        If they are UNABLE to isolate the IP addy, but they have a good idea which ISP it's coming from , then doing a "full pipe" exam would be the logical next step
        If they are unable to isolate the perpetrator of a crime, then the next logical step would be to imprison all the suspects.
      • by PopeRatzo (965947) * on Tuesday January 30, 2007 @01:31PM (#17815886) Homepage Journal
        Sometimes, living in a free society makes it harder on law enforcement. There are certain prices we pay for liberty and this is one of them. Taxes are another price we pay for a civilization based on personal freedom. The "hassle" of following the Constitution and not just summarily executing bad guys that we KNOW are bad guys is another.

        I'm sure it's a drag for police to have to get a warrant when they know someone is doing something illegal in their house. I'm sure the FBI gets very frustrated when they have to provide a judge with affidavits of Probable Cause when they KNOW that the bad guys are using phones to do bad things, just so they can put up a wire tap.

        And it's a hell of a lot more than just a little hassle when our own freedoms allow really really bad guys to plan and execute a terrorist attack where thousands are killed. But it may turn out that too, is the price of living in a free society, God help us.

        I know that as I sit in my neighborhood coffee shop, someone with a bomb strapped to their body could walk in and blow me to bits. I watched as fellow Americans (and a lot of innocent non-Americans) lost their lives on September 11, more than 5 years ago.

        But I refuse to live my life in fear. And I absolutely refuse to give up one single bit of my liberty to make it easier for law enforcement to do their jobs, or to make it more convenient for our government to govern, or even to ensure that I can walk down the street without the fear of something bad happening to me. That's how important liberty is to me - more important than my security.

        I see fear making a lot of people willing to live less like Americans and more like the residents of a gated community or the inmates of a prison. I mean, it's not really that bad if officials have to ask us to show papers on the street - not if it makes us safer. And it's not really that bad if someone in the Federal Government has to read my mail without my permission. And it's not really all that bad if the FBI has to sniff my packets because someone, somewhere else on the internet is doing something wrong. After all if you're not doing anything wrong, you don't have to worry.

        There a lot of people who have been convinced - we see them around here - that all those little freedoms just aren't worth having to be afraid. These people have wandered very far from the principles that made the US unique in the world and a beacon of freedom to those who live in safe places where they don't fear terrorists, or pornographers, or child molestors. Those people only have to fear their own government.

        I'm not willing to trade, and I'm not willing to give up my freedom. I would really, honestly rather die a free man than live under tyranny. I don't blame those of you who have become so scared that you've convinced yourselves it's OK to be watched, because you're not doing anything wrong. But I absolutely pity you. It must be hell to be so afraid.

        But that's just the kind of hairpin I am.

        • by jafac (1449)
          Hooray for you - we all (apparently) need to be re-taught: Fascists Are Cowards. (or closet opportunists).
    • by eln (21727) on Tuesday January 30, 2007 @12:03PM (#17814524) Homepage
      If you're doing something wrong, and they happen to catch you because they were looking for someone else -- then you shouldn't have been doing whatever it was you were doing.

      That's fair.


      No, it isn't fair, it's unconstitutional. Any evidence gained in this way should not be admissible in court or be allowed to be used to gain further evidence. Saying "if you were doing something wrong, you deserved it" is the same as saying "if you aren't doing anything wrong, you have nothing to hide." Both of these arguments are just dead wrong.

      If the FBI has a tap on your neighbor's phone, they can't tap your phone and listen to your conversations too just because they happen to be in the neighborhood.

      • by d3ac0n (715594)
        While I agree that collecting "side evidence" from a "full pipe" exam is wrong, and probably inadmissible in court, it is NOT "Unconstitutional".

        Unlawful, most likely. Unprincipled, absolutely. Unconstitutional, no.
        • by Who235 (959706) <secretagentx9.cia@com> on Tuesday January 30, 2007 @12:19PM (#17814732)

          The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.
          How many clauses in there can you count that have direct application to this matter?

          People, we really need to go back to teaching Government and Civics in high school. There are some people here who have been left behind.
          • Re: (Score:3, Insightful)

            by d3ac0n (715594)
            Gah!

            You're right. 4th Amendment to the Constitution. I need to re-read my copy again.
            • Re: (Score:3, Insightful)

              by Who235 (959706)

              I need to re-read my copy again.
              Don't worry, you're not alone.

              We all need to have a look at it from time to time.
              • Homework: read this
                http://www.law.cornell.edu/constitution/constituti on.overview.html [cornell.edu]

                Amendment in question:

                Amendment IV

                The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no warrants shall issue, but upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.

                I've done a lot of reading of the constitution and the US

          • by Thansal (999464) on Tuesday January 30, 2007 @12:51PM (#17815228)
            See, the problem is that you could easily interpert that (with out stretchign it much) to fit full pipe:

            particularly describing the place to be searched
            They have done that. They know the problem is with in this range of IPs, however they can not narow it down because the ISP can not help them with it.

            and the persons or things to be seized
            This is where it is sorta tricky. This part has been interpereted to say that anytihng found durign a reasonable execution (aka, no searchign in pill bottles for stollen TVs) of a warrent is admissable.
            So if they only need to be checking web pages visited, and they start sniffing P2P traffic, that should be inadmissable, however if they fidn something durring a reasonable execution of the warrent, then it would be.

            Note, I am not sayign I am for or against this as I honestly don't have enoguh information on it. I lean away from it as it DOES look like it is way to much of an invassion of privacy, but I can't say 100%.

            The big deal for me is how the heck could an ISP NOT be able to tell you what IP you need to look at?
            If you have the name/house/whatever the ISP should easily be able to pull up what IP(s) that person/place currently has assigned to them.
            If you are working back from an IP you found doing something illegal, then the ISP should know who that IP was assigned to at the given time, and give you the current IP (assuming non-static).
            I don't really like the ISPs trackign what we are doing and when, but I know they are, so why would this 'full pipe' warrent ever show up?
            • by hhghghghh (871641)
              This is where it is sorta tricky. This part has been interpereted to say that anytihng found durign a reasonable execution (aka, no searchign in pill bottles for stollen TVs) of a warrent is admissable. The rule for physical searches is "in plain sight". If the police are searching your home for, say, a fugitive, and you have a bong on your table, that's in plain sight. Data mining is the exact opposite. It's taking a microscope to any minute detail you can find, but strip-searching not just an individual
              • by Thansal (999464)
                You are correct about plain sight, however plain sight often gets people messed up with the idea that you can't open stuff up. For instance, if I am looking for drugs, and I find AP bullets (those are illegal, aren't they?) in pill bottles, then it is admissable.

                As for datamining to strip searching:
                One of the precedents is that warrents are supposed to cover the smallest area possible (Searchign house? garage? office? what?), and what you are lookign for exactly. Datamining CAN be done as a strip search (
                • by QCompson (675963)

                  Also, the argument over searchign one house (taping one IP) vs an entire street (an IP Block) does not work all that well. The idea is that they have a court order for the ISP to turn over the IP, however for some reason (I can't come up with a hypothetical that covers it) the ISP can (not will) NOT give out the IP. At that point they would be alowed to do a 'full pipe' search (however, even if this is legal, I still think that the datamining should be limited in scope).

                  I'm confused as to why that argumen

                  • Re: (Score:3, Informative)

                    by Thansal (999464)
                    If they can get a warrent that says so, then yes.

                    It does not actualy violate the constitution. The constitution just says that a warrent must be :particularly describing the place to be searched. Of course precedent (and possibly even law, though I am not sure) says you can't do this.

                    The thing being is that I finaly actualy reread tfa and it says NOTHING about warrents, jsut that they are doign this b/c they can, and THAT is unconstitutional.
          • Re: (Score:3, Funny)

            by pilgrim23 (716938)
            This reminds me of the new product I was thinking of releasing into the Washington DC market:
            Bill of Rights Toilet Paper with all 10 printed on each sheet. I bet I would....clean up ;)
      • by smooth wombat (796938) on Tuesday January 30, 2007 @12:29PM (#17814908) Homepage Journal
        No, it isn't fair, it's unconstitutional.


        No, it's not. It's called the plain view exception and has been found to be completely constitutional. I refer you to this page [cybercrime.gov] from the Justice Department (ok, no snickers) which references Horton v. California, 496 U.S. 128 (1990).

        The relevant part is as follows:

        To rely on this exception, the agent must be in a lawful position to observe and access the evidence, and its incriminating character must be immediately apparent.

        How this exception would apply in the current situation will be up for debate but the exception of an officer finding evidence of another crime, while executing a search warrant for a different crime, is fully constitutional. For a further reading of just this subject, see Danny Weitzner's comments [w3.org] with a much more detailed discussion of the plain view exception.

        What, you expect the cops to ignore the dead body missing its arms lying in the back room because they were only looking for the stash of cocaine in the house?

        • by QCompson (675963) on Tuesday January 30, 2007 @01:44PM (#17816154)

          What, you expect the cops to ignore the dead body missing its arms lying in the back room because they were only looking for the stash of cocaine in the house?
          I think you are way off base. This seems more akin to having the police executing a warrant on the wrong house and finding a stash of cocaine. Which would be thrown out of court.

          the agent must be in a lawful position to observe and access the evidence
          Here is the problem. Is it lawful (constitutionally permissible) to search through many innocent people's private information in order to find who they are looking for? If a cop suspects that someone in your neighborhood is dealing cocaine, is it legal for them to search through every house, busting all unintended targets for any illegalities along the way? Police are supposed to narrowly tailor their search for suspects.

               
          • This seems more akin to having the police executing a warrant on the wrong house and finding a stash of cocaine. Which would be thrown out of court.

            No it wouldn't. This would fall under the plain view exception. Even though the police were in the wrong place, they were excecuting a legal warrant and recognized the object of a crime in plain view. There are numerous cases out there where police enter the wrong house or apartment, find evidence of a crime in that wrong location and all the evidence se

            • In case anyone was interested about the garbage or communal dumpster issue, please see this link [skepticfiles.org] (federal) and this link [state.nc.us] (North Carolina).
            • by QCompson (675963)

              Even though the police were in the wrong place, they were excecuting a legal warrant

              They weren't executing a legal warrant if they were at the wrong place. If the cops have a warrant for 201 Jackson Street, they can't bust into 205 Jackson Street, find cocaine in a bathroom, and start busting the residents (or rather, they can, but it would be thrown out). If the police make a mistake on a warrant application in "good faith" then evidence will likely be held admissible (for example, they really meant to

              • If the police make a mistake on a warrant application in "good faith" then evidence will likely be held admissible

                That is what I was getting at, not that they could go into the house next door, deliberately, and use any evidence found therein.

                As far as the dumpster analogy, while we're not throwing away our pieces of electronic information, we are using a communal source.

                Maybe a better analogy would be if police had a tip that a silver Honda Civic was going to be on a certain road and it would

                • by QCompson (675963)
                  All the cops have is an ip range. No other information. Wouldn't a more fitting analogy be that the cops get a tip that a car filled with drugs would be on a certain 5-lane highway (no other information)? They then proceed to start searching every car that passes, hoping to find the one with drugs.
            • by QCompson (675963)
              You seem to like throwing out links, so here's one for you:

              http://www.law.cornell.edu/supct/html/historics/US SC_CR_0455_0001_ZD.html [cornell.edu]

              Still good law. Here's a taste: "Coolidge emphasized that the plain view doctrine applies only after a lawful search is in progress or the officer was otherwise legally present at the place of the seizure."
              • by QCompson (675963)
                Oops... meant to link to the main opinion, not the dissent. Oh well. The point is, plain view doesn't apply when the cops aren't supposed to be there in the first place.
              • This case, while a plain view case, is completely different than police relying on a warrant but being in the wrong place and seeing evidence of a crime. To use your previous example, if the wrong address was put on a warrant, and the police relied on that information, then any evidence of a crime at that wrong address could be used. That would (or should) fall under the good faith exception.

                In the case you sited, the cop admitted he only entered the apartment to confirm what he saw through the window, no
                • by QCompson (675963)

                  To use your previous example, if the wrong address was put on a warrant, and the police relied on that information, then any evidence of a crime at that wrong address could be used. That would (or should) fall under the good faith exception.

                  I disagree. Searching the wrong house, with no probable cause to do so, would not lead to admissible evidence.

                  Just to be clear: cops stake out a house (201 Jackson Street), and have probable cause to believe that drugs are being sold on the premises. They fill out

        • Uhh, examining every packet of my internet traffic while a warrant only covers the guy down the street is in no way "plain view". There would need to be extensive analysis that's well outside of the purpose of the original investigation. That's kind of the point of requiring a warrant to view traffic. Anything they get that's not related to the person on the warrant shouldn't be looked at, and if it is, it should be tossed out. No, it's not perfect that some particularly nasty crimes might go unpunished, bu
      • by FlopEJoe (784551)

        Saying "if you were doing something wrong, you deserved it" is the same as saying "if you aren't doing anything wrong, you have nothing to hide."

        Not really. In the first case the person is doing something wrong and in the second case they aren't.

      • "If the FBI has a tap on your neighbor's phone, they can't tap your phone and listen to your conversations too just because they happen to be in the neighborhood.
        "

        Considering how easy it would be to plug a cordless phone into your neighbors house, or just run a wire.. It's kind of scary but I could see the fbi justifying tapping a neighborhood like that.
      • by DeadboltX (751907)
        It works the other way also.
        If police arrive at a store to pick up a shoplifting kid and the cop happens to notice a guy walking around the store with a gun sticking out of his pocket then obviously the cop is going to do something about it and not just say "oh I wasn't looking for a gun robber so I'll just take this shop lifting kid and leave that guy to his business"
      • by Agripa (139780)
        If the FBI has a tap on your neighbor's phone, they can't tap your phone and listen to your conversations too just because they happen to be in the neighborhood.

        But if your neighbor's phone was multiplexed with yours in such a way that it was not possible to tap one without tapping the other they would be permitted to tap both. If it is not possible for them to monitor the specific IP without monitoring an entire subnet (which seems odd to me unless the tap was on something other then ethernet) then they c
    • I cannot in vision any scenario in which an ISP is incapable of isolating a single customers traffic.

      At the most basic level the physical connection could be intercepted.

      Thus they are not making a reasonable effort to minimize the scope of the tapping and are breaking the law.
      • by phayes (202222)

        I cannot in vision any scenario in which an ISP is incapable of isolating a single customers traffic.

        Then "envision" a small ISP without the resources needed to setup the requisite surveillance connected to a larger ISP which can lets the feds sniff the whole pipe to the smaller ISP.

        • by terrymr (316118)
          They don't have "tcpdump -w " ?

          Maybe they shouldn't run an ISP on windows then.
          • by terrymr (316118)
            should have previewed ... lost some of my parameters to tcodump - but the point is still the same.
    • If you're doing something wrong

      Yes, because obviously if I'm having a discussion about the latest terrorist attack and because the feds only pick up parts of the conversation about bombs and killing people due to their "grab everything, data mine for anything that looks criminal" practice, I must be a terrorist.

      What this means is that there are circumstances when ISPs cannot isolate IP addys or individuals

      Is that so? Personally, I find that rather amazing, how would such an ISP manage to bill anyone?

      And th
    • While I'm not inherently subject to these laws/conditions, living in the UK, I can't see that they're in any way fair or balanced. If it's not possible to isolate the IP traffic of one particular individual I can't see that it's fair to violate the privacy of everyone else that happens to be in that pipe. I seem to recall reading that law/criminal justice is based on the presumption of innocence (naive, perhaps, but it seems to be the predicate...I could be wrong, of course, given current developments).

      W

    • One concern is how long do they retain this information, and how much of the "full pipe" do they save? If they isolate the information they are looking for, and then discard the rest, then that is fine. I can even see an argument for keeping additional data in escrow, in the event that further research is necessary.

      However, if they retain the data and then perform new searches, then (IMHO) they are crossing the line. Considering what has happened in the past, there are reasons to be suspicious of the

    • This extends the police's right to examine a crime scene, only. They have to be looking for someone, for a particular case and anything they find is bound to the rules surrounding that action.

      If you're doing something wrong, and they happen to catch you because they were looking for someone else -- then you shouldn't have been doing whatever it was you were doing.

      That's fair.
      I agree that the summary is misleading, sensationalized even, but I don't agree that it is fair. I think a fair, if fictional, analogy in this case would be if police had a warrant to search a house in my neighbourhood looking for evidence of a crime, but since they only knew what block the house was on, they were permitted to search all the houses on my block. In that case, only evidence which actually applied to the crime being investigated should be usable. Suppose that I am a criminal, unrelated to the criminal activity that the police are investigating. They search my house and find some evidence that they weren't looking for. It doesn't seem fair for that evidence to be admissible in court, and I think they should require a new warrant to search for that evidence in a separate investigation. In that case, the investigators actually lose because I would have a chance to destroy the evidence before the second warrant is produced. In the Internet case, people don't even know when their traffic is being watched.

      The rules don't change just because someone in your neighbourhood or netblock may have committed a crime that is being investigated by the FBI, and that is the danger here. Just because I'm not a criminal doesn't mean that I want authorities snooping through my garbage. I know we're already far down the slippery slope, but we need to hold on to whatever freedoms we have left.
      • It doesn't seem fair for that evidence to be admissible in court, and I think they should require a new warrant to search for that evidence in a separate investigation.

        Furthermore, they cannot use evidence gathered in the inadmissible investigation as justification for the warranted search of your property, unless that evidence was in plain sight from a public area.

        I think the quasi-legal (IANAL) argument for justifying the admissibility of incidentally garnered evidence of a crime not covered by the o

      • Suppose that I am a criminal, unrelated to the criminal activity that the police are investigating. They search my house and find some evidence that they weren't looking for.

        But that's not a good analogy. First, let go of the notion of the police not knowing what house someone/thing is in, and yet somehow getting a warrant anyway - that's not going to happen. To make your analogy mean anything, a judge would have to issue a search warrant for your whole neighborhood. On the other hand, you have the very
    • Re: (Score:3, Informative)

      by Daemonstar (84116)
      One of the problems with searching an Internet pipe is that the conventional methods and doctrines for search warrants don't apply easily or at all (i.e.: plain view doctrine). Search warrants have to be specific as to what the officers are looking for.

      Example: if the search warrant is for a TV, and the officers look in a desk drawer and find kiddy porn, they can't take it. Now, what will probably happen is some of the officers will stay there (or close by) while another tries to get another warrant (w
    • What this means is that there are circumstances when ISPs cannot isolate IP addys or individuals, then it's ok to sniff the whole pipe. Why not? Why should the cops have to pussyfoot around BS red tape just to do their jobs?

      It is called a wiretap for a reason. There is no technical reason why the actual wire or cable going to the actual house or business couldn't be tapped directly, by connecting some hardware to the line just as they used to. This new technique is about convenience not necessity.

      Quite frankly, I want individual wiretaps to require at least some individual physical effort and expense so that police have to make the decision of whether it is worth it or not.

    • Firstly, wrong is in the eye of the beholder. Illegal is formally defined by law, although lately the definitions seem to be less precise than they should be. If the beholder has power over you, their definition of wrong can be deadly. Secondly, this is the FBI (i.e. federal government) we're talking about. So how long do they keep the data? Do they get rid of any data that ISN'T related to their target? And even if they say they do, can you TRUST that they do (consider while you formulate your answer
    • If you're doing something wrong, and they happen to catch you because they were looking for someone else -- then you shouldn't have been doing whatever it was you were doing.

      Whether you are doing something wrong is not the point. The point is that having police search your house because they're looking for someone else in the general area tramples your rights. That search is oppressive in and of itself.

      A full-pipe search is like a house-to-house search in that respect. It is justified in only the most e

    • Why should the cops have to pussyfoot around BS red tape just to do their jobs?

      Because they've been shown to abuse their powers in the past when their capabilities were less constrained. There are very good reasons for that red tape, as we will discover (again) should it ever be removed.

    • >This extends the police's right to examine a crime scene, only.

      It extends their power beyond examining a crime scene, permitting them to examine anything that might be a crime scene.

      Unless the full-pipe records are held in escrow by someone independent of law enforcement, and unless courts enforce restrictions on what queries law enforcement can make of the escrow agent, then this is exactly the kind of driftnet surveillance that a free society won't allow.

      >BS red tape

      Nope: just a fundamental human r
    • Why should the cops have to pussyfoot around BS red tape just to do their jobs?

      Well, because part of their job is to pussyfood around BS red tape. It goes by many names, but the most popular one is 'due process'.

    • This extends the police's right to examine a crime scene, only. They have to be looking for someone, for a particular case and anything they find is bound to the rules surrounding that action.

      So far So Good.

      If you're doing something wrong, and they happen to catch you because they were looking for someone else -- then you shouldn't have been doing whatever it was you were doing.

      Wow, So if the cops are chasing a suspected murderer and pull over every blue car on the road, they can arrest every person

    • If you're doing something wrong, and they happen to catch you because they were looking for someone else -- then you shouldn't have been doing whatever it was you were doing.

      If I'm doing something wrong and they catch me with one of these broad warrants, then too bad. We have rules against open ended warrants for a reason - if you can't limit what you're searching, then you had damn well better limit what can be done with what you find.

      What this means is that there are circumstances when ISPs cannot is

  • depends.... (Score:5, Interesting)

    by Scudsucker (17617) on Tuesday January 30, 2007 @12:02PM (#17814508) Homepage Journal
    If they only keep evidence found on the target (providing of course that they have a warrant of course) it might not be so bad. But somehow I doubt that will be the case though...say you and your neighbor both use municipal wireless, and your neighbor is into kiddie porn. The FBI collects all the traffic from your access point, and busts your neighbor for the kiddie porn - but also nails you for copyright infringment for downloading music or movies.
  • "...In situations where isolating a specific IP address for a suspect is not possible,..."

    They have minimized the amount of data required to collect to preform their surveillance by limiting the block of IPs.

  • by arkham6 (24514) on Tuesday January 30, 2007 @12:07PM (#17814560)
    I am trying to think of a technical limitation where they could not be able to isolate an IP, or more specificaly, a MAC address. Can someone point out some? Maybe between two border routers or something?
    • by d3ac0n (715594) on Tuesday January 30, 2007 @12:21PM (#17814784)
      Many ISPs in the U.S. use an IP addressing scheme called "Multinetting" (I'm not certain if that's the correct term, it's just the one I learned for it) Whereby they create multiple virtual IP networks behind one router. This allows them to dynamically expand their network without having to deploy thousands of high-end routers for their network as they expand. As most ISPs also dynamically assign IP's in their network, this allows them great flexibility of network topology.

      The downside is that it's somewhat difficult to tie an IP down to a specific MAC address. Most times the best you can do is find the block (or blocks) of IP's assigned to a given area. For example: let's say that the FBI has a hostname, but no IP. The hostname will often have the region or township name in it. If the FBI provides that to the ISP, the ISP will be able to say "That area uses these IP blocks." and then the FBI would have to monitor ALL those blocks to try and separate the suspect's individual IP from all the other innocent people's IPs.

      The really tricky part is where the Subpoena comes in. If it's really general IE: it allows them to monitor for "suspicious activity", then it could be used as a virtual dragnet, pulling in lots of people unrelated to the original investigation. However, Judges understand this and will usually issue a very specific subpoena so that they can avoid such a "dragnet" situation.
      • Re: (Score:2, Funny)

        by MentlFlos (7345)

        For example: let's say that the FBI has a hostname, but no IP. The hostname will often have the region or township name in it. If the FBI provides that to the ISP, the ISP will be able to say "That area uses these IP blocks." and then the FBI would have to monitor ALL those blocks to try and separate the suspect's individual IP from all the other innocent people's IPs.
        ...or they can just use nslookup
        • by d3ac0n (715594)
          Nslookup isn't always helpful in a case such as this due to the fact that these IP's are DYNAMICALLY assigned. In other words, the hostname at the time of the crime may have been assigned to a different IP than at the time of the investigation. Nslookup alone would only provide circumstantial evidence. The FBI or other authorities would need to collect more evidence, and they would need a good hard lock on the suspect's PC. This might require the short-term, monitoring of a block of IP's that the suspec
    • Re: (Score:2, Insightful)

      by Short Circuit (52384) *
      Proxy servers and virtual networks like Gnutella and Freenet. You'd need special tools to parse and analyze such data, and your suspect may only be bouncing traffic off of the ISP's customer.
    • by AK Marc (707885)
      I am trying to think of a technical limitation where they could not be able to isolate an IP, or more specificaly, a MAC address. Can someone point out some? Maybe between two border routers or something?

      That's easy. They know that someone accessed kiddie porn at www.illegalunderagekids.com from 12.1.1.15 at 12:31 p.m. on June 1 2006. Of course, they look up the class-A for 12.0.0.0 and find that it belongs to AT&T. They send over a warrant/subpoena for the name of the person on that IP at that tim
    • At the ISP where I used to work, we used radius to assign IP addresses to our customers. We could almost always look in our logs to match an IP address, date and time stamp to a user's account.

      Note that I said "almost always". Radius uses UDP to transmit the log information, so it is possible for a log entry not to make it to our logging servers, since UDP doesn't track state. While modern IP networks are pretty reliable, excrement occurs, and once in a while, we wouldn't have an entry in ou
  • by MikeRT (947531) on Tuesday January 30, 2007 @12:14PM (#17814672) Homepage
    It's easy to find people who have unsecured wireless. Those cheap routers don't keep detailed log information about who is connecting to them. It's a law enforcement nightmare and I'm surprised that the FBI hasn't gotten very gungho about punishing people for not securing wireless connections. We're reaching a point where it can be all but impossible [codemonkeyramblings.com] to determine whether or not the person is guilty of a crime until the humiliating arrest and prosecution. In some cases it's trojans, others it could be open wireless. Law enforcement still hasn't grasped the delicacy of the situation. You can tell from their tactics. If they did, they'd understand how easy it is today for computers to be hijacked such that there is no way to plausibly determine prima facie who really is doing it, even if they have the IP address it seems to be coming from.
    • Re: (Score:3, Funny)

      by Cheesey (70139)
      Indeed. It seems to me now that shutting down all insecured wireless is an essentially impossible task. It's so widespread. Most people don't know that they should even consider securing their access points, let alone how to actually do it. Even if there was a major campaign to get everyone to close up their access point, many people would assume that it didn't apply to them, or they'd do it badly (e.g. with WEP), or they would turn it off after having trouble using it themselves.

      So if anyone ever wants to
    • by QCompson (675963)
      Bit off topic, but that case mentioned in your blog (I think it was covered on slashdot too) is very, very disturbing.

      a sixteen year old faced 90 years for allegedly possessing nine "sexually suggestive pictures of minors"
      90 years for 9 "sexually suggestive" pictures. Wow. What is also disturbing is that courts have ruled (I'm too lazy to link) that penalties such as this are not "cruel and unusual".
    • Re: (Score:2, Insightful)

      by psydeshow (154300)
      Or to put it another way, how long before they figure out that digital communication can be ruthlessly spoofed, and decide to ignore it altogether as a means of evidence?

      Or perhaps they'll just make us all digitally sign our packets using the RFID chips implanted in our armpits at birth...

      Sounds radical, but it's not. You just plain cannot tell who or what generated any given packet on a network. There's no fingerprint, or carbon dating, or scent for the bloodhounds. A forged packet looks, sounds, tastes, s
  • by mikelieman (35628) on Tuesday January 30, 2007 @12:20PM (#17814748) Homepage
    "The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized."

    Well, since sniffing the whole pipe on it's face violates:

    "Particularly describing the place to be searched, and the persons or things to be seized".

    I would say, that once again, the FBI is overstepping it's lawfully delegated powers.

    In other news, the sky is blue...

    • by AK Marc (707885) on Tuesday January 30, 2007 @01:45PM (#17816172)
      Well, since sniffing the whole pipe on it's face violates:
      "Particularly describing the place to be searched, and the persons or things to be seized".


      How does it violate it?
      What to be searched is described: All of the class C that the suspect can get a DHCP address from.
      The person is explicitly identified, even though often John-Doe'd because the identity isn't yet known.
      The things to be siezed are explicitly listed: All packets from John Doe.

      It fits the definition under the Constitution as you listed. What the issues are are irrelevant to that part. The FBI is required to not get more than they must. If there is a practical way to get just the person they are looking for's packets, then they are breaking the law. If there isn't a technically available solution, then they are within the law.

      Of course, you can also debate whether John Doe warrants/subpoenas are legal, but that too seems to be a separate issue from what you brought up.
      • by mikelieman (35628)
        "How does it violate it?
        What to be searched is described: All of the class C that the suspect can get a DHCP address from."

        You left off the word PARTICULARLY.

        particular (pr-tk'y-lr, p-tk'-) pronunciation
        adj.

        1. Of, belonging to, or associated with a specific person, group, thing, or category; not general or universal: has a particular preference for Chinese art.
        2. Separate and distinct from others of the same group, category, or nature: made an exception in this pa
        • by AK Marc (707885)
          You left off the word PARTICULARLY.

          Because it was unnecessary. They are describing the smallest and most "particular" specifiable area they know contains the suspect. If a warrant were to be ordered to nab me at work, it would include the capability of examining the entire area, annoying as many people as looking in a class C for a single user, in order to get me or determine I was not on the premises. If I had a note on my desk, "gone to the bathroom" do you think that the police wouldn't be allowed t
          • by mikelieman (35628)
            >> You left off the word PARTICULARLY.

            "Because it was unnecessary. They are describing the smallest and most "particular" specifiable area they know contains the suspect. If a warrant were to be ordered to nab me at work, it would include the capability of examining the entire area"

            I think you are confusing an ARREST WARRANT with a SEARCH WARRANT.

            That said, My person, papers and communications are protected in exactly that case. They may have a warrant to search YOU and YOUR SHIT ( Or, if you are th
      • by blueskies (525815)
        What to be searched is described: All of the class C that the suspect can get a DHCP address from.

        Why not just specify a Class A and be done with it?
  • Cops suspect illegal activity, say drug ring, but they do not know which apartment it is. Do the police have the right to search every apartment in the complex to find illegal activity? And what if they come to my apartment and find that I have a computer. Can they seize that to see if I am doing anything illegal in their search for the drug ring? No. Laws and the Constitution are two separate entities. Congress and states cannot make laws that abridge the freedoms set forth in the Constitution.
    • Congress and states cannot make laws that abridge the freedoms set forth in the Constitution.


      Sure they can. It's the job of the Supreme court to overthrow such laws, once made. And it will only get to the Supreme Court if someone brings it there, and even then it's not always guaranteed.

  • As is tradition when the Government increases their spying efforts, it's time to listen to The Conet Project and then watch Enemy of the State while wearing a tin foil hat and eating a bucket of fried chicken.
  • Aren't there mechanisms in place to deal with this?

    In a situation where FBI has probable cause to believe a crime has been committed, they should still have to present their evidence to a judge and get a warrant.
    If they don't know who is committing the crime, but they have specific cause, they can provide a specific description of what they're looking for and get a john doe warrant.

    Let them rifle through the whole pipeline. But they can't use anything not on the warrant--including for the purpose of gettin
    • Well, that's what I learned from "Law and Order"--any real lawyers out there?
      I'm no lawyer, but my watching of "The Practice" confirms your assumption.
  • by Sloppy (14984) on Tuesday January 30, 2007 @01:20PM (#17815664) Homepage Journal
    Just for reference:

    The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.

    The value behind the words is pretty clear, or at least it is when you look at the words in terms of 18th century technology. In the big room, things are public. You can't assert privacy in the town square. But separate from that, are our personal domains that no one else should be able to enter without our permission; a man is king of his castle. If you're there without permission, you're trespassing. And the 4th Amendment says that government is a special case, that it can enter your space without your consent without it being trespassing, but this requires court oversight. Without that check in place, it is trespassing.

    In 1789, it was really easy to tell the difference between public and private, only requiring basic common sense.

    You don't even have to be an intelligent human to understand this. Even some really dumb animals know how to enforce ownership of their turf. It's that basic and easy.

    When phone networks came, it got kind of blurry. I guess Congress and the Courts have made up their mind about that, generally taking our side (i.e. requiring warrants for wiretapping) but the reality isn't all that clear. No matter how you look at it, those phone wires are not just in your house and the house of the person you're talking to. The wires are in public. When we demand privacy on wires that pass through public, radio signals that go everywhere, etc, we're doing something very artificial. That doesn't mean it's wrong or an unreasonable demand; really, it's ok to assert our will over nature. But going beyond Natural Law isn't as easy as it looks, and the issues can explode with complexity.

    When you get to the Internet, it's even harder. Anyone who knows anything about the Internet, knows that you really don't have a reasonable expectation of privacy. We desire privacy? Well, of course! But having an "expectation" is foolishly unrealistic. There are too many people who have access to your plaintext. You don't even know who they are! How can you expect respect and accountability from someone you can't even identify, doesn't have any sort of business relationship with you, etc? It's naive.

    Contrast that to the situation of someone looking at papers on your desk at home. Nobody gets into your home without your knowledge or permission, so if someone even has the ability to violate the security of your effects and papers, it's because either you granted permission for them to be there, or because they're trespassing. Well, when you send a packet of plaintext out onto the Internet with blind faith that the routing protocols will somehow get the packet to its destination, you're granting permission for someone (you don't even know who) to at least have enough access to the packet to be able to get the job done. You might say you didn't grant permission for them to read your love letter, but you sure as hell did grant them just about everything short of that -- you very explicitly give them the opportunity. This is very unlike the situation with a love letter sitting on your desk at home.

    Everyone knows this, and they've known this for a very long time (thus anyone who uses the words "Bush Administration" in this discussion shouldn't be taken seriously). Tech-heads made up their minds decades ago: you can't expect privacy, unless you take matters into your own hands, by encrypting. If you don't listen to tech-heads on this, you're a fool.

    We don't have a reaso

    • Prudence of encryption aside, the courts have upheld the expectation of privacy on phone networks.

      It's not like the FBI are monitoring whatever packets happen to flow through their own public routers. That would be bad too, but at least arguable. No, they are going to your ISP, demanding information and access to your account that the ISP would never allow for a private individual.

      They are using police powers to subpoena evidence for some case, but the warrant does not have your name on it and you have
  • Here's why: the FBI probably uses this technique, in some cases, to track down child porn. True, most cases these days are probably copyright infringement cases demanded by the industry, but given today's power-hungry government and legislators who think their primary mandate is to keep their office, all the FBI has to do is say that they use it to combat child porn and no one but the district court or higher will touch it - and that takes months or years.

    You may ask why I say this. Wikipedia COPA, COPP

    • by Animats (122034)

      Here's why: the FBI probably uses this technique, in some cases, to track down child porn.

      No, most child pornography is distributed by law enforcement. Mostly by the FBI's Baltimore office. [fbi.gov]

  • Mistake... (Score:2, Funny)

    by commisaro (1007549)
    Shouldn't that be full-tube?
  • By 2007 American standards, yes, probably Legal, given that we're "At War" and our Dear Leader exercises the right to violate ours at his slightest whim.

    But by 1776 American standards? I'd say this bunch would be headed to the gallows for Treason.

If you're not part of the solution, you're part of the precipitate.

Working...