FBI Seizes Servers In Virginia 405
Axolotl_Rose writes "The FBI has seized servers belonging to several clients of a hosting company in Reston, VA, disrupting service for many other clients. 'In an e-mail to one of its clients on Tuesday afternoon, DigitalOne’s chief executive, Sergej Ostroumow, said: “This problem is caused by the FBI, not our company. In the night FBI has taken 3 enclosures with equipment plugged into them, possibly including your server — we cannot check it.” Mr. Ostroumow said that the FBI was only interested in one of the company’s clients but had taken servers used by “tens of clients.” He wrote: “After FBI’s unprofessional ‘work’ we can not restart our own servers, that’s why our Web site is offline and support doesn’t work.” The company’s staff had been working to solve the problem for the previous 15 hours, he said.'"
Does the Constitution still mean anything? (Score:4, Informative)
Re:A war? (Score:1, Informative)
one must admit, one begins to warm up to the goal, if that's exposing the real shenanigans and making real evildoers sweat it...
Re:Restore from backup? (Score:5, Informative)
The reason they took the whole rack.... (Score:2, Informative)
... is they did not want to power down the server.
Law enforcement is trained that if you are seizing a computer, if possible, do not let it be shut down/locked. Forensics can snapshot the RAM and possibly get encryption keys that would be lost if the server was powered down. Worst case there could be a whole drive encryption that needs a password every boot, if you let the computer shut down you lose everything and all you will have is a worthless box without the password.
It is likely there was no way to remove the server from the enclosure while keeping it supplied with power. So what they likely did is they spliced in their own UPS to the cabinet and rolled the whole thing out. to their truck where they could keep it powered till a expert could get in and get a dump of the system state.
Re:Civil and criminal liability (Score:5, Informative)
You can try to file a suit, but you probably wouldn't get anywhere.
The Federal Tort Claims Act was enacted by Congress in 1946 to allow citizens to sue the federal government. Prior to that you had to get something
passed by congress in order to sue the government.
From http://www.finchmccranie.com/refresher.htm [finchmccranie.com]
While the passage of the FTCA constitutes a limited waiver of sovereign immunity, Congress specifically limited the government's amenability to suit in a variety of different circumstances. In 28 U.S.C. 2680, Congress specified that its limited waiver of immunity would not apply to the following claims:
(a) any claim based upon an act or omission of an employee of the government, exercising due care, in the execution of a statute or regulation, whether or not such statute or regulation be valid, or based upon the exercise of performance or the failure to exercise or perform a discretionary function or duty on the part of a federal agency or an employee of the government, whether or not the dis- cretion involved be abused; ...
So you see, you are effectively shut down before you get to the courthouse steps. All they need do is say "We had evidence that all servers we took were involved" and there is nothing more you can do. You will not be granted the ability to examine that evidence.
Re:The reason they took the whole rack.... (Score:5, Informative)
They don't need to keep the whole rack powered, just the one machine they are interested in, they could power down the rest of the rack and a off the shelf UPS could run it for plenty of enough time to get it to a truck with a inverter on it.
As for the "magic splicing" it is not hard to do, anyone with a basic understanding of electric circuits can splice two live cables together.
There is a product called HotPlug that is meant for seizing assets without powering them down. It works pretty slick. Basically, you plug it into the same power strip, flip the switch and unplug the powerstrip from the wall. You can also splice into the cord or outlet if needed.
http://www.wiebetech.com/products/HotPlug.php [wiebetech.com]
Re:Machines won't be coming back (Score:5, Informative)
Which is bullshit.
The equipment needs to be kept until guilt or innocence is determined. At that point, any equipment belonging to an innocent needs to be fucking returned.
It's larceny otherwise. Can't understand how they get away with this...
It's not even like I'm saying compensation should be issued! Just an "our bad, here's your stuff!"
Re:Restore from backup? (Score:3, Informative)
From Professor Mark Stevens' page in California State University [ncwc.edu]
Suing the government is the second most popular indoor sport in America, and police are often the targets of lawsuits, with over 30,000 civil actions filed against them every year, between 4-8% of them resulting in an unfavorable verdict, where the average jury award is $2 million. This isn't even counting the hundreds of cases settled thru out-of-court settlements, which probably runs in the hundreds of millions and involves about half of all cases filed. It may take up to five years to settle a police liability case.
Re:Not Surprised (Score:5, Informative)
Funny they have asked for just that.from hosting companies. They do not seize the phone companies computes when they have a warrant for info, they send the paperwork and the phone company sends the data. I've been at the receiving end of FBI warrants in hosting companies we package up what they need and even bill them for our time. Unless they had reason to believe that the hosting company or it's staff were part of the criminal activity there is no reason to do this. Sometimes they were even smart enough to ask us to leave it up and sniff it's traffic for weeks at a time.
As far as avoiding this sort of thing it's no different than any other major disaster you need backup servers with a different provider a good physical distance away.