Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
Privacy Your Rights Online

FBI Compromises Another Remailer 164

betterunixthanunix writes "Another remailer has been compromised by the FBI, who made a forensic image of the hard disk of a remailer located in Austria. The remailer operator has reissued the remailer keys, but warns that messages previously sent through the remailer could be decrypted. The operator also warns that law enforcement agents had an opportunity to install a back door, and that a complete rebuild of the system will take some time."
This discussion has been archived. No new comments can be posted.

FBI Compromises Another Remailer

Comments Filter:
  • wtf fbi (Score:4, Insightful)

    by X0563511 ( 793323 ) on Wednesday April 25, 2012 @10:05AM (#39794975) Homepage Journal

    Why the fuck are you intruding into and altering foreign systems? That's not your fucking jurisdiction or job!

    Leave that shit to the intelligence agencies, if someone must do it.

    • by Anonymous Coward

      The local authorities probably granted FBI access. The FBI didn't walk in by themselves.

      • by cayenne8 ( 626475 ) on Wednesday April 25, 2012 @12:20PM (#39797049) Homepage Journal
        It is going to be very interesting to see if the FBI, can crack through the remailer system, and actually find the person that did this.

        I mean, if the person they're after, used the remailer system as it is supposed to work...it "should" be uncrackable and untraceable.

        It will be interesting to see the system go through what I have to guess is the first actual hard core test it has ever gone through.

      • Re:wtf fbi (Score:5, Insightful)

        by Joce640k ( 829181 ) on Wednesday April 25, 2012 @12:50PM (#39797445) Homepage

        I think local authorities might have issued a court order requiring a set of messages to be decrypted.

        Not too many people have problems with following court orders for genuine criminal investigations. It's the mass-scanning, fishing expeditions they have a problem with.

        The old KGB/Stasi bosses must be having a real laugh at the way the USA is acting lately. Read all your mail, demand papers and feel you up before you can travel anywhere, more people in prison than any other country.

        Americans used to joke about all that sort of stuff but guess what...?

        • Re:wtf fbi (Score:4, Insightful)

          by mindbuilder ( 960119 ) on Wednesday April 25, 2012 @04:11PM (#39800009)
          US law now allows the military to imprison you for life without trial. See the NDAA. or http://www.youtube.com/watch?v=AKaTxjxnYfE [youtube.com] This was signed into law by Obama. There is an exemption for American citizens from the requirement that the military take them to Guantanamo Bay, but the exemption is only to the requirement, the military still has the OPTION to imprison you forever without trial. The law says it is only for suspected terrorists, but the law only requires suspicion, not proof, and anyone can be suspected of being a terrorist. It has been claimed that there is a requirement for one hearing before a judge but I haven't seen that in the law. It boggles my mind that Congress and Obama think it is a good idea to make it legal for the military to secretly snatch you in the middle of the night and imprison you for life without trial on mere suspicion.
    • Re:wtf fbi (Score:5, Informative)

      by hendridm ( 302246 ) on Wednesday April 25, 2012 @10:18AM (#39795177) Homepage

      If you read the thread, it was Austrian authorities that took the image at the request of U.S. authorities.

      • Re:wtf fbi (Score:4, Informative)

        by X0563511 ( 793323 ) on Wednesday April 25, 2012 @10:24AM (#39795257) Homepage Journal

        If that's true, I don't understand how this (from the summary above) is possible: "The operator also warns that law enforcement agents had an opportunity to install a back door"

        Unless they just installed the backdoor into their image, for some reason. They would have had to have access to the live system to do this part.

        • Re:wtf fbi (Score:4, Informative)

          by Anonymous Coward on Wednesday April 25, 2012 @10:27AM (#39795315)

          Austrian Law Enforcement took a disk image, meaning they had direct access to the server. The Austrian's did this at the behest of the FBI. So yes, law enforcement could have installed a backdoor while they had access.

        • Re:wtf fbi (Score:5, Informative)

          by betterunixthanunix ( 980855 ) on Wednesday April 25, 2012 @10:28AM (#39795331)
          Read the post; they did have access to the live system. The operator does not think it is likely that a backdoor was installed, but as a security precaution has indicated that the system will eventually be rebuilt (probably with new keys issued).
        • Re:wtf fbi (Score:5, Informative)

          by a90Tj2P7 ( 1533853 ) on Wednesday April 25, 2012 @10:34AM (#39795413)
          They didn't. No one did. The admin just told everyone "Depending on how paranoid you are, you may assume the machine is backdoored, since the authorities have had access".
      • Re: (Score:3, Funny)

        by Anonymous Coward

        ASSISTANCE REQUEST

        To: Federal Bureau of Investigation
        From: Sealand Government

        Please provide us soonest with hard drive images of the MegaUpload servers and RAID configuration parameters.

        Thank you.

    • Re: (Score:1, Informative)

      by Anonymous Coward

      1) Read the link first before freaking out. Austrian police did it at the request of the FBI.
      2) While there are no details about why this occurred, the owner of the remailer suspects it has something to do with the bomb threats that have been happening for weeks now at the University of Pittsburgh. These threats are being delivered through the remailers and it would appear they hope to find information that might lead them to the individual responsible. In that case, this isn't a unilateral action to see

    • That's what empires do!

    • by Tyndmyr ( 811713 ) *
      The FBI is a member of the US intelligence community. It IS an intelligence agency. You could learn this trivially quickly on wikipedia.
      • The FBI is a member of the US intelligence community. It IS an intelligence agency. You could learn this trivially quickly on wikipedia.

        Nonetheless, the FBI is supposed to be about INTERNAL law enforcement, not foreign intelligence.

        On the other hand, they're what we have for a national police force, so it's possible that their mandate allows this sort of thing, assuming cooperation by local law enforcement.

    • I'm really upset by this. As an Austrian, I'm appalled that our courts would issue an order to clone the complete disk of our Mixmaster node (btw, yes, I know the maintainer personally). The Pittsburgh bomb threats are serious business, and I'd like nothing more than see these "pranksters" (as they see themselves) brought to justice for what they've done. But that doesn't mean that everybody else's secrets have to be exposed at the request of a foreign nation. Where do you draw the line? Which nations can

  • by Anonymous Coward

    Did they manufacture any "evidence" in the process?

    • Re:Another question (Score:5, Informative)

      by Jeng ( 926980 ) on Wednesday April 25, 2012 @10:09AM (#39795045)

      The remailers are not the target, it's users are.

  • "Could be decrypted" (Score:4, Informative)

    by Beryllium Sphere(tm) ( 193358 ) on Wednesday April 25, 2012 @10:10AM (#39795047) Journal

    Not if they were encrypted to the end recipient's public key. If not, they were plaintext in transit and possibly on the ISP's server.

    • by Hatta ( 162192 )

      Indeed. I'm not terribly familiar with anonymous remailers, so I don't understand what the keys are for. Why does an anonymous remailer need encryption keys in the first place? If I send them an email, asking them to resend it somewhere else, and they don't log who sends them email, isn't that enough to provide anonymity?

      • If I send them an email, asking them to resend it somewhere else, and they don't log who sends them email, isn't that enough to provide anonymity?

        What if your connection is being watched?

        In practice, people will chain two or more remailers, so that no single remailer knows both the sender and the recipient of a message. Encrypting the messages with each remailer's key is fundamental to this, so that the commands send to one remailer cannot be recorded by another.

      • by arth1 ( 260657 )

        Indeed. I'm not terribly familiar with anonymous remailers, so I don't understand what the keys are for. Why does an anonymous remailer need encryption keys in the first place? If I send them an email, asking them to resend it somewhere else, and they don't log who sends them email, isn't that enough to provide anonymity?

        No. If you e-mail the remailer unencrypted, DHS/NSA/FBI can snoop the e-mail en route to the remailer, seeing what you wrote and who you sent it to.
        If you send the e-mail encrypted to the remailer, the agencies won't know what's in the e-mails or who it goes to.

        • If you send the e-mail encrypted to the remailer, the agencies won't know what's in the e-mails or who it goes to.

          No, they may well know who it goes to, because the system's keys may have been compromised, and the system needs that information to send your mail. By snooping your connection (If you are a person of interest) they know which mail you sent through comparison. The only thing they don't know is what's in the email.

          • Which is why people typically send messages through remailer chains, to make that sort of attack harder. Yes, they could just compromise the whole system, which is why the low number of remailers in operation is so troubling.
      • by oxdas ( 2447598 )

        If this is related to the emailing of bombing threats, then the emails are in plaintext (because the recipient won't have the key). I am guessing the encrypted part is information about the origin of the email. Potentially the remailer encrypted the email when passing between remailers or perhaps they use an encrypted tunnel or something to communicate. The FBI probably needs information from their servers to determine who was the last remailer in the chain. The FBI will probably need to seize the recor

  • by Anonymous Coward

    So, are there any remailers in countries that don't have reciprocal juristictional arrangements with the USA?

    • So, are there any remailers in countries that don't have reciprocal juristictional arrangements with the USA?

      Iran. North Korea. Syria. China... maybe? They might cooperate with the FBI depending on the target. Same with Russia. Are you looking for a country that doesn't have reciprocal arrangements, but that will also respect your privacy? I doubt it.

  • by 3seas ( 184403 ) on Wednesday April 25, 2012 @10:15AM (#39795129) Homepage Journal

    ....is that the FBI is a criminal organization.

    Anonymous remailers are set up for reason of protection of those with information they want to get out but can as well suffer from a repressive regime, otherwise risking death if not done anonymously. Even universities of law have set such remailer up in respect of the law, ethics and democracy.

    Perhaps there is a jail cell next to Bradly available for these. Naw.... not a chance.... somebody is going to die and that will make it ok.

    What an upside down world we live in... Ready to flip it right side up?

  • Crime (Score:1, Flamebait)

    by DaMattster ( 977781 )
    So, effectively, the FBI has just committed a crime. They have intruded into the server of a foreign company and added a backdoor. I am surprised Austria is not up in complete arms over this. Anonymity in of itself is not a crime so the FBI really behaved egregiously!
    • Re:Crime (Score:5, Insightful)

      by v1 ( 525388 ) on Wednesday April 25, 2012 @10:23AM (#39795231) Homepage Journal

      the problem here is that the US is *known* to be storing ALL email traffic that routes through the united states. Sounds like a daunting task, but there's a reason they have all these big high security data centers all over the place and have "high security rooms" at all the telcos and large ISPs. That traffic gets siphoned off to their data centers for storage for later in case they need it. There's a simple reason why those places have petabytes of storage.

      So there is never a question of "but they'd have to have been watching for that email last week/month/year and it's long since been sent and removed from caches". No. They have it. They have them all, just in case. Watch Enemy of the State. Watch how they pull up satellite footage from hours and days ago. Same principle here, if you can record everything, it works like a time machine. (for the past anyway)

      So yes, busting down a door and taking the remailer keys gives them 100% access to 100% of the traffic that has been sent by that remailer at ANY point in the past where it crossed through a US ISP.

      The truly disgusting part of this is they got the KEYS. Technically all they NEEDED was to hand over the encrypted message to the AU authorities, they break down the door and use the key to decode the message, and turn over the message, then wipe their copy of the key. That would be the "proper" way to do it, not to abuse the system, but instead they handed over the KEYS themselves, and now the US can decrypt truckloads of hard drives of emails that they have NO business having access to. That is the true crime here. It's like having a legal reason to subpoena a safe deposit box at a bank, and the bank hands them over a master key that opens every box in the vault and lets them look through anything they want. That's just WRONG.

      Every time someone sends a bomb threat they can pull this stunt, it's like christmas over at the NSA, "we got another key! lets see what goodies we can find!" Talk about an incentive for abuse... Normally I don't go "tinfoil hat" on things, but THIS is actually an instance where I could start to buy into someone suggesting the NSA/etc forging a bomb threat just to get access to another random footlocker of encrypted data they want a peek at.

      • by OzPeter ( 195038 )

        Technically all they NEEDED was to hand over the encrypted message to the AU authorities

        But what would the Australian authorities be doing with an Austrian server?
         
        When will people learn that .AT has the mountains and .AU has the kangaroos?

      • So yes, busting down a door and taking the remailer keys gives them 100% access to 100% of the traffic that has been sent by that remailer at ANY point in the past where it crossed through a US ISP.

        It also gives other remailer operators a chance to reissue their keys and destroy the old keys -- which is basically what needs to happen when you have an agency going around demanding disc images like this. I am not aware of this happening, though.

      • Do they really store ALL email traffic, or just profile and store from selected accounts?
        The 3GB of mails from my GMail consisting of newsletters and college projects, and millions of other accounts like mine: arent they essentially useless and a waste of space for them?
        • Re:Crime (Score:5, Interesting)

          by Anonymous Coward on Wednesday April 25, 2012 @11:28AM (#39796237)

          Do they really store ALL email traffic, or just profile and store from selected accounts? The 3GB of mails from my GMail consisting of newsletters and college projects, and millions of other accounts like mine: arent they essentially useless and a waste of space for them?

          Suppose you had a yottabyte of disk storage. 3GB isn't just a drop in the bucket, it's not even a grain of sand at the beach.

          Car Analogy: Most of us break the odd traffic law every now and then. Very rarely, does anybody get caught. At the instant Officer Friendly pegs you on radar doing 35 in a 30 zone, he'd very much like to be able to check your driving history. If there were a giant database of everyone's GPS logs, he could tell whether you were just in a hurry that morning, the sort of driver who usually drives precisely 4 (or 9) miles an hour over the posted speed limit, or if you do 120 in a 60 zone whenever there aren't any cops around. If Officer Friendly had access to that data, he'd be better able to judge whether or not to pull you over.

          For speeding, it's not worth logging the movements of every car and correlating them with local speed limits at the time the log was written.

          For other things, it probably is.

          From NSA's point of view, right now your gmail account is noise. But everyone's political views change over time as a natural part of the process of growing up. Sometimes things go wrong, and perfectly normal people who hold perfectly normal views turn into monsters. There's a 99.99999% probability that you're not one of them. But for the sake of 3 lousy gigs out of a yottabyte, there's a 100% chance that someone's 3GB of noise will contain signal.

          Since they don't posess a time machine that can peer into the future, they don't, and can't, know whose 3GB-of-noise will eventually contain a signal 20 years from now. But 20 years from now, they will have a time machine that can peer back 20 years into the past.

          • by Jeng ( 926980 )

            Problems with that sort of data mining is the enormous amounts of information one would have to store to hopefully have some information that is helpful, and you don't always know what is going to be helpful.

            As an example I have stated in numerous topics that there are few prominent people I would like to see shot, therefor it makes sense for the government to then begin logging all my posts with the thinking that if I did plan on doing something or I did something already they would already have a case aga

          • From NSA's point of view, right now your gmail account is noise. But everyone's political views change over time as a natural part of the process of growing up. Sometimes things go wrong, and perfectly normal people who hold perfectly normal views turn into monsters. There's a 99.99999% probability that you're not one of them. But for the sake of 3 lousy gigs out of a yottabyte, there's a 100% chance that someone's 3GB of noise will contain signal.

            And this is what is wrong with America. People will go t
      • Send all your data through the US email system then if you have a catastrophic loss you can just use a freedom of information request to get a copy of your data!
      • by flonker ( 526111 )

        There is a simple solution to this. Encrypt each connection to a remailer using an authenticated transient key. Something like SSL. I don't know if it's being done or not, but it seems pretty obvious, and it definitely protects against eavesdroppers gaining the key and decrypting past messages.

    • So, effectively, the FBI has just committed a crime. They have intruded into the server of a foreign company and added a backdoor. I am surprised Austria is not up in complete arms over this. Anonymity in of itself is not a crime so the FBI really behaved egregiously!

      They did neither. The Austrian authorities, at the request of the FBI and in compliance with international agreements, created a bit copy of the hard drive. The whole point of a whole disk copy like that is that you DON'T access the original, and therefore can't compromise the evidence or lose/overwrite files/properties. There's no proof of any backdoor being installed, the admin just said that since they had the server they could possibly installed one.

    • Re:Crime (Score:4, Informative)

      by bws111 ( 1216812 ) on Wednesday April 25, 2012 @10:32AM (#39795395)

      Couldn't even bother to read the first paragraph of the article, eh?

      Today, the police arrived with a court order that allowed them to
      create a forensic disk image of the austria remailer. This apparently
      was on request of the US authorities, related to the Pittsburgh bomb
      threats.
      (emphasis mine)

      It was the Austrian police who had a valid court order who 'intruded'. As for the 'added a backdoor':
      Depending on how paranoid you are, you may assume the machine is
          backdoored, since the authorities have had access.

      Doesn't say the FBI ever had access. Doesn't say there IS a backdoor, just that if you're paranoid yo umay assume there is one.

      • by Raenex ( 947668 )

        Couldn't even bother to read the first paragraph of the article, eh?

        THIS... IS... SLASHDOT!

    • by dave420 ( 699308 )
      The Austrians did it, and they didn't install a backdoor. So basically you're crying about something that didn't happen.
  • Comment removed based on user account deletion
    • include could the FBI briing a rogue remailer online using the image?

      How would the image help them? The FBI can set up a honeypot remailer any time they want, with or without the secret keys of another remailer.

      why wasnt full disk encryption used in this case to store the private keys?

      Elsewhere in the thread the operator stated that had WDE been in use, he would still have given the police his key. Why would a remailer operator allow himself to be arrested just to protect strangers?

      in my opinion everything from the case fans to the bolts in the mounting rails on this server are now tainted. Sell it on ebay and build a new one.

      That is why the system cannot just be rebuilt overnight; parts must be procured, software must be obtained from a trusted source, etc.

  • by Anonymous Coward

    According to the link discussion, this came about as the result of a Pittsburgh bomb threat, as authorities try to trace the original sender.

    Copying a whole hard disk seems a bit much. Especially since it's a foreign country. I guess if it were US, they would sieze the hardware instead. Still, I have to wonder about collateral data that went through that remailer. Say they find something unrelated but illegal. Jurisdiction go out the window here, or is the US really the gonna be world cop for the Internet?

  • by Anonymous Coward

    I hope others here and around are helping do their part, sending meaningless noise messages through the reamailer networks.

  • When I read the summary ("... forensic image of the hard disk"), I pictured an agent standing over a server taking a photo of the HDD (with a Polaroid camera).

    Nothing would surprise me after reading this [slashdot.org].
  • "I'll be back!"

    Life imitates art, because when he came back, he was pwnd by Connor.

  • by realxmp ( 518717 ) on Wednesday April 25, 2012 @11:23AM (#39796139)
    If we're going to trust these remailers then we need to do things properly. Key goes into the crypto processor, never comes out. Means someone can't just seize your server and image it then use that image to decrypt all traffic that passed through. If they want to try and get it out, fine but they'll need a guy with an Electron microscope to do so and they'll likely trip the tamper measures and bye bye key. If you're particularly paranoid you can even destroy your copy of the key once you've loaded it, this might mean changing your key if you have to move servers but it means that the service you offer is truly tamper evident. Plus you also have the added bonus that a dedicated hardware security module is usually quicker than your processor at doing encryption/decryption.
    • ...or, to avoid 'specialist' hardware (and thus bring it into the realm of a $10/month VM), would it be possible for the machine to boot up and wait for a key to be sent to it, which it would store only in RAM?

      This idea suggests it might be possible for the FBI to nab a server and actually get nothing at all. If they had some way to breakpoint the system and read the RAM then presumably they'd get everything though (which the crytpo chip wouldn't be vulnerable to).

      This method also means it would be possible

  • by Anonymous Coward
    Can I send in a FOIA request to get back that important email that I lost last week when my hard drive failed?
  • by Githaron ( 2462596 ) on Wednesday April 25, 2012 @11:27AM (#39796213)
    While I realize this was not a US server, I am curious. Can the FBI legally install a backdoor into a US server without a warrant to specifically do so? I would assume not. Of course, I guess that wouldn't keep the FBI from illegally installing a backdoor.
    • Maybe they have a secret warrant [washingtonpost.com]? Maybe they don't have a warrant but intend to retroactively get one in the future by notifying a judge within the next 72 hours [wikipedia.org]? Since 911 we are living in Jack Bauer land. Better hope the Good Guys never lose their moral compass.
      • by Thing 1 ( 178996 )

        Since 911 we are living in Jack Bauer land. Better hope the Good Guys never lose their moral compass.

        IIRC near the beginning of season 2, Jack Bauer killed a suspect in custody. I think the good guys lost their moral compass years ago... (Besides, what "good guys"? The government is just the last thug standing.)

  • For private communication use postal mail.
  • If remailers are getting taken down because authorities want images of their hard drives, what about just giving that to them? Pre-emptively? The hard drives should have nothing revealing on them, I think. Is that your understanding, too? If so, then remailers could continue to operate despite law enforcement investigation.

    The sticking points I see:

    • thermal freezing of RAM for memory recovery may make physical confiscation still desirable
    • the attackers may not believe the accuracy of your hard drive cont
  • Why not try and induce a mass media frenzy that can focus on twhen the FBI has found leaks, and compromised particular networks, specifically the ones that are responsible for the worst spam. Then attach all sorts of fake info about busts, raids, etc...and that they are looking for more of the individuals associated through C&Cs and will use the ip list to track them down.

    This would lead to all or any of the people using the C&C to stop right away for fear of getting caught and laying low until it t

If all else fails, lower your standards.

Working...