Keep up with the news by installing RT’s extension for . Never miss a story with this clean and simple app that delivers the latest headlines to you.

 

​DOJ seeks to lift limits on hacking into suspects' computers

Published time: May 10, 2014 03:54
AFP Photo / Thomas Samson

AFP Photo / Thomas Samson

The US Justice Department wants authorities to have more leeway to hack into computers - at times with “zero-day exploits” on software vulnerabilities - amid criminal probes. Critics say the plan could violate privacy rights and lead to online insecurity.

The Justice Department (DOJ) is urging a federal committee of judges that referee national policy regarding criminal inquiries to eliminate geographical restrictions attached to search warrants during computer investigations. Currently, the law permits magistrate judges to clear searches only within their judicial districts. The limit, supporters say, has been a check on government overreach pertaining to Fourth Amendment privacy rights.

The new plan would allow law enforcement to “use remote access” to search computers even when “the district where the media or information is located has been concealed through technological means.” A single warrant could be used to search computers located in five or more judicial districts.

“This proposal ensures that courts can be asked to review warrant applications in situations where it is currently unclear what judge has that authority,” Justice Department spokesman Peter Carr told Bloomberg. “The proposal makes explicit that it does not change the traditional rules governing probable cause and notice.”

Supporters say the rule would target child pornographers and other criminals using online anonymity through proxy servers or comprised computers via a botnet to commit wrongdoing.

The law currently allows federal investigators to obtain warrants that allow them to secretly implant malicious software on criminal suspects for as long as 30 days, or longer if an extension is granted by a judge. Law enforcement, though, are limited to attaining warrants in specific judicial districts, of which there are 94 in the United States.

Critics point out that law enforcement’s ability to use malware to hack into computers over the internet could easily compromise broader online security. One tactic is a “zero-day” exploit, or exposing a software flaw even the manufacturer does not know exists, and then leaving the vulnerabilities open, which could lead to malicious attacks if the responsible company is not notified.

The wide scope of the DOJ’s warrant-seeking power embedded in the rule would certainly lead to privacy abuses, also, opponents add.

“We have real concerns about allowing the police too much ability to search with too little oversight,” said Hanni Fakhoury, a lawyer for privacy advocate Electronic Frontier Foundation. The DOJ plan would “dramatically expand the reach of federal prosecutors and investigators.”

Needing a single warrant to attach malware to an innumerable amount of computers possibly spread throughout the country would violate constitutional requirements that court-approved searches are specific and narrow, Fakhoury said.

Fakhoury fears the rule could be used to illegally access data stored online with services like Google's Drive cloud storage.

The proposal will be up to the Judicial Conference Committee on Rules of Practice and Procedure, which will meet at the end of the month. If it takes up the rule, the proposal would be opened for public comment in August for six months, then it would go to Congress for review.

“The proposed amendment would enable investigators to conduct a search and seize electronically stored information by remotely installing software on a large number of affected victim computers pursuant to one warrant issued by a single judge,” committee said in an analysis. “The current rule, in contrast, requires obtaining multiple warrants to do so, in each of the many districts in which an affected computer may be located.”

The law currently allows federal investigators to obtain warrants that allow them to secretly implant malicious software on criminal suspects for as long as 30 days, or longer if an extension is granted by a judge. Law enforcement, though, are limited to attaining warrants in specific judicial districts, of which there are 94 in the United States.

It is known that both the National Security Agency and the FBI exploits software vulnerabilities for its own purposes, the American Civil Liberties Union says. The organization has submitted a Freedom of Information Act request for records regarding the use of zero-day exploits by federal authorizes and intelligence agencies.

The DOJ offered a broader rule change last year that would have allowed remote computer hacking, including remote access to cloud services, during the search of a physical computer. The plan was revised after the ACLU raised concerns about its violations of the Fourth Amendment.

Comments (9)

 

starstuff 05.07.2014 03:39

Troy Stocker 12.05.2014 18:47

DOJ , hack away , my computer has 2 independent firewalls ,the windows one is turned off, I challenged someone from anonymous on facebook , the hacked my F/B account and used that to try to get into my system , one of my 3rd party firewalls detected the probing attack and he was blocked

  


Fi rewall block known packets, what happens when your firewall handles an unknown packet using an unknown protocol? Probably it will pass it trough and your computer is done. The only way filter packets 100% is at the physical layer where you can inspect every signal level

 

Regula 04.07.2014 10:11

Unfortunately, both the police and the FBI long hack into any computer they please - without any court orders or authority from anywhere. The problem with all those hacking techniques including zero days is that they exist and will be used, legal or not, for the often turpid ends of FBI, law enforcement and their buddies who participate in not so kosher actions.

 

Troy Stocker 12.05.2014 18:49

Troy Stocker 12.05.2014 18:47

DOJ , hack away , my computer has 2 independent firewalls ,the windows one is turned off, I challenged someone from anonymous on facebook , the hacked my F/B account and used that to try to get into my system , one of my 3rd party firewalls detected the probing attack and he was blocked

  


View all comments (9)
Add comment

Authorization required for adding comments

Register or

Name

Password

Show password

Register

or Register

Request a new password

Send

or Register

To complete a registration check
your Email:

OK

or Register

A password has been sent to your email address

Edit profile

X

Name

New password

Retype new password

Current password

Save

Cancel

Follow us

Follow us