Tech Made Simple

Hot Topics: Enter Our Apple HomePod Mini Giveaway | How to Fix Bluetooth Pairing Problems | How to Block Spam Calls | Snapchat Symbol Meaning

We may earn commissions when you buy from links on our site. Why you can trust us.

author photo

FBI Can Now Search Almost Any Computer

by Natasha Stokes on December 05, 2016

Federal agents now have even greater scope for spying on computers belonging to regular citizens, thanks to a controversial amendment that passed into law as of Dec. 1, 2016.

The long-standing Rule 41 governs how the FBI can search and seize property thought to be involved with crime. Its most recent amendment expands the search remit to include remote access of computers whose locations have been "concealed through technological means.”

In other words, the FBI can obtain a warrant to hack any device whose IP address is masked. This can include computers using a virtual proxy network (VPN), a common internet tool used to maintain privacy on public Wi-Fi networks, to watch Netflix (and other geo-restricted media) from another country, to improve streaming speeds or simply to remain anonymous online. Similarly vulnerable under the updated rule are computers running the Tor browser, which users use for privacy and security or to browse the Deep Web for reasons including visiting illegal sites and accessing secured communications for political dissidents and whistle-blowers.

The amendment also makes it legal to search computers that have been “damaged without authorization” — that is, subjected to malware such as hijacking into botnets used to launch distributed denial of service (DDoS) attacks. Considering that 16 million American households experienced serious virus problems in the past two years, that’s a lot of computers that the FBI could legally hack.

“This unprecedented increase in government hacking authority gives the government ability to more easily infiltrate, monitor, copy data from, inject malware into and otherwise damage computers, including victims of a crime, remotely,” said Nate Cardozo, senior staff attorney at the Electronic Frontier Foundation (EFF).

Dragnet for online crime

Until now, the FBI had to specify particular users it wanted a search warrant for. In the case of illegal sites, such as those on the Deep Web where traffic is heavily anonymized, this often proved difficult. Agents could also search computers only in the region where a warrant was granted, often an ineffective tactic because involved computers could be located anywhere in the world.

Under the new Rule 41, any computer with a hidden IP address or location can be included in the scope of a search warrant. Warrants can be granted in any jurisdiction and used to search multiple location-masking computers anywhere.

“This is about the FBI having the power to search any visitors to sites where they know or suspect illegal activity is going on,” says Chester Wisniewski, principal research scientist at cybersecurity firm Sophos.

In theory, the new rule helps the government ferret out faceless perpetrators of massive cybercrimes. Examples of these crimes include child pornography or drug trading rings and the botnet DDoS attack that recently took down Spotify, Twitter and Amazon.

But some of the FBI’s methodology for tracking suspected criminals online could endanger innocent users’ systems.

“Precisely because law enforcement doesn't know where the computer is, it has to use malware to uncover the real address of the computer they're looking for," said Gabe Rottman, deputy director of the Freedom, Security and Technology project at the Center for Democracy and Technology. "In doing so, law enforcement casts a very wide net, accessing computers that have nothing to do with the underlying investigation.”

For example, in 2013, the FBI obtained warrants to hack the dark web TorMail accounts of 300 users allegedly linked to child pornography crimes, but the malware activated before users logged in, suggesting that it infected any computer that visited the login page.

“We should be concerned. This is more invasive than even wiretapping, and it’s inconsistent with the basic American value that the government shouldn’t be looking into your affairs unless it has some evidence you’ve done something wrong,” Rottman said.

What you can do

For those who want to protect themselves and their files from this form of recently legalized hacking, the usual cyber security principles apply, Wisniewski said. Use strong encryption for email and files. Always download updates to your operating system, browsers and apps. Use a password manager or strong passwords, and keep a good antivirus program updated. These measures lower the risk that your system has a vulnerability that misfired criminal-targeting malware could exploit.

“The scary thing is that the malware law enforcement will be using is potentially more powerful because the government has an incentive to hoard the most valuable zero days [unknown vulnerabilities in users’ software to attack],” Rottman said.

Because the new Rule 41 came into effect with no opposition to the proposal made by the Supreme Court earlier this year, it’s possible that Congress can reform or even remove the rule change in the future. “There need to be strong guidelines to keep this new power in check, lest it result in increased privacy intrusions,” said Cardozo.

The CDT has suggested reforms such as limiting the type of information that can be gathered and requiring more detail before warrants are granted.

While civil liberties groups including the EFF and CDT have been vocal about the dangers of the change, members of the public can also make their voices heard through online petitions or directly contacting their local representatives. “Average users can absolutely still engage," Rottman said. "We haven’t had a national conversation on how to control government hacking to protect privacy and civil liberties.”

[Computer hacking concept via BigStockPhoto]


Topics

Computer Safety & Support, News, Computers and Software, Blog


Discussion loading

gravatar

From VERNON BALMER JR. on December 06, 2016 :: 8:09 pm


I hope they do it in time.

Reply

gravatar

From Matthew Gismondi on August 15, 2019 :: 2:41 am


If anyone from these organizations mentioned who are actively opposed to this kind of thing needs a victim with a really horrible story and a completely destroyed life due to this very thing, please contact me before I am completely incapacitated by cover ups and what equates to a total deprivation of human rights. I have been crying for help for years, and I even took a hacked phone to the FBI office not realizing it was my own government doing it. Not certain, but they turned me away and would not even let me in the gate even though I had the phone in hand to give them. This was after the public library gave me captchas in cyrillic that were impossible to complete on an American keyboard all because I was trying to create a new email anonymously to avoid message throttling that has prevented me from working or even socializing. I have had physical mail returned undeliverable and with the seal broken even though I verified the address, and a box of cinnamon I ordered from Amazon arrived slashed open and a complete mess with no apology or restitution when they found no drugs in it. Basically, my life has been a complete joke and false reality wide open to anyone who wants to know everything I do, and it is all justified under this umbrella. Thanks to everyone who ignores these things claiming they have nothing to hide. I cannot even go to the bathroom without feeling like someone will be listening anymore, and that is something anyone should want to hide. Sadly, it will be that ridiculous if this keeps happening. It is not ok for anyone except God to be that invasive without shame, and at least He makes sure to be invited. What I dont understand is why don’t they just ask first to see what’s going on because most people would gladly explain or work with them. I tried that many times and was always ignored.

Paintingwitheverything is my Weebly site where I have been trying to talk about it, but so much is crazy and it is extremely difficult to say anything without going into a rage at the injustice.

Reply

gravatar

From Matthew Gismondi on April 03, 2021 :: 1:14 pm


Two years later and I never got help. Police reports filed with apologies from them for not being able to do more, had dishes thrown at my car with messages I didn’t understand but that were clearly aimed at me, friends all turned their back on me, lost everything I had in a fire, and am now homeless living in a tent being accused of being a child molester which I am not and am not registered as one. I have learned that this is called “being burned” because of knowing too much and not accepting that you have to sacrifice yourself for the greater good. That is what I was told. I also received an explanation that there was some nondisclosed cancer treatment that was done with me as a test subject without me knowing and that it was successful 99% of the time. I got the impression it was actually intended to be a favor to make up for all of the bad things that happened, but it has turned into one more thing that makes me just wander around now in a state of shock wondering what the hell happened for me to end up like this. And because of the child molester thing I haven’t even been able to get drugs to cope with things because I guess the undercover agents in the homeless camp think based on my smear campaign file someone handed them that I will end up getting high and eating small children. Life is great!

Reply

Home | About | Meet the Team | Contact Us
Media Kit | Newsletter Sponsorships | Licensing & Permissions
Accessibility Statement
Terms of Use | Privacy & Cookie Policy

Techlicious participates in affiliate programs, including the Amazon Services LLC Associates Program, which provide a small commission from some, but not all, of the "click-thru to buy" links contained in our articles. These click-thru links are determined after the article has been written, based on price and product availability — the commissions do not impact our choice of recommended product, nor the price you pay. When you use these links, you help support our ongoing editorial mission to provide you with the best product recommendations.

© Techlicious LLC.