Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

FBI Dad's Misadventures With Spyware Exposed School Principal's Child Porn

Soulskill posted about 2 years ago | from the lesson-learned-always-spy-on-your-kids dept.

Crime 346

nonprofiteer writes "This is a crazy story. An FBI agent put spyware on his kid's school-issued laptop in order to monitor his Internet use. Before returning the laptop to the school, he tried to wipe the program (SpectorSoft's eBlaster) by having FBI agents scrub the computer and by taking it to a computer repair shop to be re-imaged. It somehow survived and began sending him reports a week later about child porn searches. He winds up busting the school principal for child porn despite never getting a warrant, subpoena, etc. The case was a gift-wrapped present, thanks to spyware. A judge says the principal has no 4th Amendment protection because 1. FBI dad originally installed spyware as a private citizen not an officer and 2. he had no reasonable expectation of privacy on a computer he didn't own/obtained by fraud."

Sorry! There are no comments related to the filter you selected.

In anarchy this BS will not happen (-1)

Anonymous Coward | about 2 years ago | (#42145875)

Legalize CP now!

Re:In anarchy this BS will not happen (0, Flamebait)

Anonymous Coward | about 2 years ago | (#42146527)

You'd be better off beating kids than looking at nude pics of them nowadays.

Re:In anarchy this BS will not happen (-1)

Anonymous Coward | about 2 years ago | (#42146795)

You'd be better beating off kids than looking at nude pics of them nowadays.

FTFY!

FBI and Spyware (0)

Anonymous Coward | about 2 years ago | (#42145887)

Sure it wasnt Flame?

Re:FBI and Spyware (1, Funny)

TWX (665546) | about 2 years ago | (#42145911)

Of course it wasn't Flame!

You want a flame, you stupid dirtbag?!

I'm still trying to wrap my brain around... (5, Insightful)

TWX (665546) | about 2 years ago | (#42145893)

...the spyware surviving a cleaning by a computer repair shop and the FBI...

Re:I'm still trying to wrap my brain around... (5, Interesting)

Synerg1y (2169962) | about 2 years ago | (#42145977)

It was left on deliberately in an attempt to spy on random U.S. citizens and collect data.

Or.. or... The computer repair shop doesn't know what they're doing

My money's on it's something like this [theregister.co.uk]

Re:I'm still trying to wrap my brain around... (5, Insightful)

cheekyjohnson (1873388) | about 2 years ago | (#42146357)

It was left on deliberately in an attempt to spy on random U.S. citizens and collect data.

More delicious loopholes to exploit left and right!

Re:I'm still trying to wrap my brain around... (5, Interesting)

fahrbot-bot (874524) | about 2 years ago | (#42146479)

...the spyware surviving a cleaning by a computer repair shop and the FBI...

It was left on deliberately in an attempt to spy on random U.S. citizens and collect data.
Or.. or... The computer repair shop doesn't know what they're doing.

And/or... (more chillingly) The FBI doesn't know what they're doing.

Re:I'm still trying to wrap my brain around... (5, Informative)

screwdriver (691980) | about 2 years ago | (#42146491)

Nope. I've used the software mentioned in the article before, and it would most certainly not survive a proper HD re-image. The computer shop either didn't re-image the HD like they said they did, or the FBI lied about taking it to a computer shop in the first place.

Re:I'm still trying to wrap my brain around... (1)

Anonymous Coward | about 2 years ago | (#42146577)

Or it was re-imaged and files were restored as an unannounced courtesy.

Re:I'm still trying to wrap my brain around... (5, Informative)

chemicaldave (1776600) | about 2 years ago | (#42146745)

The agent shouldn't have needed to take it to a repair shop in the first place. SpectorSoft's own FAQ section states "eBLASTER ... cannot be uninstalled without the eBLASTER password YOU specify..." Sounds like the guy forgot the password AND the shop didn't do its job.

Re:I'm still trying to wrap my brain around... (1)

icebike (68054) | about 2 years ago | (#42146519)

Your money is now ours. Pay up.
The article and the summary state explicitly which software was used [spectorsoft.com] , and its no where near as smart as the the stuff you linked. It only works with windows.

Re:I'm still trying to wrap my brain around... (0)

Anonymous Coward | about 2 years ago | (#42146763)

the image was taken after the spyware was installed.
the fbi removed it and the computer shop reinstalled it;.

-> just a guess.

Re:I'm still trying to wrap my brain around... (0)

Anonymous Coward | about 2 years ago | (#42145985)

Probably they didn't actually do their job, just deleted all user settings or something.

Re:I'm still trying to wrap my brain around... (1)

alen (225700) | about 2 years ago | (#42146227)

nope, Windows even has a little program that will automatically wipe the settings and computer account and boot windows like its fresh out of the box making you think its a new computer.

don't have to delete anything manually

forgot the name but years ago it was used for imaging to make sure the computer account was different

Re:I'm still trying to wrap my brain around... (1)

Lanforod (1344011) | about 2 years ago | (#42146285)

nope, Windows even has a little program that will automatically wipe the settings and computer account and boot windows like its fresh out of the box making you think its a new computer.

don't have to delete anything manually

forgot the name but years ago it was used for imaging to make sure the computer account was different

Must be talking about sysprep? Still in use today...

Re:I'm still trying to wrap my brain around... (2)

mrbester (200927) | about 2 years ago | (#42146645)

It's called setup.exe and in the root directory of any Windows CD...

Re:I'm still trying to wrap my brain around... (1)

xclr8r (658786) | about 2 years ago | (#42146647)

Delete profiles - Control Panel\System and Security\System - Advanced Tab of system properties - User profiles - Settings - list comes up with different user profiles - delete the ones you do not want anymore (gets rid of files in the usual space (desktop/my documents/ etc.) Looks like a clean install with new user accounts.

Re:I'm still trying to wrap my brain around... (4, Funny)

Sparticus789 (2625955) | about 2 years ago | (#42146021)

This has restored my faith in the capabilities of the FBI /sarcasm

How to succeed as an FBI agen: a tutorial (2)

cornholed (1312635) | about 2 years ago | (#42146159)

Step 1: Install spyware on a computer and then "scrub" such computer
Step 2: Report activities on such computer to authorities, make sure to flash FBI card
Step 3: Wait for reports of internet activity to come in and report anything that is morbidly fascinating; triple points for child porn
Step 4: No evidence? Computer MIA? Get computer user to admit to wrong doing!
Step 4: ?
Step 5: Promotion!

Re:I'm still trying to wrap my brain around... (5, Insightful)

Baloroth (2370816) | about 2 years ago | (#42146229)

Keep in mind this wasn't exactly the computer specialist division of the FBI, considering he had to take it to a computer repair shop to get them to fix it. TFA says he asked his colleagues, without knowing anything more I'd assume they don't work in the "cybercrime" division. So more like it survive cleaning by some random individuals and a probably-incompetent computer repair shop (Geek Squad or similar, they probably thinking knowing how to use regedit makes them computer "experts".) The FBI as an organization was completely uninvolved.

Re:I'm still trying to wrap my brain around... (1)

asmkm22 (1902712) | about 2 years ago | (#42146269)

Why in the world did the FBI even have to get a repair shop involved in the first place? Was the task of reimaging a computer truly that daunting for them?

Re:I'm still trying to wrap my brain around... (5, Interesting)

icebike (68054) | about 2 years ago | (#42146443)

...the spyware surviving a cleaning by a computer repair shop and the FBI...

Pretty astounding, when you consider he knew what he installed and it comes with de-install directions [spectorsoft.com] .
Quoting the FAQ:

Tamper-Proof Technology
eBLASTER does not show up as an icon, does not appear in the Windows system tray, does not appear in Windows Programs, does not show up in the Windows task list, cannot be uninstalled without the eBLASTER password YOU specify, and eBLASTER does not slow down the operation of the computer it is recording. eBLASTER does not initiate connections to the Internet and will only forward email and send activity reports when the monitored computer is already connected to the Internet. All of these features make it extremely difficult for unauthorized users to locate and/or remove eBLASTER.

Re-imaging the computer from original installation media should have done it, but I suspect that the shop he took it to did not have
that media, or the Certificate and wasn't about to use their own copy, and simply removed the user account.

I can see the FBI not wanting to waste their time and resources on what was his personal project, and sent him to a private shop.
Good on them if that's how it went down.

But the guy running that private shop might be open to a civil suit by the principal.

Re:I'm still trying to wrap my brain around... (5, Insightful)

deathlyslow (514135) | about 2 years ago | (#42146685)

Just because he works for the FBI doesn't mean he is computer literate. The majority of them are nothing more than federally paid beat cops doing missing persons investigations and helping out when other LE can't do the investigation themselves. I think you and others are giving him too much credit because he works for a three letter government agency.

Re:I'm still trying to wrap my brain around... (1)

K. S. Kyosuke (729550) | about 2 years ago | (#42146537)

Before returning the laptop to the school, he tried to wipe the program (SpectorSoft's eBlaster) by having FBI agents scrub the computer and by taking it to a computer repair shop to be re-imaged. It somehow survived

This kind of incompetence is absolutely baffling to me. Putting SW into a computer that you don't know how to remove? Being unable to remove it by wiping a disk (while working at FBI to boot)? Being unable to pick a repair shop that can actually image disks? Not making an image in the first place before you put something you don't know how to remove? I'm stunned.

Re:I'm still trying to wrap my brain around... (1)

MichaelSmith (789609) | about 2 years ago | (#42146797)

I thought maybe it was in firmware but that doesn't explain how it phoned home.

Fraud? (4, Insightful)

MrLint (519792) | about 2 years ago | (#42145913)

Shouldn't the shop that supposedly "re-imaged" it busted for fraud? One also might wonder why an FBI agent is using internal FBI resources to "scrub" a non FBI machine that isn't part of an investigation. Finally, these morons don't know about DBAN???

Re:Fraud? (5, Funny)

gstoddart (321705) | about 2 years ago | (#42146037)

Finally, these morons don't know about DBAN???

No, but they seem to be experts at DBAG. :-P

Re:Fraud? (2)

Billly Gates (198444) | about 2 years ago | (#42146113)

These programs are malware and spyware and use the same methods to stay on as virii. The difference is they are legit so AV programs do not flag them. It could hide in the boot record as a trojan or hide in a restore point and be later re-installed when a user uses it. My guess is the IT team at the school simple uses restore as a quick and efficient way to wipe it before the student received it.

Re:Fraud? (0)

Anonymous Coward | about 2 years ago | (#42146557)

These programs are malware and spyware and use the same methods to stay on as virii. The difference is they are legit so AV programs do not flag them.

We should all see the problem with that last sentence, which I had no idea was true until now. Especially because we use legitimate software that DOES get flagged, like Android root tools and DVD drive emulation. This happen to the point that sometimes it's hard to use the tools because the AV refuses to whitelist it, and keeps deleting portions that you unzip without an explanation of what it is quarantining. This smells pretty bad, and I don't want to begin thinking what else my computer has that US tools will never flag, intentionally.

Just think of the software MS could drop into your system every time there's a new Windows update. They already have the ability to profile users by windows key, and as a US company, they are forced to comply with law enforcement. What do you call a rootkit that is put there by the OS maker?

Re:Fraud? (1)

TheCarp (96830) | about 2 years ago | (#42146769)

> We should all see the problem with that last sentence, which I had no idea was true until now.
> Especially because we use legitimate software that DOES get flagged

My favorite was trying to bring a copy of clamav (definitions) into our internal lab. I didn't realize the linux desktop build here had a virus scanner installed (I have never installed one on a linux box except to scan incoming file for other environments).

I copied it down to my transfer directory, then I went to copy it into the lab.
Permission denied. I check the permissions, its owned by me, mode 750, so far so good. I try again.... permission denied. I shake my head, make it 777, and try again...
permission denied. I try to open the file just to see if I can....
permission denied. I become root and try...
permission denied. I check if SELINUX is on.... its permissive....

In the end, I go back to the machine that I first downloaded it to, use openssl to encrypt the file... transfer it through with no problems... then decrypt it with openssl on the target machine.... finally.

Re:Fraud? (1)

K. S. Kyosuke (729550) | about 2 years ago | (#42146563)

These programs are malware and spyware and use the same methods to stay on as virii.

You mean, they hide in you spellchecker, occasionally causing it to malfunction?

Re:Fraud? (3, Interesting)

Anonymous Coward | about 2 years ago | (#42146243)

DBAN is not foolproof. Just the other day I started it up, and the kernel didn't register my hard drive. Started happily erasing my boot stick, and I never would have realized the difference had I not been paying attention.

(Had to go tweak the BIOS a little)

Re:Fraud? (5, Informative)

Baloroth (2370816) | about 2 years ago | (#42146277)

He didn't use internal FBI resources, hence the computer repair shop. He asked his friends at the FBI if they knew how to clear the laptop. They didn't, so he took it to the shop. That's hardly using FBI resources (the summary is more than a little misleading).

Agreed on the shop, they sound pretty incompetent.

Re:Fraud? (2)

sjames (1099) | about 2 years ago | (#42146319)

One also might wonder why an FBI agent is using internal FBI resources to "scrub" a non FBI machine that isn't part of an investigation

Because it wasn't a big deal? Because he wanted it done right and mistakenly thought the FBI could get it done? For all we know, a tech he knew did it after hours.

I think the much larger concern is that the result wasn't a completely wiped laptop.

Re:Fraud? (2)

MNNorske (2651341) | about 2 years ago | (#42146327)

You've never had a coworker ask you for help with something they can't figure out? It happens all the time around here, had many a non-techie bring in a laptop that needs a little TLC and someone will do it over their lunch or bring it home and do it. In the case of the FBI folks doing this they could even have been using it as a training opportunity for a rookie tech.

Re:Fraud? (2, Interesting)

Phroggy (441) | about 2 years ago | (#42146403)

Shouldn't the shop that supposedly "re-imaged" it busted for fraud? One also might wonder why an FBI agent is using internal FBI resources to "scrub" a non FBI machine that isn't part of an investigation. Finally, these morons don't know about DBAN???

I've been a Slashdotter for 15 years and I had never heard of DBAN until reading your comment and Googling it. Your other two points are pretty solid, though. What the hell happened?

Re:Fraud? (5, Interesting)

Anonymous Coward | about 2 years ago | (#42146691)

I work for the FBI, and while I am not familiar with this incident, I'm pretty sure there will be some administrative inquiry into misuse of gov't time & resources, especially since it has made us look bad in the press. I'll have to wait for the next quarterly report on ethic violations (which are always hilarious to read, some people are fucking idiots).

This is probably common (0)

Anonymous Coward | about 2 years ago | (#42145933)

I bet probably 30% of all principals are guilty of this.

Re:This is probably common (4, Funny)

Rosco P. Coltrane (209368) | about 2 years ago | (#42146015)

I hear 90% of all statistics are made up.

Re:This is probably common (5, Funny)

gstoddart (321705) | about 2 years ago | (#42146107)

I hear 90% of all statistics are made up.

Only about 70% of the time.

Re:This is probably common (1)

PIBM (588930) | about 2 years ago | (#42146263)

I'm 95% confident that I said it was 84% of the time.

Re:This is probably common (5, Funny)

Phroggy (441) | about 2 years ago | (#42146433)

I hear 90% of all statistics are made up.

Only about 70% of the time.

"Don't believe everything you read on the Internet." - Abraham Lincoln

Re:This is probably common (1)

gstoddart (321705) | about 2 years ago | (#42146711)

"Don't believe everything you read on the Internet." - Abraham Lincoln

That was Moses, not Lincoln. ;-)

Re:This is probably common (1)

dimethylxanthine (946092) | about 2 years ago | (#42146603)

"70 percent of the time - it works every time!" - Anchorman

Seth McFarlane? Is that you? (4, Funny)

Rosco P. Coltrane (209368) | about 2 years ago | (#42145935)

So let me guess: the guys's name is Stan, the kid's name is Steve and the principal is called Brian?

Re:Seth McFarlane? Is that you? (1)

Penguinisto (415985) | about 2 years ago | (#42146239)

Wrong agency (it would have to be CIA to get the hat trick.)

Good call anyway - American Dad was the first effing thing I thought of when I read TFA.

Spector (0)

Anonymous Coward | about 2 years ago | (#42145959)

Speaking from personal experience?

Spector was a bitch to bypass on a PC with Windows 98 in 2000. It was hard enough just locating its image cache and wiping out its records of my illicit porn browsing sessions. I have no doubt that it is nigh indestructible on modern PCs.

So now, (3, Insightful)

Anonymous Coward | about 2 years ago | (#42145965)

Every law enforcement parent will install spyware on his kids' school computers and "forget" to remove the spy software.

Bios flashed spyware? (0)

Anonymous Coward | about 2 years ago | (#42145989)

How can disk-based spyware survive a total hard disk format unless it was stored in some sort of non-volatile memory?

Can someone better explain how this was possible?

Re:Bios flashed spyware? (5, Informative)

black3d (1648913) | about 2 years ago | (#42146425)

The main way that rootkits survive a total hard disk format is because they're running at the time - any decent rootkit is more than able to stop a simple format from removing it simply by intercepting any parts of the format which target it, and returning OK signals. They'll usually survive a low level format in the same manner. "Whats that? You want to change one of my bits to 0? Okay.. umm.. Done! *cough*". You can generally reliably remove rootkits by taking the drive out, putting it into an external drive bay (so its not present on a PC while booting), connect the drive when your PC is started up and then format it with none of its code executing.

However, if the FBI or PC store simply formatted it through, say, re-formatting the drive by running the Windows setup disk, then a kernel level rootkit would happily stay in-tact in this manner. In fact, to spot it, you'd really have to use some imaging software with comparison checksums so that after the the imaging it can make sure everything is as it should be. While the rootkit can happily inform that "nothing is there", it can't predict what should be there in an imaged drive, and would be caught out that way. However - thats not how 99% of us format drives, especially since most don't have MD5d images of other peoples hard disks, or don't put them in external caddies before doing so. :P

Re:Bios flashed spyware? (4, Interesting)

Culture20 (968837) | about 2 years ago | (#42146805)

The main way that rootkits survive a total hard disk format is because they're running at the time - any decent rootkit is more than able to stop a simple format from removing it simply by intercepting any parts of the format which target it, and returning OK signals. [...] if the FBI or PC store simply formatted it through, say, re-formatting the drive by running the Windows setup disk, then a kernel level rootkit would happily stay in-tact in this manner.

If they used the Windows setup disk to nuke the drive, how did the rootkit get on the DVD? How did the rootkit stay running after a reboot? You're almost on the right track, but BIOS/EFI infection is the answer you're looking for (or HDD firmware). The rootkit has to be running before any OS boots up. Even a boot-sector virus won't survive a disk-wipe, so there had to be a re-infection method.

Two stories here (2, Insightful)

roc97007 (608802) | about 2 years ago | (#42145991)

The story enclosed within this one is that (a) the FBI is unable to effectively scrub FBI spyware installed by an FBI agent, and (b) the computer repair shop charged an FBI agent to scrub and reimage a laptop, and then apparently just moved it from the To Do shelf to the Done shelf.

...or, that's just what they WANTED you to believe...

Re:Two stories here (5, Informative)

dinfinity (2300094) | about 2 years ago | (#42146253)

Yes, that or the submitter deliberately misquoted the article:
"Auther first took the laptop to his FBI office and asked his colleagues how to wipe it clean. Apparently they don’t have many cyber experts in the Mariana Islands, because they were unsuccessful. So Auther had to instead take it to a computer repair shop, which cleaned out the old files and allegedly reimaged the hard drive to return it to its original settings."

Sounds to me like there wasn't any professional FBI 'scrubbing' involved, just some guy going to work and talking about wiping a laptop by the water cooler.

Re:Two stories here (1)

roc97007 (608802) | about 2 years ago | (#42146839)

...or that...

Re:Two stories here (4, Insightful)

MNNorske (2651341) | about 2 years ago | (#42146413)

Most laptops these days have a recovery image on a separate partition of the hard drive. It would not be beyond belief that the spyware the agent used injected itself into the recovery partition so it would re-install itself. My guess is that this particular agent was not a technical expert himself and probably just asked a coworker who was technical what he could use to monitor his child's use of the computer. When he handed the machine off to someone to restore it he may not have told them exactly what he put on it, and if they then used the recovery partition, well... you have this scenario.

Re:Two stories here (0)

Anonymous Coward | about 2 years ago | (#42146813)

Wow, really? That's your take-away from this?

Here's my "story within a story" for you

The FBI 1) spied on a US citizen without a warrant and 2) a US court said that was fine because it wasn't on his computer.

This is frightening in more than one way but here's the most frightening thing about it:
The courts have said over and over that the internet is just like the phone system and blah blah blah.
If I walked up to a pay phone and called my drug dealer/enforcer/bookie I could expect a measure of protection from the courts because the courts have said this is the case. I can't expect that on the internet.

Europe is looking mighty good about now.

The FBI don't know how to remove spyware (0)

Anonymous Coward | about 2 years ago | (#42145995)

Really? Really? My grandmother can do that. I am happy the man got caught but there's something really up here, either the FBI are incompetent or they just feel like installing spyware on every computer they come across.

Re:The FBI don't know how to remove spyware (1)

SJHillman (1966756) | about 2 years ago | (#42146429)

Or not every single FBI agent is a computer expert and he just talked with some co-workers in his department rather than having the FBI's IT team take a crack at it. Which is why they would have taken it to an IT shop.

Defined by their employer... (2)

Neil_Brown (1568845) | about 2 years ago | (#42146001)

I was originally going to post that TFA makes it clear that this was a case of a person who happened to be employed by the FBI, finding himself in this situation, but is just described by TFS as "an FBI agent" — it made me wonder whether someone should be defined by their employer.

It rather broke down for me when TFA starts saying how he got "all flashy with his FBI badge" to investigate, rather than just reporting it to the police — is this really still just someone acting as a father?

Re:Defined by their employer... (3, Insightful)

Ixokai (443555) | about 2 years ago | (#42146189)

Read TFA -- the Judge made a note of this. The initial report that he got was just him as a father: after that what he was doing was basically being an FBI agent. *However* even though he was, the fact that the computer was essentially stolen meant the guy had no expectation of privacy for it. anyways.

Re:Defined by their employer... (2)

SJHillman (1966756) | about 2 years ago | (#42146465)

It's sort of like an off-duty cop who happens to be in a store when it's robbed and takes action as a police officer. His initial being there is just part of being a citizen. Once the robbery started, he made the shift from citizen to law enforcement as would be expected even though he's off-duty.

the judge is kind of right (5, Informative)

alen (225700) | about 2 years ago | (#42146003)

the prinicipal was a moron for using a school computer. if it was his own computer then a search warrant would apply.

with no warrant (2, Insightful)

Anonymous Coward | about 2 years ago | (#42146011)

a cop kicks a door in and finds pot.

Cop to judge: "I did it as a private citizen!"

Judge: "Ok then. This is admissible."

So, I wonder what would happen to me if I shot that cop busting down my door as a "private citizen"?

It doesn't matter anyway. When it comes to child porn, taxes, drugs or terrorism, you are guilty until proven innocent. Where are the Ben Franklin dressed Teapartiers? Why aren't they out there preaching their message about freedom over this erosion of our liberties? Or it folks are so afraid on being on the side of a consumer of child porn that they won't dare say anything?

Here it is folks the slippery slope and it's happening.

Re:with no warrant (4, Insightful)

SJHillman (1966756) | about 2 years ago | (#42146523)

Kicking in a door is illegal as a private citizen and is not something you would expect a private citizen to do. Installing software to monitor his kid's activities is something perfectly legal and well within the realm of what a private citizen might be expected to do. As with many laws, there's a gray area that you have to actually use your brain to determine if something is reasonable or not. There's no slippery slope no matter how much you tilt your head.

Re:with no warrant (1)

Gerinych (1393861) | about 2 years ago | (#42146533)

He had a reason to install spyware on his son's computer. If you're gonna act like a private citizen, you better have a damn good explanation for violently breaking down someone's door just to bust him for pot.

Re:with no warrant (3, Interesting)

fermion (181285) | about 2 years ago | (#42146587)

In this case the fact is that the guy was an FBI agent was just a random happenstance. Equipment that he did not own was used for illegal activity. It is like if one was borrowing a school bus to transport drugs on the assumption that no one would suspect a school bus. Does the FBI need permission from you to inspect the school bus owned by the school? I wouldn't think so. If a kid were being raped in a classroom, would the cops need probably cause or the rapist permission to enter? No, it is a school, they can enter. I suppose we would be defending the rapist for shooting a teacher who entered the classroom to see what the commotion is?

I try to be very careful about what I use other's equipment for. When I was younger I was less careful about computers, but then when i was younger there was not 10 years of ruling saying that there is no expectation for privacy if you use employers stuff. For instance, is there anything to stop your employer from listening to your telephone calls on phones the employer owns and pays for the operations. Not really. So we bring cell phones to work that we pay for completely. There is no ambiguity if an employer taps a personal phone.

Stories like this are important because it reminds us that using things we don't own for questionable purposes is not really such a good idea. Clearly older people, who grew up in a time maybe when assets were not tracked as carefully as they are today, or younger people who have not learned how carefully things can be tracked, need to hear this lesson. Clearly some believe that that you can steal equipment, use it for illegal activity, and still deserve the full protection of the law.

can't wipe a disk? (2, Insightful)

Sebastopol (189276) | about 2 years ago | (#42146043)

FBI agents AND a computer repair shop couldn't wipe a disk?

Not buying it.

Re:can't wipe a disk? (4, Insightful)

Ixokai (443555) | about 2 years ago | (#42146221)

Not all FBI agents are computer wizzes. TFA said that the office he was in had no computer crimes unit which is where the computer wizzes congregate.

And it surprises you that a computer repair shop might not actually do what they say they are going to? Really?

Re:can't wipe a disk? (0)

Anonymous Coward | about 2 years ago | (#42146383)

Not all FBI agents are computer wizzes. TFA said that the office he was in had no computer crimes unit which is where the computer wizzes congregate.

Congregate? We're talking about a disk wipe here. The only place they needed to "congregate" to find a tool to do that is the 6th-grade playground.

Clearly the FBI standards of hire need to be raised if they think they need a goddamn computer "wizz" to do that.

Re:can't wipe a disk? (1)

alen (225700) | about 2 years ago | (#42146655)

i've read most of the agents are lawyers, accountants or something similar

Re:can't wipe a disk? (2)

gman003 (1693318) | about 2 years ago | (#42146471)

Could be that the spyware is really, really well-designed. Some sort of boot sector thing, perhaps?

If the spyware was designed to be difficult to remove, and nobody was looking for it, it wouldn't be surprising that it survived something that removes most software.

Re:can't wipe a disk? (1)

Vicarius (1093097) | about 2 years ago | (#42146639)

The guy who failed to wipe the computer probably got a new promotion, precisely because of his highly valuable skill of not being able to wipe a computer while saying he did it.

Shameless plug for eBlaster (1)

Anonymous Coward | about 2 years ago | (#42146053)

SlashCash effect, buy stock in eBlaster before the commerce server melts.

Not quite (1)

Billly Gates (198444) | about 2 years ago | (#42146075)

I am no lawyer so perhaps one could feel free to reply.

Here is what I understand?

First, if you had no real expectation of privacy whatsoever we would not have click-thru agreements and signed paperwork by HR giving our rights away as a condition of employment.

Second, judges throw out such claims in court all the time. The evidence should not have been permisable as the agent should be the one in trouble here for interfering with school property. If any evidence was obtained illegally then it needs to be thrown out.

Third, how do you know the FBI agent wasn't an agent? There are overtime lawsuits going on where doing paperwork at home or just checking email constitutes as work and the lawyers are drooling at this with overtime lawsuits. You can't prove otherwise.

Re:Not quite (1)

cheekyjohnson (1873388) | about 2 years ago | (#42146343)

Second, judges throw out such claims in court all the time. The evidence should not have been permisable as the agent should be the one in trouble here for interfering with school property. If any evidence was obtained illegally then it needs to be thrown out.

Yeah, but... child porn! It's for the children!

Re:Not quite (1)

Vicarius (1093097) | about 2 years ago | (#42146695)

Do you really want to be a judge that sided with an accused child porn user? That will ruin your career no matter who is right or wrong.

Re:Not quite (0)

Anonymous Coward | about 2 years ago | (#42146751)

Do you really want to be a judge that sided with an accused child porn user? That will ruin your career no matter who is right or wrong.

That is part of the problem. I need more information about the case.

If the FBI agent was just a private citizen what he could do is then use this information to then ask the judge for a search warrant. Only then prosecute so it could be kosher as I accidently found these etc. However, if he didn't do that then most likely an appeals court would throw it out.

If this is recorded as actually ok then I fear what will happen next as every agent will simply do whatever he or she wants then cite this case saying I just acted as a private citizen. Just make sure it is done at 5:01 pm etc. Where do you draw the line?

Now that's what I call... (1)

kiehlster (844523) | about 2 years ago | (#42146081)

*puts on sunglasses* ... a cold dish.

Re:Now that's what I call... (1)

R3d M3rcury (871886) | about 2 years ago | (#42146643)

Yeah.

My mind is melting. (3, Insightful)

Sydin (2598829) | about 2 years ago | (#42146089)

I won't lie: any day one of these child porn scumbags is caught is a good day. Even so, the story makes no sense. The FBI doesn't know how to remove Spyware? Any technician worth their salt would run DBAN and that would be the end of it. Yet the FBI went though what sounds like a two step process to wipe this thing, yet failed? I'm not buying it. At the same time though, I have no idea why this guy would have any reason to suspect that the principle would immediately start using his son's laptop upon return, nor any reason to think he was looking at child porn. This story is such a hodgepodge of plausible and impossible... I need a freaking drink.

Re:My mind is melting. (3, Insightful)

iggymanz (596061) | about 2 years ago | (#42146207)

we're talking about the FBI in Saipan, the U.S. territory of the Northern Mariana Islands. no surprise they wouldn't be cyber experts nor have one, and that the parent would just take a school's laptop to a computer shop for a wipe before returning it to school. not a government computer, not U.S. government concern.

Re:My mind is melting. (3, Interesting)

cheekyjohnson (1873388) | about 2 years ago | (#42146313)

I won't lie: any day one of these child porn scumbags is caught is a good day.

But the real question is... are you super mega anti-child porn?

Re:My mind is melting. (4, Insightful)

Ixokai (443555) | about 2 years ago | (#42146417)

"The FBI" is not a monolithic thing.

He didn't take it to an FBI technician-- if he did, it'd probably have been cleaned up tight and fast. He took it into his office, where TFA says *they don't have cyber guys*. I.e., he's in some dingy little office without a cyber crimes unit. This doesn't sound implausible at all, the guy's in an FBI office across the Pacific in a US territory, not in Los Angeles.

Then he took it in to a local computer repair shop, and it doesn't at all sound implausible to me that they might have fibbed on just what they did. Instead of re-imagining it, they may have just done a quick scrub of the user settings.

"The FBI" didn't go through a two step process. A guy who is also an FBI agent went through a two step process. Not everything an FBI agent does is with the full force and resources of The FBI.

Re:My mind is melting. (2)

SJHillman (1966756) | about 2 years ago | (#42146605)

By your logic, every single nurse where I work should be an IT expert just because we also have an IT department. Oh wait, while they might talk to other nurses in their department about a non-work computer they probably won't bring it to the IT department to look at? How bout that, not everyone in an organization with an IT department happens to work in the IT department.

hmmmm (2)

TheCarp (96830) | about 2 years ago | (#42146129)

> by having FBI agents scrub the computer and by taking it
> to a computer repair shop to be re-imaged.

wow..... um.... I am really curious as to how it did this. Something smells fishy. I can understand it surviving a "scrub", since anyone who does systems work should know that there are many places in a modern os to hide, and unless you know exactly what it does and how it hides, its impossible to say for sure a system has been cleaned.

However, the pc shop? maybe they didn't really "re-image" it, but instead did their own quick "scrub" and ran something like sysprep?

Otherwise maybe they just did a reinstall from a hidden factory reinstall partition? I could see something hiding up in there but....

I dunno, it seems like it HAS to be something along one of those lines. Aside from that...if it really was incidental...well.... accidents do happen, and sometimes they end up biting the best possible people.

In any case, I think the circumstances do sound fishy, and in no way should what he caught excuse what he did if it wasn't accidental, so there should be serious investigation into that too....but I could see that just turning up technical incompetence rather than malfeasance....

That is, unless it turns up fraud on the part of the PC Repair shop.... very likely they did not do the job they were paid to do.

Re:hmmmm (1)

detritus. (46421) | about 2 years ago | (#42146555)

Otherwise maybe they just did a reinstall from a hidden factory reinstall partition? I could see something hiding up in there but....

I was thinking possibly along the lines of laptops with lojack embedded in the BIOS to phone home on Windows PC's. SpecterSoft is vague on the details of their tamper proof technology, but perhaps they have a partnership with Lojack to reinstall the software upon reformat? the eBlaster software is an online service that stores search activity in their "cloud". Regardless of how it got on there, I think the agent probably still had days left on his subscription and likely received an alert instantly of the activity going on.

Re:hmmmm (1)

detritus. (46421) | about 2 years ago | (#42146741)

I could also be giving SpecterSoft too much credit. SpecterSoft could possibly and simply had something embedded in the MBR and an image wasn't done, just a format, and an OS was reinstalled, or like you said, a recovery partition.

Re:hmmmm (0)

Anonymous Coward | about 2 years ago | (#42146679)

> by having FBI agents scrub the computer and by taking it
> to a computer repair shop to be re-imaged.

wow..... um.... I am really curious as to how it did this. Something smells fishy. I can understand it surviving a "scrub", since anyone who does systems work should know that there are many places in a modern os to hide, and unless you know exactly what it does and how it hides, its impossible to say for sure a system has been cleaned.

However, the pc shop? maybe they didn't really "re-image" it, but instead did their own quick "scrub" and ran something like sysprep?

Otherwise maybe they just did a reinstall from a hidden factory reinstall partition? I could see something hiding up in there but....

FYI: There are root-kits that are available which get planted into the BIOS and survive a "re-image"... all they require is root/admin access to the device in the first place - which the agent clearly had.

Some Clarification (5, Informative)

PuckSR (1073464) | about 2 years ago | (#42146231)

The "FBI" didn't wipe his computer. He simply asked his co-workers for some help. Apparently neither he nor they were particularly tech-savvy so he took it to a computer shop. He probably asked the shop owner to remove "all of my kid's games and stuff". I imagine that this spyware tries to mask itself so that kids cant just find it and uninstall it. The shop owner probably just uninstalled all of the "games and stuff" and then returned it.

The problem is that a person who was so confused by removing software that he had to go to a "computer shop" is trying to tell you what he did. He didn't get the FBI to clean the machine, he simply asked his co-workers who didn't know either. This also happened in Saipan, not New Jersey. The FBI has a small office, not a high tech lab.

The FBI agent screwed up by not notifying authorities immediately(he tried to solve the case himself), but he was probably concerned that the evidence wouldn't hold up in court. Lucky for everyone, the Judge seems like he was willing to stretch the letter of the law to punish a clearly guilty man.

Re:Some Clarification (0)

Anonymous Coward | about 2 years ago | (#42146615)

I sure love it when people contravene the justice system to catch bad guys. It's so awesome!

Unanswered related question (0)

Anonymous Coward | about 2 years ago | (#42146257)

But one question remains unanswered: Did the father tell his son in advance about the spyware he installed on the laptop? I think it is not cool for a dad/parent to secretly spy on his kids, even if he [the dad] is a real agent.... That's just creepy and not "caring"!

Horny Man = Horny Monkey. No difference. (0)

Anonymous Coward | about 2 years ago | (#42146463)

The porn on his computer is merely evidence of one person's attractions, but its generally true about all hetero-human males. Fact is: nearly ALL adult males are attracted to females under age 18. Its a biological force that can't be stopped by the law; but it does deter men from acting on it (usually). Hook up any random adult male to a penile plesmograph and sit him down in front of a whole room of 17 year old cheerleaders wearing bikini's and playing volleyball for an hour, and I think the results will confirm this.

What's worse? (0)

Anonymous Coward | about 2 years ago | (#42146473)

I don't know what's worse: a father installing spyware to keep track of his kid's activities, a school principal interested in child porn, or the FBI arresting the guy for performing a search for the same. I do know one thing, though: assuming all the principal did was to search for child porn, his actions are the least contemptible of the three.

What fun this kid's life must be! (1)

Anonymous Coward | about 2 years ago | (#42146579)

I wonder if the cameras in his bedroom or the GPS ankle bracelet bother him at all.

Brian@eBlaster said it will not survive format (1)

Anonymous Coward | about 2 years ago | (#42146581)

According to "Brian", the web chat representative for the eBlaster site, the program will not survive a format/re-image.

This means that the 'computer shop' did not actually do the job they were paid to do. This is expected because OEMs have different images for most different hardware lines, which includes all the other crap (bloatware) the OEM pre-loads on the system. Expecting a computer shop to be able to re-image is the problem. They can't unless you provide the system image from the MFG or have your own system image, or have your own software discs, licenses, etc.

This just in: (4, Funny)

Culture20 (968837) | about 2 years ago | (#42146613)

All newly sold computers in the United States will actually be pre-owned by FBI agents' family members. Full story at eleven.

Criminal Charges (0)

Anonymous Coward | about 2 years ago | (#42146687)

For the FBI agent that installed malicious software and then used tax payer funds to try to cover his tracks.

They arrested the wrong guy (1)

Alien Being (18488) | about 2 years ago | (#42146845)

An FBI agent installed software on a machine on which he wasn't authorized. That's a crime. He acted as an agent when it suited him and then claimed he was acting as a civilian when that suited him.

Knowing what assholes FBI agents can be, and how easy it is to wipe a drive if you really want to, I have to wonder if this isn't an elaborate frame job.

Even if the principal is guilty, so is the agent. Corrupt law enforcement officers are worse than pedophiles.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?