Tag: FBI

Success, and failure, with the systems

I am not a lawyer. Let’s repeat, I am not a lawyer. But I am not a criminal (as far as I know), and I am a laptop encryption user (and a fervent believer in it). Now, I am going to opine on a story…

A guy, one Joseph Edward Duncan II, is accused of murder and kidnapping (i.e. the parents were murdered, and the children were kidnapped). The FBI confiscated a laptop of his, and despite their best efforts, they can’t crack its encryption.

The computer key may provide Duncan some negotiating leverage in the next few weeks when authorities file federal charges that are expected to carry the death penalty. ‘Federal authorities are going to attempt to execute my client,’ said Roger Peven, Duncan’s federal public defender. ‘This is something I’d be happy to talk with federal authorities about.’ Peven is the only person other than Duncan to have seen some of the contents of the laptop. He has declined to say what he saw on the computer.

What is right with this picture is that encryption works. If you are storing sensitive personal and business documents on your machine, I’d bet a thief is not going to get into it any easier that the FBI, if properly encrypted. What a great system.

What is wrong with that picture? Well, this human (if you can call him that), killed a family so he could kidnap a couple of innocent kids to satisfy his sick sexual desires. Authorities found one dead child and another in a terrible state. Duncan plead guilty. Now his lawyer, who has seen the laptop contents, is using the laptop as leverage to keep Duncan alive.

Very sad system indeed.

FBI calls for cooperation in bug battle

The US Federal Bureau of Investigation is calling for cooperation between researchers and law enforcement in the fight against organized web attacks.

Some would be inclined to agree with this idea, and some would say the moment you open your mouth about a bug you are immediately labeled the perpetrator. I doubt the FBI has time to listen to every potential threat from every researcher, so I think it behooves the Feds to pitch this line to state and local task forces as well – you know, the ones looking for brownie points and are willing to shoot first and ask questions later to get them.

As for the sincerity of the FBIs initiative? I’m giving it a thumbs up – they are building a track record, with their leadership having played this hand before. What remains to be seen if they can get their fellow law enforcement friends on board too.

FBI approved hacker attempts but not the success

Joseph Thomas Colon purportedly received downline approval to hack into FBI databases, and now awaits sentencing for his success. While the acquisition of internal passwords and initial access points is still the subject of debate, the fact that the government is not alleging the attempts were made to harm national security, as well as prosecutor’s labeling of the intrusions as “curiosity hacks,” would lead some to believe there is more to the story.

Mr. Colon plead guilty, the FBI claims it has instituted new security measures, the band has entered into confidentiality agreements, Mr. Colon has been accused of this before, and it seems the hacks could have been orchestrated by a sixteen year old script kiddie.

More to Mr. Colon’s past? An undercover job in his future? Or just an outstanding embarrassment that needs sweeping under the rug?

***UPDATE***

It is sounding like brooms to me.

***UPDATE 2***

Mr. Colon gets six months home detention, a sentence more suitable for someone who embarrassed the government than threatened national security.

FBI loss estimates underscore security woes

The FBI says that computer crime costs US businesses over $67 billion, and that is just from organization-based incidents. Add to it the $50 billion plus from identity theft (often a result of security breaches), the untold and virtually impossible to measure lost productivity from individuals working from home and the like, and you now have probably have a sizable chunk of GNP. Ouch.

How to stop those pesky FBI wiretaps

If you are a malcreant and you know the FBI is tapping your phone conversations, there is no need to worry. It is fairly easy to foil those taps, and here’s how. I note this not because I want to disrupt FBI investigations – I believe if you are doing something wrong, you deserve what ever is coming down the pike at you. But it does show that your phone is still not very safe, as any phreak (which we thought was dead in the digital age) could be used for more dastardly means; it also shows that the government needs some better technology if they are going to get the crooks.

Of course, the feds could just buy your phone records, but then they wouldn’t have those lovely recorded conversations. And if they are really looking for “subversives,” paranoid as the government seems nowadays, it may just be easier to mine Amazon.com’s wishlists.

Don’t pick on my government!

There are a lot of well publicized problems with the US Government right now, so naturally people are going to pick on that fact. When the underground starts sending out worms in packages disguised as emails from the FBI and CIA, it becomes personal. They don’t need the distractions, and I am working on a project that is just risky enough for me to think I might be needing some food stamps somewhere down the road. So stop!

PS: at least the damage seems to be happening somewhere other than here.

I’ve got’em in my crosshairs, Hank

BusinessWeek is running this article, and I think it is worth your time to read. It chronicles some of the recent criminal activity that has been plaguing the internet, and what the authorities are doing about it.

The bottom line is, hackers (the bad ones that break stuff, not the good ones who create stuff) are moving from fun to money as motive for their actions. Exploits are becoming ever more complex, and the authorities are being forced to implement ever more intricate countermeasures to knock them down.

I personally offer the good guys the best of luck, and any resources at Spamroll’s disposal. Best regards to the “Hacker Hunters.”