[Cryptography] DOJ Wants to Expand Authority to Break Into Suspects' Computers

ianG iang at iang.org
Mon Jun 2 07:48:26 EDT 2014


On 31/05/2014 22:28 pm, Bill Frantz wrote:
> From SANS NewsBites Vol. 16 Num. 038
> 
> (May 9, 2014)
> The US Justice Department (DOJ) has issued a request to the US Judicial
> Conference standing committee to expand its authority to gain remote
> access to computers during investigations. DOJ maintains it needs the
> authority to access computers outside the jurisdiction of an
> investigation because criminal schemes are increasingly crossing
> jurisdictions.


Please help!  The way I read this, it means a warrant would allow them
to hack across borders.  So, tit-for-tat:  when the PLA decides to hack
DoJ's computers, or Target's computers, or IBM's computers, or Lockheed
Martin's computers, it can simply get a warrant from the People's Court
#1 of Beijing and cite that to the DoJ.

This seems to give them an asymmetric result far out of Doj's favour,
why would they pursue this?

Anyone?  What do I not get here?


> The proposal has raised concerns among civil rights
> groups, which say that allowing this activity could pose a threat to
> Internet security and Fourth Amendment protections. The remote access
> would be achieved through vulnerabilities known to DOJ but kept secret
> from the public, thus posing a security threat.


Secret vulnerabilities?  NSA whispers, or their own zero-day collection?
 Oh my?!

The way I read this, they have now de facto authorised every other
justice department to start collecting zero-days and use them against
USA corporations.  So next we see the gang of 5 PLA generals in Chinese
court to collect their warrant.

I can see an advantage here that this might defer the tit-for-tat arrest
in 5 NSA generals in their next vacation to visit the great sights of
China ... but other than that, it again seems again like a net loss to DoJ.



> The US court system
> currently allows magistrate judges to issue search warrants for property
> outside their districts only in limited cases. The DOJ request will be
> considered at the meeting of the US courts' Committee on Rules of
> Practice and Procedure later this month.
> http://www.darkreading.com/government/fbi-seeks-license-to-hack-bot-infected-pcs/d/d-id/1252655?
> 
> http://www.bloomberg.com/news/2014-05-09/federal-agents-seek-to-loosen-rules-on-hacking-computers.html
> 
> http://www.computerworld.com/s/article/9248242/DOJ_seeks_new_authority_to_hack_and_search_remote_computers?taxonomyId=17
> 
> http://www.uscourts.gov/uscourts/RulesAndPolicies/rules/Agenda%20Books/Standing/ST2014-05.pdf#page499
> 
> [Editor's Note (Pescatore): The remote access part is worrisome, opens
> up huge potential for cyber-damage to innocent bystanders in many ways.
> It is pretty straightforward to turn off a wiretap or remove a tracking
> device from a suspect's vehicle. I don't think it removing a remote
> access Trojan is quite as simple, let alone giving law enforcement the
> authority to keep vulnerabilities secret from the public.  I don't want
> to be too hyberbolic, but to me this has the potential for backfire as
> the "Fast and Furious" ATF project to smuggle guns *into* Mexico to see
> who buys them. ]
> 
> 
> I would add to John Pescatore's comment: I can see the TLAs delivering a
> NSL to developers of major software requiring them to install backdoors
> and keep quiet about it. Do Apple and Microsoft have a canary? How about
> Firefox, Opera, Crome etc?


And, when the execs of those countries are fronted before court in
another country, what is the defence?

Is the next thing we are going to see arrests of employees (American and
Chinese) in China for hacking.



iang



More information about the cryptography mailing list