FBI Accidentally Received Unauthorized E-Mail Access 122
AmishElvis writes "The New York Times reports that 'glitch' gave the F.B.I. access to the e-mail messages from an entire computer network. A hundred or more accounts may have been accessed, rather than 'the lone e-mail address' that was approved by a secret intelligence court as part of a national security investigation. The episode was disclosed as part of a new batch of internal documents that the F.B.I. turned over to the Electronic Frontier Foundation, as part of a Freedom of Information Act lawsuit the group has brought."
Re:Headline: Sysadmin fouls up filter (Score:5, Informative)
You did read the article right? It wasn't the FBI that screwed up. The FBI caught the mistake that the company's sysadmin made when setting up the eavesdropping.
Yes, it can happen again without too much effort. What are you going to do to fix it? Send the FBI in to set up the eavesdropping themselves so the sysadmin doesn't screw it up? Keep in mind we're talking about a run of the mill court-ordered warrant here. It's a very standard and very legal way to gather evidence. This story has very little if anything at all to do with post-9/11 surveillance or FISA or anything else that might be questionable or debatable. No where in the article does it say that the surveillance was set up as part of a FISA warrant which leads me to believe that the Times reporter is trying to feign a connection for scare value.
I hate to say it but I think the debate is pretty much closed on court-ordered warrants. If the court orders them and you don't have any legal argument to squash the order then you have to comply with it or be found in contempt of court. There's nothing really secretive about the process either, except ideally to the person who's being surveilled.
Re:Trust the FBI? (Score:5, Informative)
This being Slashdot, I can probably assume that you didn't bother to RTFA before posting, but if you had, you'd have kept your foot out of your mouth. The FBI requested that an ISP send them copies of all email sent to one address at a small domain. The ISP screwed the pooch and sent them all email sent to that domain. The FBI noticed that they were getting way too much email, found out what had happened and corrected it. At no time did they overstep their bounds, because they only asked for what a judge said they were entitled to. I hope this makes enough sense to you that you can remove your tinfoil hat, but frankly, I doubt it.
Re:Headline: Sysadmin fouls up filter (Score:3, Informative)
Oh noes, some idiot sysadmin accidently sent my e-mail to the FBI. Someone call a congressional hearing.
If it's that confidential that someone else seeing it would be a serious problem, use encryption. There's no way they accidently get copies of your crypto keys. Better yet, don't send it in an e-mail, don't write it in a letter, and don't say it over the phone. If it really needs to be kept a secret, have a face to face meeting. If it doesn't need to be kept that much of a secret (and 99% of things don't) then some lackey at the FBI knowing about it is not going to be a problem.