Visit the Wrong Website, and the FBI Could End Up in Your Computer
Security experts call it a “drive-by download”: a hacker infiltrates a high-traffic website and then subverts it to deliver malware to every single visitor. It’s one of the most powerful tools in the black hat arsenal, capable of delivering thousands of fresh victims into a hackers’ clutches within minutes.
Now the technique is being adopted by a different kind of a hacker—the kind with a badge. For the last two years, the FBI has been quietly experimenting with drive-by hacks as a solution to one of law enforcement’s knottiest Internet problems: how to identify and prosecute users of criminal websites hiding behind the powerful Tor anonymity system.
The approach has borne fruit—over a dozen alleged users of Tor-based child porn sites are now headed for trial as a result. But it’s also engendering controversy, with charges that the Justice Department has glossed over the bulk-hacking technique when describing it to judges, while concealing its use from defendants. Critics also worry about mission creep, the weakening of a technology relied on by human rights workers and activists, and the potential for innocent parties to wind up infected with government malware because they visited the wrong website. “This is such a big leap, there should have been congressional hearings about this,” says ACLU technologist Chris Soghoian, an expert on law enforcement’s use of hacking tools. “If Congress decides this is a technique that’s perfectly appropriate, maybe that’s OK. But let’s have an informed debate about it.”
The FBI’s use of malware is not new. The bureau calls the method an NIT, for “network investigative technique,” and the FBI has been using it since at least 2002 in cases ranging from computer hacking to bomb threats, child porn to extortion. Depending on the deployment, an NIT can be a bulky full-featured backdoor program that gives the government access to your files, location, web history and webcam for a month at a time, or a slim, fleeting wisp of code that sends the FBI your computer’s name and address, and then evaporates.
http://www.wired.com/2014/08/operation_torpedo/
= new reply since forum marked as read
...when I bought the machine.
Everything we're using right now to express these ideas had their genesis in the MIC. It was an idea born of a means to connect the intelligentsia, directly with the military. It worked.
So the architecture and hardware was designed with them in mind from the start. The monopolies who created the mainstays of the standard circuit boards, servers, routers and the web itself, all created it all with a military mindset at the bottom of it.
The problem for them is, the human mind can only process so much data at a time. And with the volume of cat pictures we send alone, they can never keep up. The primitive minds at the base of all this, will end up reaching for the bludgeons in the end.
- Just like Orwell said.
K&R
