FBI Dad's Misadventures With Spyware Exposed School Principal's Child Porn 346
nonprofiteer writes "This is a crazy story. An FBI agent put spyware on his kid's school-issued laptop in order to monitor his Internet use. Before returning the laptop to the school, he tried to wipe the program (SpectorSoft's eBlaster) by having FBI agents scrub the computer and by taking it to a computer repair shop to be re-imaged. It somehow survived and began sending him reports a week later about child porn searches. He winds up busting the school principal for child porn despite never getting a warrant, subpoena, etc. The case was a gift-wrapped present, thanks to spyware. A judge says the principal has no 4th Amendment protection because 1. FBI dad originally installed spyware as a private citizen not an officer and 2. he had no reasonable expectation of privacy on a computer he didn't own/obtained by fraud."
I'm still trying to wrap my brain around... (Score:5, Insightful)
Fraud? (Score:5, Insightful)
Shouldn't the shop that supposedly "re-imaged" it busted for fraud? One also might wonder why an FBI agent is using internal FBI resources to "scrub" a non FBI machine that isn't part of an investigation. Finally, these morons don't know about DBAN???
So now, (Score:3, Insightful)
Every law enforcement parent will install spyware on his kids' school computers and "forget" to remove the spy software.
Two stories here (Score:2, Insightful)
The story enclosed within this one is that (a) the FBI is unable to effectively scrub FBI spyware installed by an FBI agent, and (b) the computer repair shop charged an FBI agent to scrub and reimage a laptop, and then apparently just moved it from the To Do shelf to the Done shelf.
with no warrant (Score:2, Insightful)
a cop kicks a door in and finds pot.
Cop to judge: "I did it as a private citizen!"
Judge: "Ok then. This is admissible."
So, I wonder what would happen to me if I shot that cop busting down my door as a "private citizen"?
It doesn't matter anyway. When it comes to child porn, taxes, drugs or terrorism, you are guilty until proven innocent. Where are the Ben Franklin dressed Teapartiers? Why aren't they out there preaching their message about freedom over this erosion of our liberties? Or it folks are so afraid on being on the side of a consumer of child porn that they won't dare say anything?
Here it is folks the slippery slope and it's happening.
can't wipe a disk? (Score:3, Insightful)
FBI agents AND a computer repair shop couldn't wipe a disk?
Not buying it.
My mind is melting. (Score:4, Insightful)
Re:Defined by their employer... (Score:4, Insightful)
Read TFA -- the Judge made a note of this. The initial report that he got was just him as a father: after that what he was doing was basically being an FBI agent. *However* even though he was, the fact that the computer was essentially stolen meant the guy had no expectation of privacy for it. anyways.
Re:My mind is melting. (Score:4, Insightful)
we're talking about the FBI in Saipan, the U.S. territory of the Northern Mariana Islands. no surprise they wouldn't be cyber experts nor have one, and that the parent would just take a school's laptop to a computer shop for a wipe before returning it to school. not a government computer, not U.S. government concern.
Re:can't wipe a disk? (Score:5, Insightful)
Not all FBI agents are computer wizzes. TFA said that the office he was in had no computer crimes unit which is where the computer wizzes congregate.
And it surprises you that a computer repair shop might not actually do what they say they are going to? Really?
Re:I'm still trying to wrap my brain around... (Score:5, Insightful)
Keep in mind this wasn't exactly the computer specialist division of the FBI, considering he had to take it to a computer repair shop to get them to fix it. TFA says he asked his colleagues, without knowing anything more I'd assume they don't work in the "cybercrime" division. So more like it survive cleaning by some random individuals and a probably-incompetent computer repair shop (Geek Squad or similar, they probably thinking knowing how to use regedit makes them computer "experts".) The FBI as an organization was completely uninvolved.
Re:I'm still trying to wrap my brain around... (Score:5, Insightful)
It was left on deliberately in an attempt to spy on random U.S. citizens and collect data.
More delicious loopholes to exploit left and right!
Re:Two stories here (Score:4, Insightful)
Re:My mind is melting. (Score:5, Insightful)
"The FBI" is not a monolithic thing.
He didn't take it to an FBI technician-- if he did, it'd probably have been cleaned up tight and fast. He took it into his office, where TFA says *they don't have cyber guys*. I.e., he's in some dingy little office without a cyber crimes unit. This doesn't sound implausible at all, the guy's in an FBI office across the Pacific in a US territory, not in Los Angeles.
Then he took it in to a local computer repair shop, and it doesn't at all sound implausible to me that they might have fibbed on just what they did. Instead of re-imagining it, they may have just done a quick scrub of the user settings.
"The FBI" didn't go through a two step process. A guy who is also an FBI agent went through a two step process. Not everything an FBI agent does is with the full force and resources of The FBI.
Re:with no warrant (Score:5, Insightful)
Kicking in a door is illegal as a private citizen and is not something you would expect a private citizen to do. Installing software to monitor his kid's activities is something perfectly legal and well within the realm of what a private citizen might be expected to do. As with many laws, there's a gray area that you have to actually use your brain to determine if something is reasonable or not. There's no slippery slope no matter how much you tilt your head.
Re:I'm still trying to wrap my brain around... (Score:5, Insightful)
Re:Fraud? (Score:5, Insightful)
Shouldn't the shop that supposedly "re-imaged" it busted for fraud? One also might wonder why an FBI agent is using internal FBI resources to "scrub" a non FBI machine that isn't part of an investigation. Finally, these morons don't know about DBAN???
I've been a Slashdotter for 15 years and I had never heard of DBAN until reading your comment and Googling it.
Yea, but do you run a computer repair shop?
If not, it's fair to assume you've never heard of DBAN; however, if your income is based in an industry for whom re-imaging computers is standard practice, having not heard of DBAN is a nigh unforgivable offense (and a damn good reason to avoid your shop in the future).
Re:So now, (Score:4, Insightful)
Every law enforcement parent will install spyware on his kids' school computers and "forget" to remove the spy software.
Wait for the decision in the case. That will say what will or will not happen.
Given your assumption (which is a good one), law enforcement will suddenly declare that nearly ALL findings of anything related to ANYTHING illegal (child porn, money laundering, pro-terrorist crap, some LE's wife cheating on him, etc) were due to "accidental placement and failed removal" of spyware.
Re:with no warrant (Score:4, Insightful)
What's the "legal grey area" answer for installing malware on someone else's machine?
There is none, installing software on a school-provided laptop is legal. At most it is breach of contract if the school has a policy against it, but that is a civil matter.
If there was intent to damage or to spy on someone other than the child, that would be a different matter.
Re:I'm still trying to wrap my brain around... (Score:5, Insightful)
Re-imaging is a kind of factory reset, in this case, to what the school's IT department says is a standard load for these kinds of school computers. Which may also be no special load, just reset Windows to a fresh install.
Generally, though, only Windoew+ whatever the school had would be installed. Executables generally would not be preserved -- that's the point of a reimage. And data preservation probably isn't done unless specially requested, which doesn't include installed executables anyway.
In spite of all this and the nasty subject, I'm still not comfortable giving the spying government official the benefit of the doubt rather than the spied-upon citizen. It is hardly shocking to anyone to suggest he may be lying out his ass.
Re:I'm still trying to wrap my brain around... (Score:5, Insightful)
I find it far more chilling if the FBI knew exactly what is was doing: lying to the judge about having deleted the spying software to set a precedent for doing this wholesale, using a case where the judge would likely be extremely biased in their favor.
Re:I'm still trying to wrap my brain around... (Score:5, Insightful)
A group operating in the FBI that is supposed to know something about computers is CART - Computer Assist Response Team. Now I happen to know that if you take a computer to someone in CART and want them to do something like this it will certainly happen - in about six months when they have a few moments.
The backlog of high priority prosecutions is that deep.
So, do you think this guy got the full attention of someone within the FBI that knew what they were doing for more than two minutes? I doubt it. I don't care if he is in the FBI - there are lots of people in the FBI and most of them don't count for much when compared against current work that someone is waiting for. Sending people to jail is always more important than fixing some colleague's computer.
Breach of chattel and miss use of public property? (Score:2, Insightful)
Re:I'm still trying to wrap my brain around... (Score:4, Insightful)
$ for i in `1 2 3 4 5 6 7`
> do
> echo ${1}
> done
1: command not found
$
Instead, try a Bash loop like this (which is also less typing):
for i in {1..7}
do
dd if=/dev/urandom of=/dev/sda bs=2M
done
I believe something like bs=2M (writing two mebibytes at a time) will significantly speed the process up in most cases.
Re:with no warrant (Score:4, Insightful)
Installing software to monitor his kid's activities is something perfectly legal and well within the realm of what a private citizen might be expected to do.
If the principal had installed spyware, that would be a problem. [slashdot.org] Oh, but it's a private citizen installing spyware on someone elses hardware... oh wait, that's definitely not cool either. [slashdot.org]
It seems the only reason this parent isn't getting a visit from the FBI is because he *is* the FBI. If the guy is installing spyware, he could have remotely installed the porn. The spyware itself could have been the delivery mechanism for all sorts of nasty stuff. He certainly had the means, all he would need is a motive. How do we know the guy didn't have a personal vendetta with the principal? But it doesn't matter... because the principal has already been ruined. Yaaaay! Let's all burn another witch!!