Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Crime Government Your Rights Online

Is the Outrage Over the FBI's Seattle Times Tactics a Knee-Jerk Reaction? 206

reifman writes The Internet's been abuzz the past 48 hours about reports the FBI distributed malware via a fake Seattle Times news website. What the agency actually did is more of an example of smart, precise law enforcement tactics. Is the outrage online an indictment of Twitter's tendency towards uninformed, knee-jerk reactions? In this age of unwarranted, unconstitutional blanket data collection by the NSA, the FBI's tactics from 2007 seem refreshing for their precision.
This discussion has been archived. No new comments can be posted.

Is the Outrage Over the FBI's Seattle Times Tactics a Knee-Jerk Reaction?

Comments Filter:
  • No. Just no. (Score:4, Insightful)

    by Anonymous Coward on Wednesday October 29, 2014 @02:25PM (#48263645)

    Whoever thinks this is remotely a good thing needs to be beaten with a lead pipe. Not only is it clearly illegal, it's also a serious breach of trust.

    • Who trusts what they read on the internet anyway? Particularly by reading just one page of content that has no real meaningful impact to anyone but the criminal.

      Anyone who doesn't validate what they read on the internet deserves to be......misled.
    • by mi ( 197448 ) <slashdot-2017q4@virtual-estates.net> on Wednesday October 29, 2014 @02:37PM (#48263795) Homepage Journal

      Not only is it clearly illegal

      Please, cite the violated law. Thank you.

      it's also a serious breach of trust

      Trust between which parties? The fake was sent to only one person — the suspect, who then became a convict. The suspect knows very well now, that it was a fake — so he continues to trust the actual Seattle Times as much as he did before.

      Also, we all know, that it is perfectly legal for police to lie — except, of course, under oath. So, which trust are you talking about?

      • by Anonymous Coward on Wednesday October 29, 2014 @02:45PM (#48263873)
        Not only that, but from what I can tell there was no malware. And the fake website was just a page on a website where the FBI could see the logs. They e-mailed him a link to a story. When he clicked on the link they could see the IP address which requested the story. Nothing I read says it was any more sophisticated than that. I'm not sure they'd even need a warrant to do this. It's no different then e-mailing him a phone number and looking at the caller ID when he calls it. That's not private information.
        • by rtb61 ( 674572 )

          In this case the whole FBI story stinks. Let see they had it down to one suspect, just one suspect, so why send out the email at all, go to a judge and get a search warrant. It sounds very much like, yes they did launch a phishing attack on the person they prosecuted but that was not the only target of that attack, there were many others and the FBI has just chosen to forget about they existed and the FBI committed a criminal actions against innocent parties, something the FBI has a track record for doing.

      • Please, cite the violated law. Thank you.

        1) Identify theft.
        2) Slander of Title.
        3) Copyright Infringement.
        4) Trademark Infringement.
        5) Defamation of Character.

        And those are just the ones I can think of off the top of my head.

        And no, a warrant cannot authorize those things. There is nothing in the Constitution that allows for committing the above crimes just because a judge issues an illegal order to do so.

        • Re: (Score:2, Insightful)

          by mi ( 197448 )

          1) Identify theft. 2) Slander of Title. 3) Copyright Infringement. 4) Trademark Infringement. 5) Defamation of Character.

          These may be legal terms, but not actual laws. Please, try again — cite an actual law (Federal or Washington State's). If you can, mention the paragraph/verse you think was violated. Thank you.

          • The examples provided are illegal. But that's not even the standard that should be used because it's the combination of actions and intention that can make something illegal even when those actions without specific intent isn't illegal.

            The simplest way to test if what they did was wrong and illegal is what the reaction would have been if a private citizen had done the same thing to the FBI. If the answer to that question is that the private citizen would have been arrested and prosecuted then what the FBI d

            • by mi ( 197448 )

              The simplest way to test if what they did was wrong and illegal is what the reaction would have been if a private citizen had done the same thing to the FBI.

              Lying to the FBI (or any other federal agents) is illegal [criminal-l...source.com]. The other way is not.

              The FBI, nor any law enforcement agency has the right to willy nilly break the law

              They don't alright. And they haven't. Not in this case, anyway.

      • >Please, cite the violated law. Thank you.

        Wire fraud could be used to prosecute pretty much anyone in cases like these, if a US Attorney wanted to do so, which they wouldn't. They never go after their own.

        • by mi ( 197448 )

          Wire fraud could be used to prosecute pretty much anyone in cases like these

          The definition of "wire fraud" reads [wikipedia.org]:

          In the United States, mail and wire fraud is any fraudulent scheme to intentionally deprive another of property or honest services via mail or wire communication. It has been a federal crime in the United States since 1872.

          Does not apply to sting operations [wikipedia.org]...

          • >Does not apply to sting operations...

            Your reference says nothing about wire fraud.

            Here's the actual law -

            "Whoever, having devised or intending to devise any scheme or artifice to defraud, or for obtaining money or property by means of false or fraudulent pretenses, representations, or promises, transmits or causes to be transmitted by means of wire, radio, or television communication in interstate or foreign commerce, any writings, signs, signals, pictures, or sounds for the purpose of executing such sc

          • Wire fraud could be used to prosecute pretty much anyone in cases like these

            The definition of "wire fraud" reads [wikipedia.org]:

            In the United States, mail and wire fraud is any fraudulent scheme to intentionally deprive another of property or honest services via mail or wire communication. It has been a federal crime in the United States since 1872.

            Does not apply to sting operations [wikipedia.org]...

            Ha, for someone demanding such precision and exactness for citations you go and post links to wiki. Nice one. Troll level +

      • by gweihir ( 88907 )

        It is the type of society-eroding tactics usually ascribed to "terrorists". As soon as you cannot take most things at face value anymore, civilization collapses.

        • by mi ( 197448 )

          It is the type of society-eroding tactics usually ascribed to "terrorists".

          No, what we ascribe to terrorists are perfectly overt violence...

          As soon as you cannot take most things at face value anymore, civilization collapses.

          A single suspect being fooled into clicking on a bogus link by the FBI does not affect my taking things at face value.

      • by sjames ( 1099 )

        It is at least a trademark violation. It might also run afoul of libel laws (as it could damage the good name of the Seattle Times). Fraud makes an appearance there somewhere as well.

        Try phishing using a well known brand name without permission and see what happens to you.

    • Re:No. Just no. (Score:5, Informative)

      by thaylin ( 555395 ) on Wednesday October 29, 2014 @02:38PM (#48263813)
      What is illegal about it? They got a warrant, and sent a targeted email with a link people would not normally go to.
      • Just for amusement value doesn't that violate the CAN-SPAM act?
    • Which part is illegal? The part where they got a warrant, or the part where they targeted only one person?

  • Yes, but (Score:5, Insightful)

    by nwaack ( 3482871 ) on Wednesday October 29, 2014 @02:25PM (#48263649)
    Yes, it's a knee-jerk reaction. However, our government agencies have done this to themselves. Most of the outrage is probably coming from people who saw "FBI" and "website" in the same sentence and just assumed they did something bad. I can't say I really blame them all that much.
    • Re: (Score:2, Informative)

      by Anonymous Coward

      Most of the outrage is probably coming from people who saw "FBI" and "website" in the same sentence and just assumed they did something bad.

      Nope, much of the outrage is coming from the Seattle Times who had their website spoofed.

      • by pla ( 258480 )
        Nope, much of the outrage is coming from the Seattle Times who had their website spoofed.

        As the owners of the Seattle Times' tarnished trademark (and depending on the quality of the spoof, quite likely the copyright holders to a significant number of infringements on that front as well to "decorate" the spoofed site), they have more right to outrage here than anyone.

        Beyond, of course, the righteous outrage of a population which has granted its government certain limited powers in the interest of mainta
    • Re:Yes, but (Score:5, Insightful)

      by jellomizer ( 103300 ) on Wednesday October 29, 2014 @02:39PM (#48263819)

      Nearly everything in the media is Knee-jerk.
      No one has the time to really dig threw and sift threw the facts and see both sides of an issue. We Want Good Guys and Bad Guys. No gray line.
      It is nice and neat and easy to know where you are at.

  • by gurps_npc ( 621217 ) on Wednesday October 29, 2014 @02:38PM (#48263807) Homepage
    If they had a warrant, then it is perfectly good police tactics.

    If they did not have a warrant, then it is an illegal invasion of privacy.

    They electronically entered his computer and that is no different than entering his home. The fact that he had to click on it is meaningless. The creation of the malware would be illegal, without the warrant.

    Now, the police may not be smart enough (or ethical enough) to have asked for the warrant, but that is what is clearly needed.

    • by r0nc0 ( 566295 )
      I'm not sure getting a warrant allows any entity to break the law as a means to an end, no matter how just that end seems to be. Entering the computer with a search warrant, fine. Creating and distributing malware? I believe that's against the law. Now, malware is a loaded term subject to broad interpretation, I'll grant you that, so really the line is pretty grey. While I'd be tempted to draw an extreme comparison to, say, killing someone because you have a warrant to do so in order to capture some other
      • I'm not sure getting a warrant allows any entity to break the law as a means to an end.

        If they have a valid warrant to do it, then it is not breaking the law. It is illegal for you to break into my house. If the police have a valid warrant, it is legal for them to break into my house. The whole point of a warrant is to allow the police to legally do things that would otherwise be illegal.

    • They had a warrant. FTA " Furthermore and most importantly, the FBI obtained a warrant before executing these activities."

      It was more spyware than malware though, but that is a distinction without a difference in the minds of most people.

      • They got said warrant without mentioning to the judge that they were going to impersonate a major news organization.

        They got a 15 year old calling in bomb threats, what idiot made this a FBI case.

        • They got said warrant without mentioning to the judge that they were going to impersonate a major news organization.

          You know this how?

          They got a 15 year old calling in bomb threats, what idiot made this a FBI case.

          Because a bomb threats are considered domestic terrorism? They also had no idea if it was a 15 year old until they identified him.

          • The linked article.

            Yea a random no-name high school that is were the terrorists will strike. Terrorism by definition requires a political aspect and violence, it's doubtful the 15 year old have a political motive or any particular ability for violence. Since when do terrorists make bomb threats anyways they blow stuff up and claim responsibility not tell you specifically we put a bomb here get the people to safety before it blows. The FBI overreacted and was intentionally circumspect in their warrant.

            • The linked article.

              Please quote the part that says the police did not mentioning to the judge that they were going to impersonate a major news organization. I can't seem to find it.

              Yea a random no-name high school that is were the terrorists will strike.

              Because it is a threat against a government building the Feds get involved.

              • The documents indicate the FBI in Seattle obtained a search warrant to “deploy” the CIPAV software after the task force, which is run by the FBI, received a public tip about a suspect. Special Agent Norman Sanders, in seeking the warrant, said the bureau would send a “communication” to the suspect’s computer that would make the computer identify itself for the agent.

                The case was taken up by the U.S. Attorney’s Office, which helped draft and approve the warrant. The warran

                • The documents indicate the FBI in Seattle

                  Where is the reference to those documents?

                  The warrant does not say that “communication” would be a bogus news story that appeared to be published online by The Seattle Times.

                  These words appear in neither of the articles. Where did they come from or are you making them up?

                  At the point they got the tip they knew it was a teen and had little creditable threat.

                  Can you refer to anywhere that they already knew he was a 15 year old and the threat was not credible? Even if he was, when I was fifteen I could have built a bomb quite easily. You seem to be reading documents that I have not seen. Please show the links to those documents.

                  By the way, this is what a reference looks like.
                  You wonder why the FBI got involved. According to

    • Did you even read past the headline, they posted a link to a spoofed site on his myspace page and tracked his I.P. address, when he clicked the link. The was no malware of any kind and I.P. addresses are public information.
  • If the FBI knew he had a Myspace account and had his MySpace ID (since, after all, they emailed him there), why didn't they just ask MySpace (and by "ask", I mean "force them to hand it over with no recourse to question the 'request'") to hand over IP address?

    • by reifman ( 786887 )
      Most likely, the suspect used MySpace at an anonymous IP that wouldn't connect him. I expect that the IP address would not give them as deep data as to the identity of the specific user as the CIPAV would.
      • by hawguy ( 1600213 )

        Most likely, the suspect used MySpace at an anonymous IP that wouldn't connect him. I expect that the IP address would not give them as deep data as to the identity of the specific user as the CIPAV would.

        So you're saying he checked his MySpace email using an anonymous address, but clicked on links in his MySpace email using his own IP address?

        • by reifman ( 786887 )
          I've put a question into the FBI spokesperson about this. This is 2007 - so WiFi and laptop penetration was a bit less than it is today. But, theoretically, the CIPAV would leverage additional data from their laptop. But, agreed - this would have been a logical step - trying to confirm if/why they tried this.
          • by reifman ( 786887 )
            p.s. keep in mind - the CIPAV might be more effective at gathering data that would lead to a conviction beyond a reasonable doubt whereas just the IP only gets them to basic identity of a location.
          • by TheCarp ( 96830 )

            Well it was at least 3 years before that when I was working at a school that had a student use his pc in his office to spam through our mail relays for his consulting business. I bring it up because, we clearly had IPs in the logs, but the networking group sent someone out to the office anyway.... to get the MAC address, so we could close the correlate the IP of the spammer, with the DHCP logs, with the MAC on his machine.

            Now this was a University office (he was a grad student), so the network engineer call

        • Maybe they'd developed the tool and wanted to use it. It's faster and easier than asking MySpace to go digging through their logs, and they got some experience using the technique.

    • by reifman ( 786887 )
      They did. See here: 13(b) the suspect was sophisticated enough to use compromised computers to disguise their actual IP address. The MySpace IP obtained in 12(b) helped determine this. http://www.politechbot.com/doc... [politechbot.com]
  • What malware? (Score:5, Informative)

    by mi ( 197448 ) <slashdot-2017q4@virtual-estates.net> on Wednesday October 29, 2014 @02:43PM (#48263847) Homepage Journal

    The Internet's been abuzz the past 48 hours about reports the FBI distributed malware via a fake Seattle Times news website.

    From TFA:

    When the suspect clicked on the link, FBI software revealed his location and IP address to agents working the case.

    If there is a slashdotter, who — from reading the above "description" — does not realize, that there was no "malware" installed on the doofus' computer and the suspect's IP was obtained simply from the FBI's web-server log, ought to close his account (and change his name)...

    • If it's coming from FBI servers, it can't be good. Must be malware. It's just like how pages served off the CIA and NSA's servers are called spyware. They're spies after all.

    • Seems like a simple warrant for the newspapers logs would have sufficed except they probably would not have gotten the warrant and/or the times would have fought it as the fishing expedition it was.

    • The Internet's been abuzz the past 48 hours about reports the FBI distributed malware via a fake Seattle Times news website.

      From TFA:

      When the suspect clicked on the link, FBI software revealed his location and IP address to agents working the case.

      If there is a slashdotter, who — from reading the above "description" — does not realize, that there was no "malware" installed on the doofus' computer and the suspect's IP was obtained simply from the FBI's web-server log, ought to close his account (and change his name)...

      An undercover agent sent a MySpace email to the account owner that included a fake news article blurb and a link to a web page that downloaded software (known as CIPAV) that helped the agency identify the suspect and subvert his computer.

      I know, I know, that quote is from the second article but I guess if you even do more than skim the summary before shooting your mouth off you're no true slashdotter and should close your account.

  • by Qzukk ( 229616 ) on Wednesday October 29, 2014 @02:50PM (#48263915) Journal

    I'm having a hard time being outraged by a guy dumb enough to click a seattletirnes link on his myspace account.

    There are real things to be outraged over, like the time the government used a MITM attack at the ISP to serve malware on the real slashdot site [techdirt.com].

  • Re: (Score:2, Insightful)

    Comment removed based on user account deletion
  • by Simulant ( 528590 ) on Wednesday October 29, 2014 @03:00PM (#48264029) Journal
    ... and if there's nothing to be outraged about we'll manufacture it.
    • ... and if there's nothing to be outraged about we'll manufacture it.

      I'm really wondering if people will ever get tired of being manipulated all the time with outrage.

      If you haven't noticed it yet, notice it now: the television, radio, politicians, bloggers all manipulate people by making them feel outrage. Then they get what they wanted from the manipulee and move on. Nothing changes, "but it sure feels good I was upset at those [people on the wrong side of the issue]."

  • I'm confused. They emailed a "fake" story to someone's MySpace account. Clicking on the "fake" story exposed his IP address.

    Why exactly, did that make him guilty? What if they emailed me a link? What if I was genuinely interested in the "fake" story? How does reading a story an a news site make me guilty of anything?

    • The second article has the information I was looking for. The MySpace page itself was anonymous, and was bragging about making the bomb threats. The direct email lead to the owner of the page.

  • by qeveren ( 318805 ) on Wednesday October 29, 2014 @03:54PM (#48264649)

    ...because over there someone is doing something obviously much worse! That's how it works, right?

  • After a constant barrage of post-wikileaks / snowden sensationalist coverage, I think The Public has been conditioned to outrage at any hint of Gov't maleficence.

    Then again, the good old USA has developed instant outrage over anything, over everything, ever since Facetwit came into being.

    In any case, the Gov't earned it. Bad Gov't, BAD! *THWACK*

  • If the Feds hacked the perps computer, then how can we be sure they didn't install fake evidence on the said computer?
  • ... it is this belief that they can do these things without asking permission that is really troubling. The newspaper might have said yes if consulted. But the government didn't even ask. It did what it wanted to do and THAT is at the root of so many of these controversies.

    The arrogance.

  • by reifman ( 786887 ) on Thursday October 30, 2014 @12:35AM (#48267309) Homepage
    I've posted a summary of common questions from this piece here: http://jeffreifman.com/2014/10... [jeffreifman.com]

Never tell people how to do things. Tell them WHAT to do and they will surprise you with their ingenuity. -- Gen. George S. Patton, Jr.

Working...