Insight On FBI Hacking Ops 137
New submitter krakman writes "The Washington Post has an interesting story about how the FBI can investigate and collect details from computers over the net, without knowing anything about the computer location. Here's an example of the FBI's network investigative techniques: 'The man who called himself "Mo" had dark hair, a foreign accent and — if the pictures he e-mailed to federal investigators could be believed — an Iranian military uniform. When he made a series of threats to detonate bombs at universities and airports across a wide swath of the United States last year, police had to scramble every time. Mo remained elusive for months, communicating via e-mail, video chat and an Internet-based phone service without revealing his true identity or location, court documents show. ... The FBI’s elite hacker team designed a piece of malicious software that was to be delivered secretly when Mo signed on to his Yahoo e-mail account, from any computer anywhere in the world, according to the documents. The goal of the software was to gather a range of information — Web sites he had visited and indicators of the location of the computer — that would allow investigators to find Mo and tie him to the bomb threats. ... Even though investigators suspected that Mo was in Iran, the uncertainty around his identity and location complicated the case. Had he turned out to be a U.S. citizen or a foreigner living within the country, a search conducted without a warrant could have jeopardized his prosecution. ...But, [a court document] said, Mo’s computer did send a request for information to the FBI computer, revealing two new IP addresses in the process. Both suggested that, as of last December, Mo was still in Tehran.'"
now Mo is famous (Score:3)
Re: (Score:1)
Fame brings mo money.
paragraph (Score:3)
seriously? (Score:2)
Re: (Score:2)
If only Faulkner had such critics.
So VirtualBox to the rescue? (Score:3, Funny)
Also can't shake the image of Moe Sizlack, the Simpson's bartender, muttering to himself as he sends off the next faux threat.
Re: (Score:2)
Or if he had any skill at all he'd have cracked another computer and bounced all the traffic through the zombie.
And now the world has an example of FBI virus to dissect.
Couldn't the FBI just ask Yahoo! for the IP address of the account that sent those messages?
Re: (Score:2)
Re: (Score:2)
I don't have that much faith in the FBI. If anything, the ease with which they can gather as much data as they do would indicate that they just aren't very good at targeted objectives.
In which case he'd have the same results using Tor. And that takes a lot less skill.
Instead, if he had any competency he'd be
Re:So VirtualBox to the rescue? (Score:4, Insightful)
Couldn't the FBI just ask Yahoo! for the IP address of the account that sent those messages?
I have one question (well, OK, lots of them, but meh).
Why the *hell* are we asking a domestic LE agency, the FBI , about this instead of the foreign data/signals intelligence agency, the damned NSA that supposedly exercises all this surveillance apparatus abusing everyone's 4A rights just for such foreign threats?
Really, WTF?
It seems like the FBI is chasing foreign enemies while the NSA is data-mining the shit out of the domestic population.
Some kind of kinky "role-reversal play' among government agencies?
Or a clear indication of who they believe is the real threat to their goals of more power, control, and wealth?
Strat
Re: (Score:3)
I couldn't agree more.
Perhaps we are seeing a domestic LEA heading being used for a much larger apparatus though. I mean if the FBI contracted with private entities, it still would be considered the FBI doing it. So if the FBI said to the NSA or CIA, we have this domestic issue but it appears to be originating from overseas and the NSA steps in to do the dirty work, it could still be claimed that the FBI did it just like if they contracted with some private company.
But as it appears, we wouldn't know if the
Re: (Score:2)
Some kind of kinky "role-reversal play' among government agencies?
I imagine it's more some turf war / battle over budgets.
Remember back in in 2008, when the FBI wanted the right to monitor all internet traffic [cnet.com] ("The surveillance should include all Internet traffic, Mueller said, whether it be .mil, .gov, .com--whichever network you're talking about.")? Apparently the NSA got an even bigger budget for that project than the FBI did [wikipedia.org], and I imagine the FBI's been jealous ever since.
Ever since news about how guys like Chalabi would play the State Department, Pentago [salon.com]
Re: (Score:2)
The FBI is, in theory, suppose to investigate any crimes on US soil that are not under state jurisdiction. As the bomb threat was made across state lines, that makes it a crime for the FBI to be concerned with.
I wouldn't be at all surprised if this was a 'parallel construction' situation - the NSA helped with the tracking, but asked that their involvement be kept unofficial.
The NSA isn't suppose to be involved in law enforcement, but the lines are always hazy. Especially these days. A lot of things that wou
Re: (Score:1)
...Why the *hell* are we asking a domestic LE agency, the FBI , about this instead of the foreign data/signals intelligence agency, the damned NSA..
Really? FBI is for domestic stuff, supposedly ONLY. NSA is simply for secret stuff. Foreign or domestic, they're your guys for encryption/decryption and other secrets. CIA is for foreign stuff, supposedly ONLY.
The CIA should be involved in this one. Have them find the little guy, send a drone in and no more problem. It'll be a blast!
Re: (Score:3)
This is why warrantless searches are OK! (Score:1, Insightful)
"Had he turned out to be a U.S. citizen or a foreigner living within the country, a search conducted without a warrant could have jeopardized his prosecution"
It is almost like there's no possible way they could get a warrant on this guy, right? So, clearly, this is just another example of why the government can completely ignore the 4th amendment for your own protection. Requesting a warrant is WAY harder than writing and distributing a complex piece of malware such as is described and might have slowed the
Axis of evil, again (Score:1)
I guess people started to forget that Iran is the arch-nemesis of the entire free world. An article to the rescue, about how the infinitely wise and well prepared TLA saved the day by outsmarting a dumb terrorist who is hiding in the darkest corner of the most dangerous country in the world. (No, that's not Chicago, if you wonder.)
Re: (Score:3)
If Iran is the kind of arch nemesis the Free World gets nowadays, why is everyone so worried?
Re:Axis of evil, again (Score:5, Insightful)
Right, like what has Iran ever done to the US and the West, anyway?
I mean, besides supplying training, logistical and intelligence support, safe refuge, and munitions to jihadists that kill US troops in Iraq & Afghanistan, and launch terror attacks and suicide bombings there and elsewhere against civilians including women and children, as well as military.
Oh, and grab Western tourists and hold them hostage.
Oh, and that little US embassy kerfluffle back in Jimmy Carter's administration that he handled so deftly.
But really, that's all ancient history. Has no bearing whatsoever. Why wouldn't we trust any diplomatic agreements or treaties made with them? Never mind there are Iranian officials openly mocking the idea of Iran actually obeying any meaningful restrictions to their nuclear ambitions in the recent "agreement" touted in the news and mocking the West for our stupidity to believe they would honor any such agreements.
That at the very least will cause Saudi Arabia and any others that possibly can to acquire nukes, and if the 13-Imam nut-cases in leadership positions in Iran like Ahmadinejad attempt or actually do nuke Israel, the entire world will explode in conflict, as I'm sure Israel will launch at least one wave of nukes in retaliation before the Iranian nukes clear their launch-towers.
Strat
Re: (Score:3)
For those who don't know, the 13-Imam nut-cases believe in sort of a second coming of Christ type event when the world is embroiled in conflict and chaos that will destroy all infidels and bring the world back in line with Islam to create a paradise on earth situation. The scary part we should note is that some of these people think if they help the world go into chaos, it will hasten the return or appearance sort of like forcing the second coming of Jesus.
An no, you do not have to believe in any God or rel
Re: (Score:1)
The scary part we should note is that some of these people think if they help the world go into chaos, it will hasten the return or appearance sort of like forcing the second coming of Jesus.
Interestingly, they believe that Jesus himself will return to aid the 12th Imam (aka the Mahdi) at the Final Battle. So the Iranians are working towards exactly the same goal as the Americans. That's the scary part.
Re: (Score:3)
I'm not sure I have ever seen Americans trying to force the second coming of Christ. Could you provide some examples? I do know there are some who think the chaos in the world is signs of the tribulations and will end with the second coming and they welcome that but none that I know of who take the position that they can make it happen.
You see, one would be ancillary to the other as in if it happens, I will be happy. The other seems to think they can make it happen and they will be happy. A big difference j
Re: (Score:2)
Pat Robertson [patrobertson.com]
Actually working to immanentize the eschaton is supposed to be unChristian, according to most denominations. But there is a significant Dispensationalist movement in the US that can hardly contain its glee when US or Israeli actions seem to fulfill one of their prophecies.
Muslims, you may not be aware, believe Jesus is the second most important prophet and also revere all the Old Testament fortune-tellers.
Re: (Score:2)
Is this a joke? This sounds exactly like what Borne Again Christians, including George W. Bush believe in.
Re: (Score:3)
It is not exactly the same. The difference is between something like that happening and being able to make it happen or encourage it to happen. I don't know of any christian groups that think they can do anything to make it happen where the 13th Imam groups believe if there is enough chaos in the world, it will force it to happen and by creating the chaos they can aid in it.
Outside that, yes, it is very close.. But this shouldn't surprise anyone. Islam is more or less a contrived version of Judaism or the c
Re: (Score:3, Insightful)
The US could turn virtually every major urban area of Iran into radioactive craters, could wipe out most of its navy and air force in 48 hours and likely most of its anti aircraft capacity in pretty short order as well.
When I think of major threats I think of Japan in WWII or the USSR during the Cold War.
Re:Axis of evil, again (Score:4, Informative)
The US could turn virtually every major urban area of Iran into radioactive craters, could wipe out most of its navy and air force in 48 hours and likely most of its anti aircraft capacity in pretty short order as well.
Which won't stop or deter them at all.
When I think of major threats I think of Japan in WWII or the USSR during the Cold War.
Which tells me you haven't learned enough history or enough about the people we're talking about that control Iran, and their history & beliefs.
We're talking religious zealot nut cases that think dying for their deity is glorious and expected.
They don't have to strike the US. Just Israel.
Israel will launch a retaliatory nuke strike. The Persian Gulf will likely become blocked/blockaded or simply too dangerous along with the Suez Canal. Then, the whole region falls into chaos and anarchy, followed by the major powers going to war for power, ideology, and resources while the world economy and the US Dollar/US economy collapses.
Strat
Re: (Score:3)
We're talking religious zealot nut cases that think dying for their deity is glorious and expected.
ooohh... Sounds scary, until you realize it is basically the same thing as patriotic nutcases that think dying for their country is glorious and expected.
Re: (Score:2)
"Basically the same thing"?
Really?
So then, can you remember the last time a US soldier screamed "Praise Jesus!" before detonating a suicide vest among civilians including innocent women and children?
Yeah, me either.
You seem to have reached your fecal-matter capacity limits on that one.
Strat
Re: (Score:2)
I'm pretty sure I remember US military personnel detonating bombs among civilians including inncen women and children, to "protect" the United States and the Constitution...
As others have mentioned, the US has enough resources that they don't have to resort to suicide bombing tactics. But, personally, I'd ask for what cause the ground troops in Iraq died for. It may upset you Americans, but honestly IMHO they were "patriotic nutcases that think dying for their country is glorious and expected", AND they kil
Re: (Score:2)
I'm pretty sure I remember US military personnel detonating bombs among civilians including inncen women and children, to "protect" the United States and the Constitution...
Be sure to let me know when the US military employs suicide bombs/vests in places of worship, malls, schools, etc, throws acid in schoolgirls' faces for daring to learn to read, or publicly stones gays/lesbians to death.
Then you might have a point.
False equivalency is not a point. It's intellectual dishonesty and disingenuous in the extreme. Hitler had ovens and so did/do we. That did/does not make us equally as evil as Hitler or equally guilty of committing or planning to commit mass genocide.
Strat
Re: (Score:3)
Black people are a minority therefore they cant possibly be racist! only people with "white privilege" can be racist.
sadly being in the majority now seems to mean more restrictions
Re: (Score:2)
The poster is right. Iran is a threat, but not an existential threat. There's no possibility of them actually seriously destroying the US. Even if they did manage to make a nuclear bomb, they'd get smacked down so hard in that war the place would glow in the dark.
They can still pose a threat to US interests (the main US interest in that region being cheap, reliable oil). They could still kill a lot of people. They could still cause economic chaos. But when the dust settles, the US will be right there. Mayb
Re: (Score:3)
That all depends on what type of war they intend to fight in Iran. The one described is not the same that was fought in Afghanistan so your comparison is moot.
We have not fought a war of annihilation like WWII since then. Every war we have been involved with has always attempted to preserve resources for future use by factions within the waring country. That's a lot different then trying to conquer a nation. When you are willing to go Sherman on them and burn a trail to their capitol or bomb every single fa
Re: (Score:2)
Re: (Score:3)
I mean, besides supplying training, logistical and intelligence support, safe refuge, and munitions to jihadists that kill US troops in Iraq & Afghanistan, and launch terror attacks and suicide bombings there and elsewhere against civilians including women and children, as well as military.
Citation needed for _all_ these things, seriously.
Oh, and grab Western tourists and hold them hostage.
Oh, and that little US embassy kerfluffle back in Jimmy Carter's administration that he handled so deftly.
Bu
Re: (Score:2)
1953 coup and the subsequent torture chambers just flushed down the memory hole, eh?
Re: (Score:2, Interesting)
Could be that the reason some Iranians dislike the US is because we along with Britan kind of overthrew their democratcially elected prime minister Mossadegh back in 1953 and imposed the Shah.
Re: (Score:1)
Could be that the reason some Iranians dislike the US is because we along with Britan kind of overthrew their democratcially elected prime minister Mossadegh back in 1953 and imposed the Shah.
No.
Mossadegh was never elected, he was appointed by the Parliment after the previous guy got shot. There was an election which he himself halted partway through, but he was never "Democratically Elected" like you (and many others) claim.
A lot of people also seem to think that the US somehow appointed the Shah, which is also not true. The Shah had been fighting with Mossadegh (and others) internally for years, and continued to do so after Mossadegh was removed.
So the result was the Shah was a complete dick a
Re: (Score:1)
Right, like what has Iran ever done to the US and the West, anyway?
I mean, besides supplying training, logistical and intelligence support, safe refuge, and munitions to jihadists
If that's true, how is it any worse than when the US supplied training, logistical and intelligence support, safe refuge, and muitions to jihadists? Or was that ok because then the media called jihadists freedom fighters, but now that the media calls them terrorists, despite their beliefs and acts remaining the same, it is not ok anymore? Or could it be there is a double standard? That'd explain how when Iran, a country that has not started a war for many years now (something that can't be said of their adv
Re:Axis of evil, again (Score:4, Interesting)
I mean, besides supplying training, logistical and intelligence support, safe refuge, and munitions to jihadists
Remember Iran-Contra [wikipedia.org]? Oh those evil Iranians, arming rebels and fomenting insurrection abroad.
But really, that's all ancient history.
Love picking at that scab, don't you? How were we getting along with Germany 32 years after our little kerfuffle with the Nazis? Did we stay this pissed off with them? Or is it a racial/religious thing?
That at the very least will cause Saudi Arabia and any others that possibly can to acquire nukes,
Muslim forces already have nukes. In fact, the same people who gave shelter to bin Laden. And I haven't heard a peep out of them. So perhaps the 'nutcase Imams' are a bit more level headed than you give them credit.
Re: (Score:2)
Maybe the imams are just doing what any other politician does: Ramping up the rhetoric to tell the people what they want to hear in public.
It's aways hard to tell with politicians what they actually believe, and how much is a lie to ensure their popular support. Imams may be religious leaders, but really that's just another type of politician.
Re: (Score:2)
Point taken? What about Viet Nam?
Re: (Score:2)
Nelson - Gotta nuke somethin'
Re: (Score:2)
Not much was saved that day ..... From TFA:
Yahoo! Custom! Spyware! Embed! Service! (Score:4, Insightful)
Re: (Score:1)
Re: (Score:2)
Before jumping to conclusions, keep in mind that they also could've taken advantage of the NSA's QUANTUM infrastructure to perform a packet injection and redirect the target's browser to a malicious copy of the site. See this article [schneier.com] for more information about how that would work.
Fan club (Score:4, Informative)
The FBI has been able to covertly activate a computer’s camera — without triggering the light that lets users know it is recording — for several years, and has used that technique mainly in terrorism cases or the most serious criminal investigations
... and in LoveINT [go.com] cases too. If noone watches the watchers they will become stalkers too.
Re: (Score:2)
It would be interesting to know what remote admin tool they are using.
The summary (Score:2)
Maybe it's because of how I have my settings, but the summary shows up as one big giant block of text. How is this readable?
Re: (Score:3)
Hmm, that's odd. Seems fine to me. On second evaluation, it seems my ocular preprocessor automatically inserts paragraph breaks when encountering an ellipse...
"The Washington Post has an interesting story about how the FBI can investigate and collect details from computers over the net, without knowing anything about the computer location. Here's an example of the FBI's network investigative techniques: 'The man who called himself "Mo" had dark hair, a foreign accent and — if the pictures he e-mailed to federal investigators could be believed — an Iranian military uniform. When he made a series of threats to detonate bombs at universities and airports across a wide swath of the United States last year, police had to scramble every time. Mo remained elusive for months, communicating via e-mail, video chat and an Internet-based phone service without revealing his true identity or location, court documents show.
The FBI’s elite hacker team designed a piece of malicious software that was to be delivered secretly when Mo signed on to his Yahoo e-mail account, from any computer anywhere in the world, according to the documents. The goal of the software was to gather a range of information — Web sites he had visited and indicators of the location of the computer — that would allow investigators to find Mo and tie him to the bomb threats.
Even though investigators suspected that Mo was in Iran, the uncertainty around his identity and location complicated the case. Had he turned out to be a U.S. citizen or a foreigner living within the country, a search conducted without a warrant could have jeopardized his prosecution.
But, [a court document] said, Mo’s computer did send a request for information to the FBI computer, revealing two new IP addresses in the process. Both suggested that, as of last December, Mo was still in Tehran."
Say what you will about the build quality, gotta love the extra features they pack into cheap Chinese hardware. Now if I can just figure out how private pics of my GF keep ending up online...
Riiiight (Score:2)
The FBI’s elite hacker team designed a piece of malicious software that was to be delivered secretly when Mo signed on to his Yahoo e-mail account, from any computer anywhere in the world, according to the documents.
This is a bit movie-like and shouldn't generally be technically possible. Is there some misreporting in the article, or what?
Re:Riiiight (Score:4, Insightful)
Well, either they emailed him a trojan and are trying to make it sound fancy, or Yahoo was letting them run exploits on the mail site targeted at specific users. Probably the former, but the latter is technically possible and wouldn't surprise me considering all the companies that have bent over for the government surveillance machine so far.
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
It's possible they had Yahoo's help: 'When this user logs in, sneak this malicious HTML onto the page.'
Then all you need is a browser exploit, and there are plenty of those around.
There is something wrong here (Score:1)
who would call himself Mo? I don't think an Iranian or any native Muslim would choose Mo.
It's an insult to the name Mohammad, and a common American shortening of that name.
I'd more happily expect that "Mo" to be a kid from Cleveland.
Re: (Score:2)
Why would that be surprising for a Muslim to not follow what you think he should do as a Muslim? Anyone born into any complex organised system of doctrine, is prone to follow the tenants less than 100% of the time.
Re: (Score:2)
As the contents of Osama's layer revelaed, even someone as fanatical as him didn't. There is the person we project to the outside world, and the person we really are. Seldom are the two the same person.
Re: (Score:2)
Re: (Score:2)
Half the population of many muslim countries are named Mohammed. It's such a common name, they have to use an extended middle name in order to tell who they are talking about. They wouldn't consider it offensive.
Another Ministry of Propaganda piece. (Score:1, Interesting)
WTF is point of this article?
So many details, stories about asking for court order when it was reported that agency ignored 1000 times similar requests in the past.
Iran is bad so drums get louder and louder again. So pathetic.
The Next Level (Score:2)
So the FBI exploited Yehoo email? (Score:2)
Or did Yahoo allow the FBI to compromise their system and allow the FBI to access the mailbox, read though the emails and get an idea on who to send the trojan from so the would open the email.
Well either way Yahoo has compromised mail servers or they allow the FBI to do as they wish with the Yahoo system.
Re: (Score:2)
Or maybe they just got a warrant from a judge.
In fact if you were to read TFA it says:
"A federal magistrate in Denver approved sending surveillance software to Moâ(TM)s computer last year."
We need a new kind of razor for this....
Never attribute to extra-legal snooping by government agencies that which can be done with a simple legal warrant.
#Do Not Edit: Script automatically generated. (Score:2)
#!/bin/bash
echo "127.0.0.1 mail.yahoo.com" >>
Warrant? No. (Score:1)
Warrant? No. Fire them yesterday.
"Even though investigators suspected that Mo was in Iran, the uncertainty around his identity and location complicated the case. Had he turned out to be a U.S. citizen or a foreigner living within the country, a search conducted without a warrant could have jeopardized his prosecution."
Re: (Score:3)
You don't need a warrant for people in other countries. US law only covers US persons and foreign persons on US soil/territory. FISA is generally what covers foreigners and to that extent, only when US persons are involved needs a warrant.
Re: (Score:1)
If America was a civilized country, they would colaborate with foreign police in foreign countries, the way police in civilized countries does, rather than ignore the laws of other countries and treat them like lawless territories.
Re: (Score:2)
They do to some extent. However, which exact country should the government work with when they do not know the exact location or country of the foreign person under investigation?
As for spying on foreigners, most of the spying is done on countries that are enemies, potential enemies and those in positions to aid them. While it is true that some spying happens on allied countries, is it better to find out you are being betrayed by an ally before or after they betray you? Working with those countries would so
Re: (Score:2)
You are right. I took the context of how they solved the issue to be part of the bigger picture of government spying though.
According to the a
Re: (Score:1)
The spyware was installed on a computer in Iran. If installing spyware is illegal in Iran (as it would have been in the USA absent a warrant), then the FBI has commited a crime.
What does that say about the leaders in the USA that they went to war with Afghanistan because of a crime commited in the USA?
Re: (Score:2)
Prosecution?
When does the US bother with prosecution for suspected terrorists? They'd just disappear him to a prison that doesn't officially exist somewhere.
Iranian! (Score:2)
Why is every team elite? (Score:2)
All of 'em? Really?
Re: (Score:1)
Second-time submitter krakman writes:
spin-doctoring (Score:2)
expect to see a lot more of these "See, privacy invasion is good for you" articles. Their purpose is to "prove" that all this spying and data collection helps catch some very naughty people in icky foreign countries. some of them with really bad accents or even terrible mustaches (aka "proof of evil").
Lets think about this (Score:2)
Terrorist want to cause widespread fear and panic in the US population. So why the Iranian military uniform? I'd be wearing an NFL fan sweatshirt (different cities team for every broadcast) and use a nondescript Starbucks as a background. So the assumption is that he's in country already and Homeland Security goes to code red.
The Iranian uniform and Iranian IP indicates that he's still at home and just stirring the pot. But both the uniform and the IP are easy to spoof. And an Iranian officer would be risk
Mo's wanted high and low (Score:2)
Remote FBI computer investigations? (Score:2)
Don't you mean the Post has an interesting story about how easy it is to remotely hack a Windows computer over the Internet, in this case by opening a contaminated email attachment.
Re: (Score:1)