×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

FBI Compromises Another Remailer

Unknown Lamer posted about 2 years ago | from the very-serious-pranks dept.

Privacy 164

betterunixthanunix writes "Another remailer has been compromised by the FBI, who made a forensic image of the hard disk of a remailer located in Austria. The remailer operator has reissued the remailer keys, but warns that messages previously sent through the remailer could be decrypted. The operator also warns that law enforcement agents had an opportunity to install a back door, and that a complete rebuild of the system will take some time."

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

164 comments

wtf fbi (4, Insightful)

X0563511 (793323) | about 2 years ago | (#39794975)

Why the fuck are you intruding into and altering foreign systems? That's not your fucking jurisdiction or job!

Leave that shit to the intelligence agencies, if someone must do it.

Re:wtf fbi (0)

Anonymous Coward | about 2 years ago | (#39795053)

International law enforcement agreements say otherwise....

Re:wtf fbi (1)

Anonymous Coward | about 2 years ago | (#39795061)

The local authorities probably granted FBI access. The FBI didn't walk in by themselves.

It will be interesting to see if remailers work... (3, Interesting)

cayenne8 (626475) | about 2 years ago | (#39797049)

It is going to be very interesting to see if the FBI, can crack through the remailer system, and actually find the person that did this.

I mean, if the person they're after, used the remailer system as it is supposed to work...it "should" be uncrackable and untraceable.

It will be interesting to see the system go through what I have to guess is the first actual hard core test it has ever gone through.

Re:wtf fbi (5, Insightful)

Joce640k (829181) | about 2 years ago | (#39797445)

I think local authorities might have issued a court order requiring a set of messages to be decrypted.

Not too many people have problems with following court orders for genuine criminal investigations. It's the mass-scanning, fishing expeditions they have a problem with.

The old KGB/Stasi bosses must be having a real laugh at the way the USA is acting lately. Read all your mail, demand papers and feel you up before you can travel anywhere, more people in prison than any other country.

Americans used to joke about all that sort of stuff but guess what...?

Re:wtf fbi (-1)

Anonymous Coward | about 2 years ago | (#39795137)

Stupid Americans, bringing down your privacy right worldwide since forever.

Re:wtf fbi (1)

Anonymous Coward | about 2 years ago | (#39795195)

Stupid poster... do you or anyone else really think a whole nation is responsible for the acts of a few? How about we all realize the reason for the world wide protests is due to the common element of simply being damn fed-up with the lying cheating dishonest few who are in command positions to do nothing more than threaten and apply the ignorance of brute force.

Re:wtf fbi (1)

Anonymous Coward | about 2 years ago | (#39795533)

Stupid poster... do you or anyone else really think a whole nation is responsible for the acts of a few?

Last time I checked the U.S. is a democracy and the rest of the world does not consider the U.S. population to be oppressed.
If you don't want the world to hate the U.S. population I suggest that you get your ass up from your chair and try to convince your neighbours to vote for someone who is better than "The lesser evil."
After all, the more people to hate the U.S. the greater is the risk that a few of them are complete nutjobs that are willing to blow themselves up to change things...

Re:wtf fbi (5, Informative)

Mindscrew (1861410) | about 2 years ago | (#39795899)

The U.S. is not a democracy.

The U.S. is a Democratic Republic. Your vote is simply there to elect a representative of "the people". That elected person then votes how they see fit.

Its how easy these elected people can be payed off that's that problem.

Even "your" candidate is most likely being paid by somebody with a lot of money and an agenda.

Re:wtf fbi (-1, Flamebait)

ericloewe (2129490) | about 2 years ago | (#39796037)

You don't make any sense.

Just because you don't vote for your president doesn't mean you're not in a democracy. It's still a democracy.

Even if you voted directly for a certain person, nothing (other than honor and so forth) keeps him/her from accepting a fat bribe.

Re:wtf fbi (3, Informative)

MrLizardo (264289) | about 2 years ago | (#39796769)

In a pure democracy the people vote for *laws* not representatives. That's why the US is considered a Democratic Republic (or a *Representative* Democracy). It has nothing to do with the voting method and *everything* to do with what people get to vote for.

Re:wtf fbi (2, Interesting)

Anonymous Coward | about 2 years ago | (#39797411)

And through partisan gerrymandering and constant corruption, the USA isn't even a representative democracy any more, it's a corporate oligarchy.

Re:wtf fbi (3, Informative)

bravo_2_0 (892901) | about 2 years ago | (#39796313)

You are right that the U.S. is not a democracy but it is NOT a Democratic Republic. It's a Constitutional Republic [wikipedia.org].

Re:wtf fbi (1, Insightful)

Jawnn (445279) | about 2 years ago | (#39796907)

You are right that the U.S. is not a democracy but it is NOT a Democratic Republic. It's a Constitutional Republic [wikipedia.org].

On paper, perhaps. In reality, it is rapidly becoming a fascist republic.

Re:wtf fbi (2, Insightful)

skywire (469351) | about 2 years ago | (#39796081)

You are so naive. Democracy is merely the latest in a line of mechanisms used to legitimize the state in the eyes of its subjects. If one could actually change the policies of the state by "trying to convince your neighbours to vote for someone", then the ruling elite would have to turn to a new legitimization mechanism. One can hardly be held morally responsible for the acts of others over whom one does not exercise agency or coercive influence.

Re:wtf fbi (0)

Anonymous Coward | about 2 years ago | (#39795615)

When those few are elected officials then yes, you as a nation are responsible for putting them in office/letting them stay in office.

While the rest of us who reside in other countries are responsible for electing politicians that cave into US demands that atleast is mitigated by the fact that not caving to US demands means you are risking sanctions or in in extreme cases invasion.

Re:wtf fbi (0)

Anonymous Coward | about 2 years ago | (#39795987)

Stupid poster... do you or anyone else really think a whole nation is responsible for the acts of a few?

Yes, it is.
While I agree with you to a point, the fact remains that the US has used another country's leader's actions or political system to justify invasion countless times.

Accountability works both ways (2)

sirlark (1676276) | about 2 years ago | (#39796681)

In a democracy, just as the government is meant to be accountable to the people, the people are accountable for the government they choose. Democracy doesn't stop at the ballot box. This is something noone seems to get. Why does everyone hate Americans? Because of what their government does. And they keep on putting assholes in charge. Sure, not every American voted the same way, but as a democracy you (theoretically) have the power as a population to stop bad laws from being passed, and to stop bad actions from being taken... In general, people don't. It's called tacit consent. Bitch and whine all you want, and say you voted for the other guy, but you are implicitly condoning the actions of your government until you actively protest against them, either within the law (writing letter to your representatives, legal protests) or outside the law (civil disobedience).

Re:wtf fbi (-1)

Anonymous Coward | about 2 years ago | (#39795141)

IF they really did hack in to these servers then what difference does it make which organization did it? Somebody was going to get the data because the system itself was insecure.

Re:wtf fbi (5, Informative)

hendridm (302246) | about 2 years ago | (#39795177)

If you read the thread, it was Austrian authorities that took the image at the request of U.S. authorities.

Re:wtf fbi (3, Informative)

X0563511 (793323) | about 2 years ago | (#39795257)

If that's true, I don't understand how this (from the summary above) is possible: "The operator also warns that law enforcement agents had an opportunity to install a back door"

Unless they just installed the backdoor into their image, for some reason. They would have had to have access to the live system to do this part.

Re:wtf fbi (4, Informative)

Anonymous Coward | about 2 years ago | (#39795315)

Austrian Law Enforcement took a disk image, meaning they had direct access to the server. The Austrian's did this at the behest of the FBI. So yes, law enforcement could have installed a backdoor while they had access.

Re:wtf fbi (4, Informative)

betterunixthanunix (980855) | about 2 years ago | (#39795331)

Read the post; they did have access to the live system. The operator does not think it is likely that a backdoor was installed, but as a security precaution has indicated that the system will eventually be rebuilt (probably with new keys issued).

Re:wtf fbi (5, Informative)

a90Tj2P7 (1533853) | about 2 years ago | (#39795413)

They didn't. No one did. The admin just told everyone "Depending on how paranoid you are, you may assume the machine is backdoored, since the authorities have had access".

Re:wtf fbi (3, Funny)

Anonymous Coward | about 2 years ago | (#39795325)

ASSISTANCE REQUEST

To: Federal Bureau of Investigation
From: Sealand Government

Please provide us soonest with hard drive images of the MegaUpload servers and RAID configuration parameters.

Thank you.

Re:wtf fbi (0)

Anonymous Coward | about 2 years ago | (#39795333)

Why the fuck are you intruding into and altering foreign systems? That's not your fucking jurisdiction or job!

Leave that shit to the intelligence agencies, if someone must do it.

One word for you J. Edgar Hoover. [wikipedia.org] FBI's been out of control since day 1.

Re:wtf fbi (1, Informative)

Anonymous Coward | about 2 years ago | (#39795439)

1) Read the link first before freaking out. Austrian police did it at the request of the FBI.
2) While there are no details about why this occurred, the owner of the remailer suspects it has something to do with the bomb threats that have been happening for weeks now at the University of Pittsburgh. These threats are being delivered through the remailers and it would appear they hope to find information that might lead them to the individual responsible. In that case, this isn't a unilateral action to see what crime they can sniff out, but rather part of an active criminal investigation.

I'm not necessarily defending what the FBI is doing, but this article doesn't do much more than invoke FUD in the /. reader base by not elaborating.

Another question (1)

Anonymous Coward | about 2 years ago | (#39795017)

Did they manufacture any "evidence" in the process?

Re:Another question (4, Informative)

Jeng (926980) | about 2 years ago | (#39795045)

The remailers are not the target, it's users are.

Re:Another question (0)

Anonymous Coward | about 2 years ago | (#39795233)

Did they manufacture any "evidence" in the process?

The remailers are not the target, it's users are.

Never suggested they were or weren't. Just because this isn't J. Edgar Hoover's FBI any more doesn't mean it doesn't still operate in very similar fashions. If this drive had been cracked it would have been considered that all information on it was now of compromised validity, but when a government agency does it, then it is "trusted", of course in this case it was a "foreign" government that gained access. Validity is now in the eyes of the beholding government courts.

Re:Another question (1)

Jeng (926980) | about 2 years ago | (#39795675)

At this point they are gathering evidence, it is usually once evidence is gathered and found lacking that they would manufacture evidence. They don't even know at this point whom they would have to manufacture evidence against.

Why contaminate a perfectly good case with manufactured evidence when it's not needed?

Re:Another question (1)

Thud457 (234763) | about 2 years ago | (#39796931)

That sounds like a lot of work.

Can't they just claim they have evidence but they can't show it to you because it's secret?

Re:Another question (1)

Jeng (926980) | about 2 years ago | (#39797453)

I believe they can, but they first have to find out who you are and that is the stage they are at now.

remailer? (0)

Anonymous Coward | about 2 years ago | (#39795023)

what's a remailer?

Re:remailer? (2, Informative)

Jeng (926980) | about 2 years ago | (#39795069)

I'm going to take this opportunity to post a link to information about remailers, but I think you are an idiot for asking.

http://www.andrebacard.com/remail.html [andrebacard.com]

Re:remailer? (0, Insightful)

Anonymous Coward | about 2 years ago | (#39795117)

So, in your view, anyone who is ignorant about a particular subject is an idiot? That makes everyone in the fucking Universe an idiot by your standard.

He was an idiot for not searching himself? That's the fault of betterunixthanunix, who was too stupid to include a link in his summary. Nobody can know everything about every topic.

Re:remailer? (1)

Jeng (926980) | about 2 years ago | (#39795607)

I don't expect everyone to know everything about every topic, but I do expect people to make the effort to find out what something is before they put out a request for information.

And no it is not betterunixthanunix's fault that people viewing a news for nerds website can't figure out what a remailer is. A basic grasp of english tells you what a remailer is, and if you do not have a basic grasp of english you should be used to looking up words when viewing an english language website.

Re:remailer? (1)

X0563511 (793323) | about 2 years ago | (#39795087)

Lets break the word down for you:

[re]-[mailer]

I'm sure you can figure it out from there. If you still can't, go here [lmgtfy.com].

Re:remailer? (-1)

Anonymous Coward | about 2 years ago | (#39795157)

What's google?

Re:remailer? (0)

Anonymous Coward | about 2 years ago | (#39795411)

I didn't get it at first, but now you've clarified it. It's an asshole* that forwards or returns postal mail.

* I wasn't sure about this part until I had an example asshole behavior; thanks for that.

Re:remailer? (0)

Anonymous Coward | about 2 years ago | (#39795575)

You must not be counting on a discount on DOTA 2.

NOT FOR YOU [develop-online.net]

So, in practice, a really likable person in our community should get DOTA 2 for free, because of past behavior in Team Fortress 2. Now, a real jerk that annoys everyone, they can still play, but a game is full price and they have to pay an extra hundred dollars if they want voice.

"Could be decrypted" (3, Informative)

Beryllium Sphere(tm) (193358) | about 2 years ago | (#39795047)

Not if they were encrypted to the end recipient's public key. If not, they were plaintext in transit and possibly on the ISP's server.

Re:"Could be decrypted" (1)

Hatta (162192) | about 2 years ago | (#39795239)

Indeed. I'm not terribly familiar with anonymous remailers, so I don't understand what the keys are for. Why does an anonymous remailer need encryption keys in the first place? If I send them an email, asking them to resend it somewhere else, and they don't log who sends them email, isn't that enough to provide anonymity?

Re:"Could be decrypted" (1)

betterunixthanunix (980855) | about 2 years ago | (#39795435)

If I send them an email, asking them to resend it somewhere else, and they don't log who sends them email, isn't that enough to provide anonymity?

What if your connection is being watched?

In practice, people will chain two or more remailers, so that no single remailer knows both the sender and the recipient of a message. Encrypting the messages with each remailer's key is fundamental to this, so that the commands send to one remailer cannot be recorded by another.

Re:"Could be decrypted" (2)

arth1 (260657) | about 2 years ago | (#39795441)

Indeed. I'm not terribly familiar with anonymous remailers, so I don't understand what the keys are for. Why does an anonymous remailer need encryption keys in the first place? If I send them an email, asking them to resend it somewhere else, and they don't log who sends them email, isn't that enough to provide anonymity?

No. If you e-mail the remailer unencrypted, DHS/NSA/FBI can snoop the e-mail en route to the remailer, seeing what you wrote and who you sent it to.
If you send the e-mail encrypted to the remailer, the agencies won't know what's in the e-mails or who it goes to.

Re:"Could be decrypted" (1)

drinkypoo (153816) | about 2 years ago | (#39795591)

If you send the e-mail encrypted to the remailer, the agencies won't know what's in the e-mails or who it goes to.

No, they may well know who it goes to, because the system's keys may have been compromised, and the system needs that information to send your mail. By snooping your connection (If you are a person of interest) they know which mail you sent through comparison. The only thing they don't know is what's in the email.

Re:"Could be decrypted" (2)

betterunixthanunix (980855) | about 2 years ago | (#39795637)

Which is why people typically send messages through remailer chains, to make that sort of attack harder. Yes, they could just compromise the whole system, which is why the low number of remailers in operation is so troubling.

Re:"Could be decrypted" (1)

oxdas (2447598) | about 2 years ago | (#39796965)

If this is related to the emailing of bombing threats, then the emails are in plaintext (because the recipient won't have the key). I am guessing the encrypted part is information about the origin of the email. Potentially the remailer encrypted the email when passing between remailers or perhaps they use an encrypted tunnel or something to communicate. The FBI probably needs information from their servers to determine who was the last remailer in the chain. The FBI will probably need to seize the records of several companies to ultimately track back the email's origin.

I don't know much about this business, though, so this is pure speculation on my part.

Re:"Could be decrypted" (0)

Anonymous Coward | about 2 years ago | (#39795453)

err, why should somebody encrypt the -mail- with the remailer's public key? that way only the remailer itself would be able to decrypt it, not the final mail recipient...
pretty obvious that, in context, what he means is that the remailer instructions can have been breached by getting the mailer keys thus making fbi able to follow at least a part of the chain, not the mail itself.

Remailers (1)

Anonymous Coward | about 2 years ago | (#39795063)

So, are there any remailers in countries that don't have reciprocal juristictional arrangements with the USA?

Re:Remailers (1)

SirWhoopass (108232) | about 2 years ago | (#39795199)

So, are there any remailers in countries that don't have reciprocal juristictional arrangements with the USA?

Iran. North Korea. Syria. China... maybe? They might cooperate with the FBI depending on the target. Same with Russia. Are you looking for a country that doesn't have reciprocal arrangements, but that will also respect your privacy? I doubt it.

So what this really says..... (2, Insightful)

3seas (184403) | about 2 years ago | (#39795129)

....is that the FBI is a criminal organization.

Anonymous remailers are set up for reason of protection of those with information they want to get out but can as well suffer from a repressive regime, otherwise risking death if not done anonymously. Even universities of law have set such remailer up in respect of the law, ethics and democracy.

Perhaps there is a jail cell next to Bradly available for these. Naw.... not a chance.... somebody is going to die and that will make it ok.

What an upside down world we live in... Ready to flip it right side up?

Re:So what this really says..... (0, Informative)

Anonymous Coward | about 2 years ago | (#39795329)

They are investigating the Pitt Bomb Threat Emailer, obviously. Are you seriously suggesting that they should throw up their hands and give up because the perp used an anonymous remailer?

Re:So what this really says..... (2)

betterunixthanunix (980855) | about 2 years ago | (#39795581)

Making forensic copies of remailer disks, seizing remailers, etc. are not going to help them catch the guy who is sending these messages. Look at TFA -- the remailer operator simply reissued the keys. Taking a remailer offline is even more useless -- the FBI misses the opportunity to log messages travelling through the remailer, and to work their way backward through the remailer chain.

If the FBI were serious about catching this guy, they would not be making such a public spectacle -- the sender is going to stop using the remailer system, or else the sender is already relying on more than just remailers (e.g. Remailing through Tor from an open Wifi access point). The point of these high-profile raids is to attack the remailer system head-on; law enforcement agencies generally want to shut down anonymity systems, and these bomb threats present the perfect opportunity to attack the system with legal justification.

Re:So what this really says..... (1)

Baloroth (2370816) | about 2 years ago | (#39796009)

Making forensic copies of remailer disks, seizing remailers, etc. are not going to help them catch the guy who is sending these messages. Look at TFA -- the remailer operator simply reissued the keys. Taking a remailer offline is even more useless -- the FBI misses the opportunity to log messages travelling through the remailer, and to work their way backward through the remailer chain.

If they have copies of emails sent through the remailer prior to the raid, yes it will. It won't help catch future messages, but that isn't the point: the point is to break encryption on emails they already have in their possession. Reissuing the keys won't change the encryption used on those messages.

Also, I don't think they can not make a spectacle: the request to image the disks has to go through official channels or they risk major legal problems later, which means people are going to know about it.

Crime (1, Flamebait)

DaMattster (977781) | about 2 years ago | (#39795191)

So, effectively, the FBI has just committed a crime. They have intruded into the server of a foreign company and added a backdoor. I am surprised Austria is not up in complete arms over this. Anonymity in of itself is not a crime so the FBI really behaved egregiously!

Re:Crime (5, Insightful)

v1 (525388) | about 2 years ago | (#39795231)

the problem here is that the US is *known* to be storing ALL email traffic that routes through the united states. Sounds like a daunting task, but there's a reason they have all these big high security data centers all over the place and have "high security rooms" at all the telcos and large ISPs. That traffic gets siphoned off to their data centers for storage for later in case they need it. There's a simple reason why those places have petabytes of storage.

So there is never a question of "but they'd have to have been watching for that email last week/month/year and it's long since been sent and removed from caches". No. They have it. They have them all, just in case. Watch Enemy of the State. Watch how they pull up satellite footage from hours and days ago. Same principle here, if you can record everything, it works like a time machine. (for the past anyway)

So yes, busting down a door and taking the remailer keys gives them 100% access to 100% of the traffic that has been sent by that remailer at ANY point in the past where it crossed through a US ISP.

The truly disgusting part of this is they got the KEYS. Technically all they NEEDED was to hand over the encrypted message to the AU authorities, they break down the door and use the key to decode the message, and turn over the message, then wipe their copy of the key. That would be the "proper" way to do it, not to abuse the system, but instead they handed over the KEYS themselves, and now the US can decrypt truckloads of hard drives of emails that they have NO business having access to. That is the true crime here. It's like having a legal reason to subpoena a safe deposit box at a bank, and the bank hands them over a master key that opens every box in the vault and lets them look through anything they want. That's just WRONG.

Every time someone sends a bomb threat they can pull this stunt, it's like christmas over at the NSA, "we got another key! lets see what goodies we can find!" Talk about an incentive for abuse... Normally I don't go "tinfoil hat" on things, but THIS is actually an instance where I could start to buy into someone suggesting the NSA/etc forging a bomb threat just to get access to another random footlocker of encrypted data they want a peek at.

Re:Crime (1)

OzPeter (195038) | about 2 years ago | (#39795711)

Technically all they NEEDED was to hand over the encrypted message to the AU authorities

But what would the Australian authorities be doing with an Austrian server?
 
When will people learn that .AT has the mountains and .AU has the kangaroos?

Re:Crime (0)

Anonymous Coward | about 2 years ago | (#39795713)

This plus issues related to net neutrality is why there needs to be a network developed based on a decentralized protocol, sort of like geocasting. With white space opening up, this seems more and more plausible.

Re:Crime (2)

betterunixthanunix (980855) | about 2 years ago | (#39795755)

So yes, busting down a door and taking the remailer keys gives them 100% access to 100% of the traffic that has been sent by that remailer at ANY point in the past where it crossed through a US ISP.

It also gives other remailer operators a chance to reissue their keys and destroy the old keys -- which is basically what needs to happen when you have an agency going around demanding disc images like this. I am not aware of this happening, though.

Re:Crime (1)

mehrotra.akash (1539473) | about 2 years ago | (#39795929)

Do they really store ALL email traffic, or just profile and store from selected accounts?
The 3GB of mails from my GMail consisting of newsletters and college projects, and millions of other accounts like mine: arent they essentially useless and a waste of space for them?

Re:Crime (5, Interesting)

Anonymous Coward | about 2 years ago | (#39796237)

Do they really store ALL email traffic, or just profile and store from selected accounts? The 3GB of mails from my GMail consisting of newsletters and college projects, and millions of other accounts like mine: arent they essentially useless and a waste of space for them?

Suppose you had a yottabyte of disk storage. 3GB isn't just a drop in the bucket, it's not even a grain of sand at the beach.

Car Analogy: Most of us break the odd traffic law every now and then. Very rarely, does anybody get caught. At the instant Officer Friendly pegs you on radar doing 35 in a 30 zone, he'd very much like to be able to check your driving history. If there were a giant database of everyone's GPS logs, he could tell whether you were just in a hurry that morning, the sort of driver who usually drives precisely 4 (or 9) miles an hour over the posted speed limit, or if you do 120 in a 60 zone whenever there aren't any cops around. If Officer Friendly had access to that data, he'd be better able to judge whether or not to pull you over.

For speeding, it's not worth logging the movements of every car and correlating them with local speed limits at the time the log was written.

For other things, it probably is.

From NSA's point of view, right now your gmail account is noise. But everyone's political views change over time as a natural part of the process of growing up. Sometimes things go wrong, and perfectly normal people who hold perfectly normal views turn into monsters. There's a 99.99999% probability that you're not one of them. But for the sake of 3 lousy gigs out of a yottabyte, there's a 100% chance that someone's 3GB of noise will contain signal.

Since they don't posess a time machine that can peer into the future, they don't, and can't, know whose 3GB-of-noise will eventually contain a signal 20 years from now. But 20 years from now, they will have a time machine that can peer back 20 years into the past.

Re:Crime (1)

Anonymous Coward | about 2 years ago | (#39796683)

They have them all since ~2006. Alleged source: http://www.democracynow.org/2012/4/20/exclusive_national_security_agency_whistleblower_william
No source to this: they have quite a few of emails never passed US territory. Google the Atlas and Atlas II systems (collecting emails at a few hundred points world wide, with the pretext to identify spam).

Federal Backup Service (2)

kawabago (551139) | about 2 years ago | (#39797093)

Send all your data through the US email system then if you have a catastrophic loss you can just use a freedom of information request to get a copy of your data!

Re:Crime (0)

Anonymous Coward | about 2 years ago | (#39795271)

You wouldn't be surprised if you had read even the first paragraph of the article.
The FBI didn't intrude, the Austrian police gave it to them.

Re:Crime (1)

a90Tj2P7 (1533853) | about 2 years ago | (#39795367)

So, effectively, the FBI has just committed a crime. They have intruded into the server of a foreign company and added a backdoor. I am surprised Austria is not up in complete arms over this. Anonymity in of itself is not a crime so the FBI really behaved egregiously!

They did neither. The Austrian authorities, at the request of the FBI and in compliance with international agreements, created a bit copy of the hard drive. The whole point of a whole disk copy like that is that you DON'T access the original, and therefore can't compromise the evidence or lose/overwrite files/properties. There's no proof of any backdoor being installed, the admin just said that since they had the server they could possibly installed one.

Re:Crime (3, Informative)

bws111 (1216812) | about 2 years ago | (#39795395)

Couldn't even bother to read the first paragraph of the article, eh?

Today, the police arrived with a court order that allowed them to
create a forensic disk image of the austria remailer. This apparently
was on request of the US authorities, related to the Pittsburgh bomb
threats.
(emphasis mine)

It was the Austrian police who had a valid court order who 'intruded'. As for the 'added a backdoor':
Depending on how paranoid you are, you may assume the machine is
    backdoored, since the authorities have had access.

Doesn't say the FBI ever had access. Doesn't say there IS a backdoor, just that if you're paranoid yo umay assume there is one.

Re:Crime (0)

Anonymous Coward | about 2 years ago | (#39795405)

They aren't up in arms over it because the Austrian authorities actually did it at the FBI's request. So they have nothing to be up in arms about. But, reading the article is too hard apparently.

Re:Crime (1)

dave420 (699308) | about 2 years ago | (#39796393)

The Austrians did it, and they didn't install a backdoor. So basically you're crying about something that didn't happen.

other interesting questions raised (1)

nimbius (983462) | about 2 years ago | (#39795201)

include could the FBI briing a rogue remailer online using the image?
why wasnt full disk encryption used in this case to store the private keys?
in my opinion everything from the case fans to the bolts in the mounting rails on this server are now tainted. Sell it on ebay and build a new one.

Re:other interesting questions raised (2)

betterunixthanunix (980855) | about 2 years ago | (#39795701)

include could the FBI briing a rogue remailer online using the image?

How would the image help them? The FBI can set up a honeypot remailer any time they want, with or without the secret keys of another remailer.

why wasnt full disk encryption used in this case to store the private keys?

Elsewhere in the thread the operator stated that had WDE been in use, he would still have given the police his key. Why would a remailer operator allow himself to be arrested just to protect strangers?

in my opinion everything from the case fans to the bolts in the mounting rails on this server are now tainted. Sell it on ebay and build a new one.

That is why the system cannot just be rebuilt overnight; parts must be procured, software must be obtained from a trusted source, etc.

Threat trails... (1)

Anonymous Coward | about 2 years ago | (#39795219)

According to the link discussion, this came about as the result of a Pittsburgh bomb threat, as authorities try to trace the original sender.

Copying a whole hard disk seems a bit much. Especially since it's a foreign country. I guess if it were US, they would sieze the hardware instead. Still, I have to wonder about collateral data that went through that remailer. Say they find something unrelated but illegal. Jurisdiction go out the window here, or is the US really the gonna be world cop for the Internet? Or at least, only when it upsets them.

FBI needs another lesson i guess (0)

Anonymous Coward | about 2 years ago | (#39795243)

Just so you all know the DNS for the united hackers association USED to be in austria....

IT MOVED a while back and im gathering once we leave you numbnutted bastards go hunting....

Paybacks will be a bitch i hear....

Why did Austria allow that? (0)

Anonymous Coward | about 2 years ago | (#39795279)

?????

Notice the difference. (0)

Anonymous Coward | about 2 years ago | (#39795285)

FBI just takes the thing they went at completely down.
These guys imaged the thing.

How do FBI are smarts?
Get it together FBI, imaging isn't a hard thing to do.

Are some of u spammers? (-1)

Anonymous Coward | about 2 years ago | (#39795301)

Why on earth would u mind WHO took down a remailer then?

* I state that, becauseI see a lot of "F-You FBI" sentiments being stated in replies here (see my p.s. below, just for some examples).

Personally?

I think this is one time I don't mind something they did because I get a lot of "junk mail" (yes, gets caught by the Windows "LIVE" Mail filter, but still tons incoming - hopefully, this will put a 'dent' in that not only for myself, but other email users and email server admins will have a lighter load also).

APK

P.S.=> Examples:

http://yro.slashdot.org/comments.pl?sid=2810499&cid=39794975 [slashdot.org]

http://yro.slashdot.org/comments.pl?sid=2810499&cid=39795137 [slashdot.org]

http://yro.slashdot.org/comments.pl?sid=2810499&cid=39794987 [slashdot.org]

http://yro.slashdot.org/comments.pl?sid=2810499&cid=39795129 [slashdot.org]

http://yro.slashdot.org/comments.pl?sid=2810499&cid=39795191 [slashdot.org]

Personally, I think they probably did "society @ large" a BIG favor (unless someone can prove otherwise OR literally show me how/where I am incorrect in stating that)...

... apk

Re:Are some of u spammers? (5, Insightful)

Zero__Kelvin (151819) | about 2 years ago | (#39795823)

Because anonymous remailers are not designed and implemented for the use of Spammers any more than the Internet was. By your logic: Spammers use anonymous remailers so taking them down is good, and Spammers use the Internet, so taking it down is good. See the problem there?

Downmods 4 asking a question? Please... (-1)

Anonymous Coward | about 2 years ago | (#39796445)

The FBI must have caught them doing spam (or other misdoings).

I see your point, but let's face facts:

Anyone doing MASS EMAILING is a spammer: Point-Blank.

* Why do I state that? Well, My point being I don't CARE if they're a legit business either, I didn't ASK for their email in the 1st place & that qualifies as spam mail to me... OR anyone else normal as well.

(As I didn't ask for the junk mail, and don't want it. When I need the services of a company, I will research it myself & pay them to do a job, but I do NOT expect to be bothered by them either.)

APK

P.S.=> The downmod is bogus by the by... YOU Zero_Kelvin probably didn't do it though (& yes, a registered user can post here and do a downmod and reply after, it's no big trick - ask tomhudson & crew how it's done)...apk

Is this about bomb threats? (0)

Anonymous Coward | about 2 years ago | (#39795365)

Ok - so the FBI wants access to a remailer, and they make a forensic hard drive image, rather than simply confiscating the server and hurting everyone using it, like in the last slashdot story related to this.

Now, everyone is freaking out ... why?

Bomb threats are very serious and annoying business. Ideally, the FBI and remailer operators would cooperate to find the perps, without completely destroying legitimate use in the process. I know everyone is freaking about due process yatta yatta yatta, but this looks like it was handled much better than when the FBI simply confiscated servers.

What's the alternative? Live with shitheads who abuse remailers? I'm really not trying to troll. I want to know how slashdotters think that bomb-threats through remailers should be dealt with?

Signal to Noise (1)

Anonymous Coward | about 2 years ago | (#39795419)

I hope others here and around are helping do their part, sending meaningless noise messages through the reamailer networks.

Re:Signal to Noise (-1)

Anonymous Coward | about 2 years ago | (#39795551)

What makes you think anybody wants to 'do their part' to help some asshole who is sending bomb threats?

Re:Signal to Noise (0)

Anonymous Coward | about 2 years ago | (#39796339)

Its unfortunate that some asshole is abusing the system to send bomb threats. That's not the issue though. If this asshole sending the bomb threat is using the system properly, there will be no way to find who sent them.

FBI & Technology (2)

Reasonable Facsimile (2478544) | about 2 years ago | (#39795663)

When I read the summary ("... forensic image of the hard disk"), I pictured an agent standing over a server taking a photo of the HDD (with a Polaroid camera).

Nothing would surprise me after reading this [slashdot.org].

Oblig. Austrian (1)

PPH (736903) | about 2 years ago | (#39796131)

"I'll be back!"

Life imitates art, because when he came back, he was pwnd by Connor.

Why was the key not in secure crypto processors? (4, Interesting)

realxmp (518717) | about 2 years ago | (#39796139)

If we're going to trust these remailers then we need to do things properly. Key goes into the crypto processor, never comes out. Means someone can't just seize your server and image it then use that image to decrypt all traffic that passed through. If they want to try and get it out, fine but they'll need a guy with an Electron microscope to do so and they'll likely trip the tamper measures and bye bye key. If you're particularly paranoid you can even destroy your copy of the key once you've loaded it, this might mean changing your key if you have to move servers but it means that the service you offer is truly tamper evident. Plus you also have the added bonus that a dedicated hardware security module is usually quicker than your processor at doing encryption/decryption.

FOIA Request (1)

Anonymous Coward | about 2 years ago | (#39796157)

Can I send in a FOIA request to get back that important email that I lost last week when my hard drive failed?

Backdoor (2)

Githaron (2462596) | about 2 years ago | (#39796213)

While I realize this was not a US server, I am curious. Can the FBI legally install a backdoor into a US server without a warrant to specifically do so? I would assume not. Of course, I guess that wouldn't keep the FBI from illegally installing a backdoor.

TRUTH vs Classified (0)

Anonymous Coward | about 2 years ago | (#39796987)

Everything being a state secret these days, no longer can the public tell if such email threats are real or generated by the government to grab more power.

Another reason to vote AGAINST Obama (-1)

Anonymous Coward | about 2 years ago | (#39797011)

Need I say more ?

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...