Topic: Rule 41 of the Federal Rules of Criminal Procedure

In case you missed it, the Supreme Court just gave the nod for the FBI to investigate anyone using privacy tools on the internet. This includes Tor, VPN, encrypted protocols or even denying Location Privileges to an app. 

From the EFF article (https://archive.is/11fDE):

The proposal would grant a judge the ability to issue a warrant to remotely access, search, seize, or copy data when “the district where the media or information is located has been concealed through technological means” or when the media are on protected computers that have been “damaged without authorization and are located in five or more districts.” It would grant this authority to any judge in any district where activities related to the crime may have occurred.

...

The first part of this change would grant authority to practically any judge to issue a search warrant to remotely access, seize, or copy data relevant to a crime when a computer was using privacy-protective tools to safeguard one's location. Many different commonly used tools might fall into this category. For example, people who use Tor, folks running a Tor node, or people using a VPN would certainly be implicated. It might also extend to people who deny access to location data for smartphone apps because they don’t feel like sharing their location with ad networks. It could even include individuals who change the country setting in an online service, like folks who change the country settings of their Twitter profile in order to read uncensored Tweets.

...

The second part of the proposal is just as concerning. It would grant authorization to a judge to issue a search warrant for hacking, seizing, or otherwise infiltrating computers that may be part of a botnet. This means victims of malware could find themselves doubly infiltrated: their computers infected with malware and used to contribute to a botnet, and then government agents given free rein to remotely access their computers as part of the investigation. Even with the best of intentions, a government agent could well cause as much or even more harm to a computer through remote access than the malware that originally infected the computer. Malicious actors may even be able to hijack the malware the government uses to infiltrate botnets, because the government often doesn't design its malware securely. Government access to the computers of botnet victims also raises serious privacy concerns, as a wide range of sensitive, unrelated personal data could well be accessed during the investigation. This is a dangerous expansion of powers, and not something to be granted without any public debate on the topic.

How could the FBI tell the difference between a malware infected computer (botnet) or someone who has modified firmware to install non-UEFI OS, eg LINUX?

Via BBC (https://archive.is/UX8uZ#selection-1061.0-1065.106):

Previously, magistrate judges could order searches only within the jurisdiction of their court, often limited to a few counties.
The US Department of Justice (DoJ) said the change was necessary to modernise the law for the digital age.

...

"Such a monumental change in the law should not be snuck by Congress under the guise of a procedural rule," said Neema Singh Guliani of the ACLU.

Via Slate (https://archive.is/LqTVY)

But Google says that the proposal is too broad and could have unintended, problematic impacts. It adds that if such a change is to be enacted, it should come through Congress, not a DoJ proposal to a judicial advisory committee. Salgado notes, “While the proposed ammendment ‘purports’ not to substantively expand the government’s search powers under Rule 41, it in effect does so anyway. ... The proposed amendment is a substantive change that imposes upon the constitutional rights of targets. ...”

Back to EFF:

Make no mistake: the Rule 41 proposal implicates people well beyond U.S. borders. This update expands the jurisdiction of judges to cover any computer user in the world who is using technology to protect their location privacy or is unwittingly part of a botnet. People both inside and outside of the United States should be equally concerned about this proposal.

The change to Rule 41 isn’t merely a procedural update.  It significantly expands the hacking capabilities of the United States government without any discussion or public debate by elected officials. If members of the intelligence community believe these tools are necessary to advancing their investigations, then this is not the path forward. Only elected members of Congress should be writing laws, and they should be doing so in a matter that considers the privacy, security, and civil liberties of people impacted.

Rule 41 seeks to sidestep the legislative process while making sweeping sacrifices in our security. Congress should reject the proposal completely.

The US war on privacy and encryption carries on towards their desired goals (https://archive.is/5mUBl#selection-391.0-391.630):

The new study documents how, in the wake of the 2013 Snowden revelations (of which 87% of Americans were aware), there was “a 20 percent decline in page views on Wikipedia articles related to terrorism, including those that mentioned ‘al-Qaeda,’ “car bomb’ or ‘Taliban.'” People were afraid to read articles about those topics because of fear that doing so would bring them under a cloud of suspicion. The dangers of that dynamic were expressed well by Penney: “If people are spooked or deterred from learning about important policy matters like terrorism and national security, this is a real threat to proper democratic debate.”

...

The fear that causes self-censorship is well beyond the realm of theory. Ample evidence demonstrates that it’s real – and rational. A study from PEN America writers found that 1 in 6 writers had curbed their content out of fear of surveillance and showed that writers are “not only overwhelmingly worried about government surveillance, but are engaging in self-censorship as a result.” Scholars in Europe have been accused of being terrorist supporters by virtue of possessing research materials on extremist groups, while British libraries refuse to house any material on the Taliban for fear of being prosecuted for material support for terrorism.

Whiskey for dinner tonight!

Thanks: BloozEhouNd1

Re: Rule 41 of the Federal Rules of Criminal Procedure

This is the shit that slips through while people are fucking arguing about bathrooms.

I have gin.

My internet is awful and I'm sharing it.  If you're waiting on me to seed something, be patient; I'll do my best.

"I will never bow down to another man even when everyone's saying I've sinned."  - Toh Kay

Re: Rule 41 of the Federal Rules of Criminal Procedure

Honestly, any security or privacy I once had is long gone. I've felt that for a while now.
It's sad that people aren't up in arms over it and outraged, but unfortunately we live in a world where we are distracted by even larger threats and atrocities.
The planet itself is dying. Who can guess if the politicians, corporations, or terrorists will strike the final blow.
I long for the days when we have the time to address these issues concerning privacy and government overreach.
But that seems like a fantasy these days.

"Flowers are cunts basically." - Guana

Re: Rule 41 of the Federal Rules of Criminal Procedure

I don't think you can say that it "slipped through" when a) Congress didn't vote on legislation for this and b) when it was submitted the way I'm sure it always is, but watchdog groups did what they are supposed to and brought it to the public's attention. 

I've just skimmed an article or two, but it looks like this was Chief Justice Roberts doing, as I can't imagine RBG, Kagan or Sotomayor siding with this.  This doesn't seem like a case brought to court, but the DOJ asking the SCOTUS to update "procedures."  I see the big companies fighting this tooth and nail alongside privacy advocates.  People have pressured Congress before with regards to internet privacy and won, and I can't seem them doing anything less now, especially given the pervasive and pernicious nature of what this ask is. 

I'm not surprised the DOJ is tryingto make this reach, especially after their continued showdowns with Apple, Google, and Microsoft.

Thanks: tacothecheese1

Re: Rule 41 of the Federal Rules of Criminal Procedure

Maybe they are just mad they couldn't figure out how to hack that iPhone themselves

"We've been divided, we've been bled,
Like a chicken without a head.
Running frantically amuck
Taking but not giving a fuck."

http://i188.photobucket.com/albums/z18/ickmcwang/ickmcwang.gif

Re: Rule 41 of the Federal Rules of Criminal Procedure

As the December 1st deadline approaches this law gets worse.

Bill Introduced To Push Back Approval Of DOJ's Proposed Rule 41 Changes - https://www.techdirt.com/articles/20161 … nges.shtml

New changes will include:

The proposed changes would allow the FBI to hack thousands of computers around the world with a single warrant, much like it already did during two child porn investigations. Unfortunately for the FBI, its warrant is being met with successful challenges because the agency clearly violated Rule 41 jurisdictional limitations.


In addition, the DOJ wants permission to break into "compromised" computers and poke around inside them without the permission or knowledge of the owners of these computers. It also wants to treat anything that anonymizes internet users or hides their locations to be presumed acts of a guilty mind. The stripping of jurisdictional limits not only grants the FBI worldwide access for digital seizures and searches, but also encourages it to go venue shopping for judicial rubber stamps.

A single warrant will provide the means to legally hack into everyone's computers, anywhere in the world, that uses a VPN or Tor for any purpose.

Please donate to the EFF and write to your representatives and encourage others to do the same.

Re: Rule 41 of the Federal Rules of Criminal Procedure

Ick McWang wrote:

Maybe they are just mad they couldn't figure out how to hack that iPhone themselves


LMFAO!!!!!

"Hey evil, why don't you eat my butt?"

Re: Rule 41 of the Federal Rules of Criminal Procedure

And Now in the UK,....Britain’s ‘extreme’ surveillance bill becomes law ;-(

https://www.rt.com/uk/368592-investigat … -snoopers/

Re: Rule 41 of the Federal Rules of Criminal Procedure

victimofradiation wrote:

And Now in the UK,....Britain’s ‘extreme’ surveillance bill becomes law ;-(

https://www.rt.com/uk/368592-investigat … -snoopers/

yeah, with this one, everybodys browsing habits have to be kept for a year
and with the US one, everybody who hides their browsing habits is illegal Oo

cunts

catch my punk radio show on sundays at 2pm GMT on www.rockindevilradio.com