Visit the Wrong Website, and the FBI Could End Up in Your Computer
Security experts call it a drive-by download: a hacker infiltrates a high-traffic website and then subverts it to deliver malware to every single visitor. Its one of the most powerful tools in the black hat arsenal, capable of delivering thousands of fresh victims into a hackers clutches within minutes.
Now the technique is being adopted by a different kind of a hackerthe kind with a badge. For the last two years, the FBI has been quietly experimenting with drive-by hacks as a solution to one of law enforcements knottiest Internet problems: how to identify and prosecute users of criminal websites hiding behind the powerful Tor anonymity system.
The approach has borne fruitover a dozen alleged users of Tor-based child porn sites are now headed for trial as a result. But its also engendering controversy, with charges that the Justice Department has glossed over the bulk-hacking technique when describing it to judges, while concealing its use from defendants. Critics also worry about mission creep, the weakening of a technology relied on by human rights workers and activists, and the potential for innocent parties to wind up infected with government malware because they visited the wrong website. This is such a big leap, there should have been congressional hearings about this, says ACLU technologist Chris Soghoian, an expert on law enforcements use of hacking tools. If Congress decides this is a technique thats perfectly appropriate, maybe thats OK. But lets have an informed debate about it.
The FBIs use of malware is not new. The bureau calls the method an NIT, for network investigative technique, and the FBI has been using it since at least 2002 in cases ranging from computer hacking to bomb threats, child porn to extortion. Depending on the deployment, an NIT can be a bulky full-featured backdoor program that gives the government access to your files, location, web history and webcam for a month at a time, or a slim, fleeting wisp of code that sends the FBI your computers name and address, and then evaporates.
http://www.wired.com/2014/08/operation_torpedo/
cantbeserious
(13,039 posts)eom
newfie11
(8,159 posts)Big brother has arrived.
FiveGoodMen
(20,018 posts)intended to make us comfortable with the term and unresponsive to Orwell's warning.
jakeXT
(10,575 posts)FiveGoodMen
(20,018 posts)DeSwiss
(27,137 posts)...when I bought the machine.
Everything we're using right now to express these ideas had their genesis in the MIC. It was an idea born of a means to connect the intelligentsia, directly with the military. It worked.
So the architecture and hardware was designed with them in mind from the start. The monopolies who created the mainstays of the standard circuit boards, servers, routers and the web itself, all created it all with a military mindset at the bottom of it.
The problem for them is, the human mind can only process so much data at a time. And with the volume of cat pictures we send alone, they can never keep up. The primitive minds at the base of all this, will end up reaching for the bludgeons in the end.
- Just like Orwell said.
K&R
riqster
(13,986 posts)I know that is not quite the case, but it keeps things simple.
bemildred
(90,061 posts)riqster
(13,986 posts)I don't much give a shit what Big Brother knows about my political views. I DO care about my financial information, so I take aggressive steps there to protect that from hackers.
bemildred
(90,061 posts)riqster
(13,986 posts)Doesn't that just make one bewitched and bothered?
bemildred
(90,061 posts)That's Bemildred in my avatar. One of the three bats.
riqster
(13,986 posts)I still have a plastic Porky Pine figure I got from a box of laundry detergent in the 60's.
bemildred
(90,061 posts)I have about a dozen old, ratty Pogo books and various pasted up comics from the newspaper. But it is an esoteric interest these days,
riqster
(13,986 posts)America could learn a lot from Simple J. Malarkey, the Bonfire Boys, and such.