Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

FBI Caught On Camera Returning Seized Server

timothy posted more than 2 years ago | from the but-we-were-just-pampering-the-evidence dept.

Crime 267

sunbird writes "As previously covered on Slashdot, on April 18th the FBI seized a server located in a New York colocation facility shared by May First / People Link and Riseup.net. The server, which was operated by the European Counter Network ('ECN'), the oldest independent internet service provider in Europe, was seized in relation to bomb threats sent to the University of Pittsburgh using a Mixmaster anonymous remailer hosted on the server (search warrant). The FBI's action has been criticized by the EFF. Predictably, the threats continued even after the server seizure. On April 24th, the FBI quietly returned the server, without notifying either Mayfirst / People Link or riseup, and were caught on video doing it."

Sorry! There are no comments related to the filter you selected.

Anonymous mails to send bomb threats. (1)

Anonymous Coward | more than 2 years ago | (#39880679)

Come on people, if it weren't so inconsequential, I'd think it was a false flag operation to justify these kinds of seizures.

But really, if that's what they'd want to do, it'd be more meaningful. So it's genuine dickhattery.

Re:Anonymous mails to send bomb threats. (1)

Joce640k (829181) | more than 2 years ago | (#39880791)

So it's genuine dickhattery.

You can bet they've installed all sorts of spyware on it...

Re:Anonymous mails to send bomb threats. (-1, Flamebait)

Dishevel (1105119) | more than 2 years ago | (#39881047)

Windows 2008 Server?

Why mess with the software? why not addl hardware? (0)

Anonymous Coward | more than 2 years ago | (#39881393)

actually, couldn't they just install a piece of hardware like a network logger that would be transparent to the server?

Re:Anonymous mails to send bomb threats. (4, Funny)

Anonymous Coward | more than 2 years ago | (#39880839)

in other news, the local keystone cops returned a section of highway in the middle of the night, hoping to avoid being noticed...

that particular section of highway was used by a group of bandits to threaten passer-byes.

after that section was removed at great inconvenience to everyone involved, the bandits simply moved down the highway a couple of miles...

/.ed already? (0)

Anonymous Coward | more than 2 years ago | (#39880681)

Is mayfirst.org already suffering /. syndrome?

Re:/.ed already? (1)

Jstlook (1193309) | more than 2 years ago | (#39881059)

Is mayfirst.org already suffering /. syndrome?

No, the FBI seized the mayfirst.org servers.

Do as I say, not as I do (0)

Anonymous Coward | more than 2 years ago | (#39880693)

It's not just an observation -- it's the very essence of government (second only to coercion).

Wow thats a first (0)

Anonymous Coward | more than 2 years ago | (#39880697)

This really has to be a first. Usually you always hear about police and or FBI etc seizing servers and never returning them to said owner(s).

So, they returned a server (3, Insightful)

G3ckoG33k (647276) | more than 2 years ago | (#39880701)

So, they returned a server. Isn't that good?

Maybe I don't understand the issue here.

Re:So, they returned a server (1)

Anonymous Coward | more than 2 years ago | (#39880725)

I was wondering the same thing. I know people here like to cast "The Man" in the worst possible light, but are they really just bitching that the FBI didn't jump up and down and wave their arms so that people would know that the server was back?

Re:So, they returned a server (1)

CosaNostra Pizza Inc (1299163) | more than 2 years ago | (#39881009)

I was wondering the same thing. I know people here like to cast "The Man" in the worst possible light, but are they really just bitching that the FBI didn't jump up and down and wave their arms so that people would know that the server was back?

The threats continued after the server seizure. So one might expect the FBI to return the server with a courteous "Sorry, my bad" apology, maybe.

Re:So, they returned a server (4, Insightful)

a90Tj2P7 (1533853) | more than 2 years ago | (#39881085)

The threats continued after the server seizure. So one might expect the FBI to return the server with a courteous "Sorry, my bad" apology, maybe.

Why? They had a valid warrant, and the server isn't owned by Riseup or May First/Peoplelink. Why should they have to apologize to them, or notify them? In fact, according to Riseup's press release, this server didn't even contain any of their info.

Re:So, they returned a server (2)

CanHasDIY (1672858) | more than 2 years ago | (#39881025)

I know people here like to cast "The Man" in the worst possible light,

The feds don't need our help in that, they do a fine job all on their own

Re:So, they returned a server (4, Informative)

Jeremiah Cornelius (137) | more than 2 years ago | (#39880727)

Due process and transparency?

This is borderline "coverup" activity.

Re:So, they returned a server (4, Informative)

daveschroeder (516195) | more than 2 years ago | (#39881101)

How is this a "coverup"? There was a properly adjudicated warrant to seize the server in the first place (whether or not it was over-broad, and whether or not someone agrees with the reasoning). Law enforcement is not obligated to make public announcements — and this story was covered widely.

For the people saying this is a Fourth Amendment violation, do people really think the FBI just routinely rolls onto private property without a legal justification for doing so? Again, saying "we weren't notified of the server's seizure or return" has nothing to do with the legality of either action.

In the first discussion, many were lamenting the possibility that the server may not be returned for months, if ever; now it's been returned (probably after having its drive(s) imaged) in a timely fashion and that's a bad thing, too? The issue of notification or announcement is irrelevant to the law.

What I would be concerned about is if the FBI entered private property without permission and without a legal basis — for example, via continuing coverage by one or more warrants to enter the property. Notice that is not what is being alleged here, just what some people are assuming...

Re:So, they returned a server (2, Insightful)

TheCarp (96830) | more than 2 years ago | (#39881369)

Fuck legality. They took these people's server, they were informed and even should have known it was pointless to do so. Fuck, it would have taken all of how many minutes of google searching to determine what fucking mixmaster was.

This was incompetence. Besides that.... simple fucking common courtesy says you inform people and appologize. Fuck the law, this is about decency and about serving the public, rather than just acting like a bunch of no account thugs.

Honestly, someone should be fired for such gross negligence on their part, and there should be appologies and compensation.

Re:So, they returned a server (3, Informative)

AmiMoJo (196126) | more than 2 years ago | (#39881405)

The guys who installed the camera (May First / People Link) are claiming that they were not notified when the server was seized or when it was replaced.

Re:So, they returned a server (2, Interesting)

Anonymous Coward | more than 2 years ago | (#39880733)

Probably because they didn't make a public statement about it.

Anytime a government agency does something, ideally they should state publicly wtf they're doing.

Re:So, they returned a server (5, Insightful)

Dahamma (304068) | more than 2 years ago | (#39880971)

I assume you are joking? They are investigating criminal activities (rather ineffectively, apparently, but still investigating), so of course they are not going to state every action they take publicly.

Re:So, they returned a server (4, Insightful)

million_monkeys (2480792) | more than 2 years ago | (#39881447)

Probably because they didn't make a public statement about it.

Anytime a government agency does something, ideally they should state publicly wtf they're doing.

Absolutely! They're spending our tax money, they ought to be telling us how their using it. If someone returns a server, I want to know about. Send out a press release, that way camera crews can be there to ensure it's done properly. And the FBI agent files sends a memo about the return, send out a press release. Then we'll all be able to sleep well knowing that there's no out standing paperwork.

This should really apply to all government agencies. How else are we to know that our money is being well spent? Do you know how much money gets blown on "black" programs by the CIA? I think it'd be better for everyone if they told us what they were doing in all those projects. That agency is sorely in need of some more transparency and openness. With all the money they are spending, they ought to be sending out press releases all day long telling us what they're up to.

The benefits go beyond keeping track of taxpayer money. Think of the bin Laden raid. If they had sent out a press release about it the week before, news agencies could have sent reporters over to interview bin Laden to find out how he felt about his impending demise. And then they'd have film crews there to record the action as it happened. With a week's notice, Osama's crew probably could put together some Bollywood number to perform during the raid while the SEALs were taking a timeout to update their facebook status letting us know they were blowing up that crashed helicopter.

Re:So, they returned a server (3, Funny)

Anonymous Coward | more than 2 years ago | (#39880773)

Returned what server? That server was always there.

Re:So, they returned a server (3, Insightful)

PRMan (959735) | more than 2 years ago | (#39880777)

Normally, in a free society, any interactions with Law Enforcement would be above board and you would be notified. That would be known as due process. This would be called an unreasonable search and seizure by the Founding Fathers of the US.

Re:So, they returned a server (4, Insightful)

Intrepid imaginaut (1970940) | more than 2 years ago | (#39880909)

They're long dead my friend, even if their dreams and ideals live on. Its up to the people of today to persevere and embody those ideals, and if that's not happening maybe its time to ask why not.

Re:So, they returned a server (2)

Dahamma (304068) | more than 2 years ago | (#39881049)

Well, they had a warrant to seize the server and enough reasonable cause (the actual bomb threat email came from that server). So it was due process, and done according to the Constitutional requirement for a warrant.

Now, if they knew anything about anonymous remailers (which shouldn't be that hard, doesn't the FBI have any technical staff??) they should have known it was a useless action that just cost everyone time and money with no results...

Re:So, they returned a server (4, Informative)

a90Tj2P7 (1533853) | more than 2 years ago | (#39881129)

Normally, in a free society, any interactions with Law Enforcement would be above board and you would be notified.

Riseup and May First/Peoplelink weren't notified. They also didn't own the server or the space. Nothing says that the FBI didn't notify ECN.

Re:So, they returned a server (4, Insightful)

jklovanc (1603149) | more than 2 years ago | (#39881161)

It looks like you really need to understand some definitions before you use spout off.

Due Process [wikipedia.org] is basically that law enforcement must follow the law. Show me where there is a law that requires law enforcement to inform everyone involved as to what they are doing. Considering that to put the server back the colocation company had to know about it as they had to let them in. Does it really matter if the FBI or the colocation compant told the server owner it was back?

Unreasonable search and seizure; It might have been iff they did not have a search warrant [riseup.net] signed by a judge in accordance with Fourth Amendment [wikipedia.org] .

Re:So, they returned a server (0)

Anonymous Coward | more than 2 years ago | (#39880779)

So, they returned a server. Isn't that good?

Maybe I don't understand the issue here.

Yeah! Let's all point and laugh at them following through with the requirement to return the servers! We can shame them into never doing it again!

Wait...

Re:So, they returned a server (1)

faedle (114018) | more than 2 years ago | (#39880785)

I'm sure it was returned.. um.. "better than they found it."

Re:So, they returned a server (1)

Anonymous Coward | more than 2 years ago | (#39880789)

Its nice they returned it, but it is trash now. Who knows what little devices the FBI might have installed on the thing.

Even if the FBI didn't do anything to it (other than copy the contents of the HDs; which is probably a given), it is not possible to trust the integrity of this hardware anymore.

BTW, probably time to start doing full disk encryption on co-lo machines, if not doing so already. Dropbear in initrd (debian makes this trivial to setup), allows remote unlock over SSH before root filesystem is mounted.

Re:So, they returned a server (2)

hoboroadie (1726896) | more than 2 years ago | (#39880899)

TFA stated that the server would not be re-used.
From my personal experience, I can't imagine those evil, lying bastards having the slightest inclination to return anyone's property without a court order from very high jurisdiction, or some tricky and expensive new hardware that their tech accomplices want to try out.

Re:So, they returned a server (0)

Anonymous Coward | more than 2 years ago | (#39881413)

ohhh! Free "expensive new hardware". Finders, Keepers!

Re:So, they returned a server (1)

Anonymous Coward | more than 2 years ago | (#39880911)

"Its nice they returned it, but it is trash now. Who knows what little devices the FBI might have installed on the thing."

Sell it to China.

Re:So, they returned a server (1)

matrim99 (123693) | more than 2 years ago | (#39881363)

Sell it to China.

Otherwise known as Recycling.

Re:So, they returned a server (1)

RMingin (985478) | more than 2 years ago | (#39881473)

"Its nice they returned it, but it is trash now. Who knows what little devices the FBI might have installed on the thing."

I'll take it. I'd love to do some dissection and inspection, maybe get some shiny new toys, until the FBI realizes what happened and shows up to demand their magnetic GPS trackers back, writ larger.

The FBI is large, and has massive budgets, but they move like a federal agency; slowly, and in deep ruts. I'm pretty sure any hardware changes would be detectable, and any firmware/software changes can be knocked out by doing a ground-up rebuild, starting with fresh BIOS/UEFI flashes onto new chips, via TSOP writer.

Any individual piece of software or firmware can be tampered, but I can't imagine the FBI having the manpower or interest to backdoor every single anonymous firmware download out there. They could never keep up.

Re:So, they returned a server (0)

Anonymous Coward | more than 2 years ago | (#39880799)

The article says that the server's owners were never officially informed that the server had been taken, or that it was returned, so the issue seems to be the apparent secrecy around the operation. Additionally, the article says that the server didn't have any useful information or contribute to any arrests, so it seems that FBI is covering it up to save having to explain that they seized the server needlessly.

Re:So, they returned a server (2)

PRMan (959735) | more than 2 years ago | (#39880847)

Actually, the organization is called May 1st. They seized it in late April and returned it after May 1st. Coincidence?

Re:So, they returned a server (-1)

Anonymous Coward | more than 2 years ago | (#39880875)

The issue is that they were attempting to simply replace something that they likely illegally seized in the first place because. The warrant (if they had one) was likely questionable, they very probably overstepped their authority in the seizure, and once no evidence could be found to retroactively justify the seizure it became government sponsored theft (which is becoming an increasingly controversial topic as more US citizenry become aware that our government is practicing it), so they tried to be sneaky and return the server without letting anyone know so when the owners of the server start filing complaints they could pretend the seizure never happened and pointing to the in-place server and declaring the ISP at fault for not checking to see if all the remaining equipment was properly working after the FBI raid. ...or, at least, that's what the paranoid conspiracy theorist I keep in the corner of my brain says.

Re:So, they returned a server (1)

cpu6502 (1960974) | more than 2 years ago | (#39880889)

Yeah I see no reason for concern. Obtaining warrants from a judge prior to entrance of a private building is so 1999. Ditto the Bill of Rights and Constitution. Having the FBI enter your private property is doubleplusgood.

Now please watch the screen and remember:
Under CISPA we know *everything* about your online habits.
So behave.

Re:So, they returned a server (1)

cpu6502 (1960974) | more than 2 years ago | (#39880943)

I just realized:
Under CISPA the ISP could turn-on your webcam in your bedroom (or wherever your PC is located), share the data with the U.S. DHS, and be immune from prosecution by yourself.

Re:So, they returned a server (0)

Anonymous Coward | more than 2 years ago | (#39881073)

Still making stuff up?

Re:So, they returned a server (4, Informative)

yakatz (1176317) | more than 2 years ago | (#39880891)

I think the concern stopping them from using the server now is the fear that the FBI modified "something" to log or report on traffic going through the server.
Absent the implementation questions of whether there will be anything useful in the logs, when someone takes you equipment and returns it later without comment, it is not unreasonable to assume that something happened to it.

(Note: I have participated in DoJ forensic training. The FBI procedures should be similar.)
As to the validity of the concern: Investigators are not usually allowed to mount storage media in read/write mode. If they do so, any evidence obtained from that media will no longer be admissible in court. While many labs do have non-forensic connectors for storage media, they are usually not used for fear of accidentally tampering with the evidence.
Investigators will make copies of media and manipulate the copies, but the originals will never be changed.
This does not say that there is no way from them to put some kind of logging software/firmware/hardware on the server, but it is pretty unlikely.

Re:So, they returned a server (0)

Anonymous Coward | more than 2 years ago | (#39881271)

This does not say that there is no way from them to put some kind of logging software/firmware/hardware on the server, but it is pretty unlikely.

who wants the truth anyway? it is more fun to come up with crazy conspiracy theories about this...

Re:So, they returned a server (4, Funny)

bluemonq (812827) | more than 2 years ago | (#39881023)

Apparently now they need to get a return warrant.

Re:So, they returned a server (0)

Anonymous Coward | more than 2 years ago | (#39881323)

Actually, yes, I believe that's the point.

Just because they're returning something doesn't make their presence there legal. They have eyes, and you can bet they're using them. What if they'd seen something they didn't like? Would they just take it? Or would they go get another search warrant? (Although I believe at that point any new evidence would be considered from the poisoned tree).

If the original warrant was so broad to allow them to surreptiously return weeks later, that itself would be a problem.

Re:So, they returned a server (0)

Anonymous Coward | more than 2 years ago | (#39881347)

I think submitter is suggesting that it woul be better if they didn't return the server, after all they use it fto send out bomb threats.

Re:So, they returned a server (1)

morcego (260031) | more than 2 years ago | (#39881395)

Exactly. Not only they returned the server, they had a warrant. If anything, the one that is on the wrong here is the judge to issued the warrant.

So yeah, I agree with EFF that the warrant is too broad and overreaching. But isn't that the judge's fault ?

Re:So, they returned a server (1)

marcello_dl (667940) | more than 2 years ago | (#39881479)

Please then send me your PC for a few weeks. No issue for you, right?

Noobs much? (1)

fuzzyfuzzyfungus (1223518) | more than 2 years ago | (#39880723)

Where did the FBI manage to dig up field agents who don't know that commercial facilities with high value equipment almost always have surveillance cameras? Christ, seedy dollar stores have surveillance cameras these days. Were they expecting nobody to notice when they just walked into a colo?

Re:Noobs much? (3, Informative)

PRMan (959735) | more than 2 years ago | (#39880859)

There were no cameras when they took it. May 1st secretly installed cameras after the original theft (a seizure requires notification).

Re:Noobs much? (1)

a90Tj2P7 (1533853) | more than 2 years ago | (#39881165)

There were no cameras when they took it. May 1st secretly installed cameras after the original theft (a seizure requires notification).

May First also didn't own the server or the space, an organization called ECN does.

Re:Noobs much? (2)

ShaunC (203807) | more than 2 years ago | (#39880887)

The camera that caught the action was actually installed inside the rack, by MayFirst. You can see the FBI agent looking at it several times, so it apparently wasn't as surreptitious as MayFirst had hoped.

Re:Noobs much? (1)

Tyr07 (2300912) | more than 2 years ago | (#39881407)

What's funny is you think they didn't know.

They were just returning it. What, should they have smashed windows in, dropped in smoke grenades, flash banged the cameras, and when all was said and done, the server was back?

It's a trap? (0, Insightful)

Anonymous Coward | more than 2 years ago | (#39880739)

If I were the people who ran the server, I'd go over the hardware with a fine-toothed comb, and wipe/rebuild the software. There's no telling what (legal or illegal) tracking crap the FBI put in it, if they're giving it back without a huge fight.

Re:It's a trap? (2)

jdastrup (1075795) | more than 2 years ago | (#39880801)

RTFA - they are not going to use the returned server.

Men in Black? (0)

Anonymous Coward | more than 2 years ago | (#39880761)

If they really wanted to be inconspicuous they would not dress like they are not FBI agents. I guess that just comes with the persona and elitist culture.

Re:Men in Black? (1)

bluemonq (812827) | more than 2 years ago | (#39881011)

Because it would have totally been not suspicious if the server that was seized by the FBI was returned by some unknown guys in t-shirts and jeans?

Re:Men in Black? (1)

hoboroadie (1726896) | more than 2 years ago | (#39881037)

My personal observation of Special Agents in the 70s led me to believe that they were completely unable to discern their remarkable image conformity. (e.g. undercover in the suburbs of Mecklenburg County, dressed like Ephram Zimbalist Jr. Whom are we trying to kid?)
A friend later confirmed that when she did psych evaluations of Agent prospects, the only ones considered had to have a psychopathic ability to disassociate with their intended evil actions. The new ones appear to be going more for the Tim McVeigh look, befitting their continuing role in domestic terror.

Re:Men in Black? (0)

Anonymous Coward | more than 2 years ago | (#39881379)

Either you or your friend is an absolute liar. I'm guessing you.

Rarity (2)

lannocc (568669) | more than 2 years ago | (#39880763)

From TFA (emphasis mine):

The footage, taken by a small surveillance camera MF/PL technologists installed after the FBI seizure of the server, is a rare glimpse of what appears to be an FBI operation.

The FBI has returned equipment? Rare indeed!

So What Was the FBI Supposed to Do? (5, Insightful)

eldavojohn (898314) | more than 2 years ago | (#39880767)

This is sort of awkward since I donate ~$50 to the EFF and wear their shirts around town but ... what was the FBI supposed to do? Throw up their hands and say "Nothing can be done" to the parents and students at the University. It's not like they went through an inappropriate channel to seize this server. What law was broken? On top of that, April 18th to May 3rd is a much faster turnaround than what I would credit the FBI.

Sure it was heavy handed -- in about the same way as shutting down traffic for a major accident is heavy handed. You know we have the ability to just plow that wreckage off our highways and get on with our lives but noooo the police want to find out who was at fault and make sure everyone is okay. Even though it inconveniences thousands of people every day and, predictably, the accidents keep happening despite the police officers' efforts.

Predictably, the threats continued even after the server seizure

That's gotta be the stupidest part of this summary. The idea wasn't to stop the threats but to trace them! If logging wasn't turned off on that server, the FBI would have been able to trace it. That being the only thing they could do, they did it. I mean, if I was a student or parent, I would be really upset if the FBI said "Well, we could confiscate that server and mildly interrupt e-mail service for 300 people but it will only tell us who is doing it if logging is turned on and it's probably not so we're just going to go ahead and let this all continue to happen."

Yeah, hundreds of people were inconvenienced when their e-mail was disrupted ... with the safety and lives of hundreds of other people at the university in mind when it happened.

Big bad FBI, trying to follow the only lead they have on some sick pervert who gets off to bomb threats. Shame on them! Sometimes I think law enforcement is damned if they do, damned if they don't.

Re:So What Was the FBI Supposed to Do? (1, Insightful)

Barbara, not Barbie (721478) | more than 2 years ago | (#39880853)

As you pointed out, this is a VERY fast turn-around ... almost like they hope that people will use it in a "business as usual" fashion ... like a honeypot?

Not even telling them that it was back so that the owners could decide if they even wanted to risk leaving it in place? VERY suspicious.

Ah, Yes, the Tinfoil Hat Game! (4, Funny)

eldavojohn (898314) | more than 2 years ago | (#39880999)

As you pointed out, this is a VERY fast turn-around ... almost like they hope that people will use it in a "business as usual" fashion ... like a honeypot?

Not even telling them that it was back so that the owners could decide if they even wanted to risk leaving it in place? VERY suspicious.

The FBI also left a dolly to move the server. Unfortunately the dolly is filled with microphones and wi-fi packet recorders. The FBI also left a fruit basket as an apology. Unfortunately the fruit is laced with mind control chemicals. The FBI also left an apology note. Unfortunately the text is interlaced with words that activate their sleeper agent inside the company.

I mean I can play the conspiracy game all day, yeah if they installed spyware on it, the FBI are pieces of shit. At least have the decency to request the compliance of the company and let them decide to help you track down a scofflaw. At least you could then tell the parents and students that this company won't comply with your investigation so your hands are tied until further leads.

I mean, come on, you think that the FBI is that savvy? You think that any two bit network or systems engineer wouldn't be able to pick up on weirdness in network traffic or processes running from/on the machine phoning home to the FBI? Any company worth its salt that accepts a server or hardware back from anybody proceeds to rebuild it from scratch. Flash or upgrade the firmware if you want! It's so hilariously convenient that law enforcement is a barrel of bumbling idiots when they're supposed to be helping us and when they're trying to help us they are seventeen steps ahead of us and already have infiltrated my underwear drawer. In this story they go straight from idiots who can't understand that logging is turned off on this server to installing honeypot software/devices in two weeks into a device they just got. Right. VERY suspicious. And let's face it, this bomb threat guy has already moved on to another remailer and he's not going to return to this remailer that he has inconvenienced.

Re:Ah, Yes, the Tinfoil Hat Game! (2)

element-o.p. (939033) | more than 2 years ago | (#39881303)

I mean, come on, you think that the FBI is that savvy? You think that any two bit network or systems engineer wouldn't be able to pick up on weirdness in network traffic or processes running from/on the machine phoning home to the FBI?

Google "covert channels."

You can't know what was done to the server while it was gone. Ergo, you cannot trust that server again.

While I agree that most likely all the FBI did is image the drive so they could look for information on where the e-mails originated, you can't know that. Yes, even a marginally competent network admin could look for unusual traffic to unusual domains/IP addresses, but if you are dealing with a server used by hundreds of strangers (even if they are customers), it can get pretty difficult to separate the signal from the noise. Then there are the covert channels I referenced earlier. It can be impossible to ferret those out without inside information because literally ANYTHING can be a carrier for information. And quite frankly, while I often question my government's judgment and ethics, I sincerely hope that their cryptography and security experts are more knowledgeable in those fields than I am, considering the information (nuclear and biological weapons tech, for example) that they are tasked with protecting.

Re:Ah, Yes, the Tinfoil Hat Game! (2)

Barbara, not Barbie (721478) | more than 2 years ago | (#39881421)

They returned it without telling the owners that it was returned. What if it had sat there for a month, reporting on every packet passing through it?

It's not that they returned it so quickly, but that they hoped the owners wouldn't realize it was up and running again.

The right thing to do would have been to say "Okay, we're done, where do you want us to drop it off?" Not covertly stick it back in the rack and hook it up.

Re:So What Was the FBI Supposed to Do? (1)

a90Tj2P7 (1533853) | more than 2 years ago | (#39881197)

Not even telling them that it was back so that the owners could decide if they even wanted to risk leaving it in place? VERY suspicious.

There's no comment about whether or not the owners, ECN, were told. Riseup and May First are only clients of the service. It's funny how their press releases keep glossing over that fact and present it like someone broke into their offices and stole their server, when they're just users of a hosted third-party service.

Re:So What Was the FBI Supposed to Do? (2)

Anomalyst (742352) | more than 2 years ago | (#39880895)

Howzabout mirroring the switch port and logging/filtering the traffic thru snort to grab the IP addresses of inbound SMTP connections before the remailer scrubs them. What a bunch of networking maroons. The keystone Kops got nothing on this bunch of "investigators:.

Re:So What Was the FBI Supposed to Do? (0)

Anonymous Coward | more than 2 years ago | (#39880903)

Or... they could've turned on logging and left the server in place. After all, providing email service to your students isn't really a crime, now, is it?

Re:So What Was the FBI Supposed to Do? (0)

Anonymous Coward | more than 2 years ago | (#39880923)

Yes, obviously the FBI had to do something, with students and parents up their ass, but everyone here on slashdot knew better than to think seizing an anonymizing server would result in anything more than anonymized data.
We need to do something about the general, CSI-watching public who believe all encryption can be cracked given enough commercial breaks.

Re:So What Was the FBI Supposed to Do? (1)

Guppy06 (410832) | more than 2 years ago | (#39881309)

everyone here on slashdot knew

How? Has "everyone here on Slashdot" laid hands on that server and inspected its configuration themselves? Or is "everyone here on Slashdot" just taking the operator's word about it?

Re:So What Was the FBI Supposed to Do? (1)

jimmifett (2434568) | more than 2 years ago | (#39880933)

The FBI didn't notify anyone involved in returning the server, that's the problem.
The server could very well have had additional software/hardware installed to snoop the network remotely, or store the data secretly on the server for later physical retrieval. Retrieve keys, passwords, cyphers, etc.

Would you let anyone just install hardware/software on your network without your knowledge? Esp if the device was already confiscated without your notification in the first place?

Re:So What Was the FBI Supposed to Do? (2)

StuartHankins (1020819) | more than 2 years ago | (#39880937)

According to TFA, there was no notification to the customers, the people renting space on the server:

On April 18, 2012, a Riseup server located in MF/PL's [May First/People Link] colocation cabinet and managed by ECN, a progressive provider in Italy, was seized by the FBI. MF/PL found out about the seizure when Riseup reported that there was no response from the server. Technologists visited the server location and found that the machine had been removed.

That makes me wonder exactly what procedures were not followed. You can't just go around removing servers at will.

Re:So What Was the FBI Supposed to Do? (1)

sangreal66 (740295) | more than 2 years ago | (#39881471)

That's an issue between the customer and the provider which owns the server (ECN), not the FBI. If ECN wasn't notified by the FBI that would be a separate issue, but that hasn't been claimed.

Re:So What Was the FBI Supposed to Do? (1)

silas_moeckel (234313) | more than 2 years ago | (#39880949)

The responsible thing would have been to request the information from the server owners. They got heavy handed when they seized it effectively ruining any goodwill with the people most able to help them. Honestly the last thing you want to do it turn a server off. If spammers can figure out how to use encrypted VM's somebody else covering there tracks sure can.

Having dealt with the FBI computer people would say this about on par with the shoddy work they seem to do. Fire the lot and let the SS computer guys take over they have a clue, understand that it's part of there job to be polite and efficient.

Re:So What Was the FBI Supposed to Do? (2)

Hentes (2461350) | more than 2 years ago | (#39880965)

what was the FBI supposed to do? Throw up their hands and say "Nothing can be done" to the parents and students at the University.

Yes. There is no way to stop anonymous threats from happening. But you aren't required to evacuate every time a 12 year old kid calls you.

Yes you are (1)

Sycraft-fu (314770) | more than 2 years ago | (#39881189)

In the law-suit happy world we live in, you dam sure do need to evacuate on bomb threats. If you do, you'll get sued. Even if it is just a case of you didn't evacuate and it is revealed that you received a threat there's a decent chance you get sued. However in the event there is a bomb and it goes off? You are fucked, sued out of existence. So, institutions have to err on the side of caution, on the side of not getting sued.

What it changed? Change the law first. However you cannot reasonably say to a university "Just ignore it, hope it is nothing and that nobody find out and sues you."

Also there are ways to stop anonymous threat from happening, you just really, REALLY won't like any of them.

Re:Yes you are (2)

Mordermi (2432580) | more than 2 years ago | (#39881231)

I agree with this. Also, my girlfriend works there and I would much rather them evacuate than my girlfriend get blown up because they ignored a threat by "a 12 year old kid" that turns out to be real.

Re:So What Was the FBI Supposed to Do? (0)

Anonymous Coward | more than 2 years ago | (#39880991)

They could have shut down the campus and university network, as that would undeniable prevent any more threat being sent over email. It would also be very visable for the students and parents!

Re:So What Was the FBI Supposed to Do? (1, Insightful)

cpu6502 (1960974) | more than 2 years ago | (#39881035)

No law was broken?!?!?

Try reading the Bill of Rights sometime. The FBI broke the 6th law in that document (also known as the 4th amendment) which requires obtaining a search warrant from a judge prior to entrance.

And yes sometimes the bad guy gets away. That is preferable to harassing innocent people & treating them like criminals (example: patting down their breasts and crotches) (example: randomly searching through cars) (example: arresting people who publish anti-war pamphlets) (example: rounding-up asian-Americans & tossing them in jail cause it's world war 2) (example: assassinating Americans because you SUSPECT they might be terrorists) (example: strip-searching old people before they can fly) (example: forcing a breast-feeding mom to stand in a glass jail for an hour, rather than let her take her pumping equipment home to her newborn kid) (example: ......

INFORM yourself of what's happening in the world.

You Need to Slow Down (4, Insightful)

eldavojohn (898314) | more than 2 years ago | (#39881209)

Try reading the Bill of Rights sometime. The FBI broke the 6th law in that document (also known as the 4th amendment) which requires obtaining a search warrant from a judge prior to entrance.

You mean something like this [eff.org] ? The warrant that was linked to not only in the article but also the summary?

And yes sometimes the bad guy gets away.

That would be a hilarious motto for any law enforcement agency! I'd opt for "We do everything within our legal rights to catch the bad guy."

That is preferable to harassing innocent people & treating them like criminals (example: patting down their breasts and crotches)

You are confusing the FBI and TSA.

(example: randomly searching through cars)

You are confusing the FBI and ... your local law enforcement? Who require probable cause?

(example: arresting people who publish anti-war pamphlets)

The FBI might have done that in the past during Vietnam but it was probably for other trumped up bogus charges and luckily today we have the EFF/ACLU to take up those cases when that happens. Got any recent examples or really any citations at all for this entire post?

(example: rounding-up asian-Americans & tossing them in jail cause it's world war 2)

Wow, dude, that was six decades ago ... yeah it was horrible and I think it's been publicly recognized as horribly racist and is a reason for public shame to the United States. I do not think that's happening today.

(example: assassinating Americans because you SUSPECT they might be terrorists)

Again, I think you're confusing the FBI with some other agency ...

(example: strip-searching old people before they can fly)

But you repeat yourself ... that's the TSA, not FBI. The TSA definitely has no purpose and needs to be dissolved.

(example: forcing a breast-feeding mom to stand in a glass jail for an hour, rather than let her take her pumping equipment home to her newborn kid)

What the hell? Citation?

INFORM yourself of what's happening in the world.

Yep, I'm the misinformed one here, got it. Hey, since all government actions are from the same people (you cross state and federal levels several times there) why don't you go tell your local county clerk to stop murdering Afghan children? Makes about as much sense as the rest of your rambling post ...

Re:So What Was the FBI Supposed to Do? (0)

Anonymous Coward | more than 2 years ago | (#39881157)

They didn't need to seize the server at all. they could have just taken a copy of the logs, if there were any. It's like taking an entire camera to search for incriminating photos when they could just dump all the photos and search through that. Or, to put it another way, imagine they hauled off entire server recording a CCTV system to investigate a breakin/shoplifting/etc. They could've just copied all the data and kept the server running, then sorted through all the data back at the office.

Re:So What Was the FBI Supposed to Do? (1)

orrorri (2560145) | more than 2 years ago | (#39881387)

The issue is not that it was inconvenient for several hundred people, the main issue is the warrant covered. Allowing the FBI to search not just the remailer, but giving the FBI full access to poke through and grab whatever information they wanted from the entire server.I would not want my apartment to get searched because someone else in the building did something.

And sure, you can justify it to yourself that it was to help other people, but the point is there is a precedence out there now [or was it there already? i haven't researched that]... if someone uses gmail and sends a bomb threat, confiscate all gmail servers, and have access to everyone's accounts. That sounds legal, that sounds right. That is NOT an invasion of privacy.

Even if you agree with the cause, you cannot give carte blanche to the FBI to do whatever they want with the entire server. Make the warrant be specific. They can only search the information about the remailer. If they want anything else on the server, that is a different warrant.

um..how did they get in? (2)

who_stole_my_kidneys (1956012) | more than 2 years ago | (#39880793)

On April 24th, the FBI quietly returned the server, without notifying either Mayfirst / People Link or riseup, and were caught on video doing it. what kind of no security operation are they running at this datacenter? The last place i worked , to get in the datacenter required a thumb reader, to get into the clean room, that then detected if more than one person had entered and would not let you past that door untill the other door was closed and no other people were in the clean room, and it was ALWAYS staffed to see people coming and going. For just random people to come in , take a server, then put it back later with out any one knowing is some where i would never store my server.

Re:um..how did they get in? (2)

hoggoth (414195) | more than 2 years ago | (#39880867)

These aren't 'random people' wandering around a data center. This is the FBI. They flashed some badges, made some threats, and when they were done they zapped everyone with a neuralizer just to be sure.

Re:um..how did they get in? (1)

a90Tj2P7 (1533853) | more than 2 years ago | (#39881207)

On April 24th, the FBI quietly returned the server, without notifying either Mayfirst / People Link or riseup, and were caught on video doing it. what kind of no security operation are they running at this datacenter? The last place i worked , to get in the datacenter required a thumb reader, to get into the clean room, that then detected if more than one person had entered and would not let you past that door untill the other door was closed and no other people were in the clean room, and it was ALWAYS staffed to see people coming and going. For just random people to come in , take a server, then put it back later with out any one knowing is some where i would never store my server.

It isn't their data center. Or their server. They're users of a service provided by ECN.

wipe and dump (1)

wannabegeek2 (1137333) | more than 2 years ago | (#39880797)

I sincerely hope the server owner and users consider tne equipment hopelessly compromised, and quickly and completely dispose of it.

Re:wipe and dump (4, Insightful)

Barbara, not Barbie (721478) | more than 2 years ago | (#39880877)

I sincerely hope the server owner and users consider tne equipment hopelessly compromised, and quickly and completely dispose of it.

It never kept any log files or other personal identifying data, so they could probably make some serious coin auctioning it off to whoever wants to pay the most to get a first-hand look at the lastest guvernment spyware.

I guess I don't understand ... (0)

PPH (736903) | more than 2 years ago | (#39880811)

... why anyone in their right mind would try to sneak in any place to return something.

When they take it, its either without a warrant, where they just kick in the front door and scream "FBI!", or with one, where they kick in (or knock) and say, "FBI! We have a warrant!"

But sneaking around without the requisite "FBI" announcement is just a great way to get shot. We have some facilities manned 24/7 by armed guards. You might get lucky and only get Tased*, but its kind of difficult to identify yourself as law enforcement when you are flopping around on the floor and you've just relieved your bladder.

*Security had some issues with shooting people unchallenged. But now that they carry Tasers as well as semi-autos, you get no warning.

Re:I guess I don't understand ... (2)

jklovanc (1603149) | more than 2 years ago | (#39881455)

Congratulations on being taken in by yet another misleading sensationalistic summary. It is just as likely that the walked up to the facility, presented their credentials and warrant (which they had) and took the server as stipulated in the warrant. Where in any of the articles is there any indication that the FBI kicked down any doors.

The "caught on tape" phrase is also misleading in that it implies that the FBI agents were sneaking around. It is just as likely that they came to the front door, presented their credentials and stated they were returning the server. They then went into the server room and returned the server to where it belonged. Where in any of the reports is there any statement that the agents were sneaking? Sure they didn't call the server owner or the colocation company telling them what they were doing but that is very different than "sneaking around". If you watch the video you will notice that the agent in front of the rack looks directly at the camera at least three times. He didn't care there was a camera there because they were not sneaking around.

FBI challanges DHS (1)

Anomalyst (742352) | more than 2 years ago | (#39880825)

For the the Peoples Choice award for funniest security vaudeville.

The FBI has been busy. (1, Insightful)

fahrbot-bot (874524) | more than 2 years ago | (#39880879)

The server, which was operated by the European Counter Network ('ECN'), ... was seized in relation to bomb threats sent to the University of Pittsburgh using a Mixmaster anonymous remailer hosted on the server.

Given their recent activities - Terrorist Plots, Hatched by the F.B.I. [nytimes.com] - I wouldn't be surprised if the FBI e-mailed that bomb threat themselves so they could legally seize and search the ECN system - brilliant.

Who broke slashdot? (1)

SoupGuru (723634) | more than 2 years ago | (#39881005)

Am I the only one waiting minutes for a slashdot page to load?

Re:Who broke slashdot? (2, Funny)

Anonymous Coward | more than 2 years ago | (#39881069)

Me too, they should get their new Business Intelligence team on it.

Re:Who broke slashdot? (1)

Anomalyst (742352) | more than 2 years ago | (#39881265)

Hopefully they are better than the old Business Stupidity guy.

Re:Who broke slashdot? (1)

metalgamer84 (1916754) | more than 2 years ago | (#39881089)

No, /. has been laggy all morning so far. I keep having to try and reload pages.

Re:Who broke slashdot? (-1, Flamebait)

Dishevel (1105119) | more than 2 years ago | (#39881147)

Slashdot has been horrible today.

Nice suit (0)

Anonymous Coward | more than 2 years ago | (#39881075)

Looks like he's going to a funeral.

Trespassing? (1)

HerbertStencil (776138) | more than 2 years ago | (#39881339)

Well, assuming they had a warrant for the seizure in the first place, fine and good that they did their job looking for the bad guys. But I don't think a judge would have given them a warrant to break in and return the server unless they thought no one had noticed it was gone. Why did they not just call the owner and say they wanted to return the server. Were they trying to be nice by returning it to its rightful place. How did they get in to return it? Has this place no security? Did they bully some pimply faced security guard into opening the door? Did the guard have authority to grant them access to the cage? No legal access means trespassing; the feds are not above laws on criminal trespass.

The Harvest (1)

glorybe (946151) | more than 2 years ago | (#39881415)

Should we not read this as the FBI has copied and is studying everything they can stored on that server plus they have tossed in their own secret recipe so that everything that passes through that server from now on flows right to the agency? You can bet that very special attention has been paid to that equipment.
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?