back to article US govt quietly tweaks rules to let cops, Feds hack computers anywhere, anytime

On Thursday, the US Supreme Court approved a change to Rule 41 of the Federal Rules of Criminal Procedure. It sounds innocuous, but the effects will be felt around the world. Under today's rules, US cops and FBI agents need to know where a computer is before they can get a warrant to directly hack the machine – because they …

Silver badge

That open season thing doesn't only work one way. That's your problem right there.

8
0
Silver badge

Doubly so if it crosses borders

The way this is formulated, it also sets in stone extraterritoriality of the warrant and gives a lowly magistrate court the authority to grant an order for the cops to hack computers located outside the USA territory with no consideration for any bilateral treaties on the subject. So much for Privacy Shield I guess.

35
0
Anonymous Coward

Re: Doubly so if it crosses borders

So much for Privacy Shield I guess

That was exactly my thought too, but I'm actually glad that process is now pretty much spiked (at least, I hope so, depends on how much bribing lobbying happens in Brussels, although especially the French in the Art 29 Working group seem to be keen to spite the Americans :).

5
0
Silver badge

Re: Doubly so if it crosses borders

Well Privacy Shield was pretty well fucked anyway. But if the US announces open season on the rest of the world, exactly how do they think the rest of the world is going to take that?

2
0
Silver badge

I can't wait until the first instance of them trying to hack some absolute gun Eastern European hacker's machine and end up with no end of shit installed back on their own hardware.

0
0
Gold badge

Is it open season? US law allows lots of things that aren't allowed in foreign parts, but that's not open season because even US courts understand that US law on (say) sex doesn't apply in Iran. All this law appears to say is that if a foreign computer is hacked by a US detective who has a warrant issued in a US court then that detective has not broken US law and can't be prosecuted in a US court.

It is true that a US court is unlikely to grant an extraditing order on someone who didn't break US law and never left the US. But that's probably true in most countries and we don't accuse them of trying to impose their laws on us. We simply put more effort into our own cyber-security.

0
0
Silver badge
Mushroom

Re: Doubly so if it crosses borders

"exactly how do they think the rest of the world is going to take that?"

Declare the USA a rogue nation and invade them? (they have oil too, so a double-plus-good reason)

0
0
Silver badge

Re: Doubly so if it crosses borders

Double-plus-UNgood to invade a nuclear power. Thus why everyone tiptoes around Russia and China.

0
0

FTFY

"It carries with it the specter of government hacking without any Congressional debate or democratic policymaking process," said Richard Salgado, Google's legal director of law enforcement and information security. "We should be the only ones allowed to track people without their knowledge or consent."

13
3
Anonymous Coward

Godwin

The problem with Godwin's law, is that it's invoked to downplay comparisons to Nazism, even when they're justified.

For example, everything America does these days.

26
0
Anonymous Coward

Don't like the new rules?

Ergo: you are a crim (apparently)

12
0
Anonymous Coward

Re: Don't like the new rules?

Fitting (-up) the Crime to make the Punishment.

6
0
Anonymous Coward

Re: Don't like the new rules?

... and if you claim the 5th then you're obviously a Paedo and should be jailed until such time as we can prove it.

BBC: Man jailed for failing to decrypt hard drives

http://www.bbc.co.uk/news/technology-36159146

10
0
Silver badge

Here we go again

The merkans inflicting their ideas on the world.

What happens when the FBI (or another of the merkan TLAs) break into a computer in another country and get caught? Can they be prosecuted under the "victims" country's laws on computer misuse? I am sure that their merkan warrant won't have much standing outside of the USA.

22
0
Anonymous Coward

Re: Here we go again

They can. They should (because they should have asked for this to be done under a local warrant under an applicable mutual assistance treaty).

At which point you will see exactly how one-sided are extradition treaties with the USA and why they go only one way.

17
0
Silver badge
Facepalm

Re: Here we go again

Actually, just a short time ago we (the US) indicted several Chinese citizens working for/with the PRC government for violating US laws against computer misuse, 'hacking.' So given that example any TLA agent or someone working with/for such an agency must be fair game as well.

Perhaps this Administration, especially the FBI and DoJ really, really need to give this all a hard (re)think.

6
0
Silver badge

Re: Here we go again

Can a magistrate in the victim's country issue a warrant authorising hacking into the computers that the FBI criminals are using for the attack?

2
0
Anonymous Coward

Re: Here we go again

Can a magistrate in the victim's country issue a warrant authorising hacking into the computers that the FBI criminals are using for the attack?

Not unless counterattacks are written into law, otherwise he/she would be ordering someone to commit a crime which is a crime in itself and you'd end up with a case of legal recursion :).

However, some countries consider active retaliation a legally acceptable form of defence, but leave the responsibility with you to first check if you're retaliating against the correct target and accept the consequences. If I recall correctly, Switzerland is one of those countries.

1
0
Silver badge
Thumb Down

Re: Here we go again

@Oengus

Can they be prosecuted under the "victims" country's laws on computer misuse?

Given the American tendency to not submit to the jurisdiction of courts outside the US, I suspect that the correct answer to your question may be "Don;t hold your breath!"

A case may well be brought - but it would be tried in absentia.

5
0

Re: Here we go again

What did happen to Gary McKinnon anyway?

1
0
Silver badge
Holmes

@Jack of Shadows -- Re: Here we go again

Perhaps this Administration, especially the FBI and DoJ really, really need to give this all a hard (re)think.

Clearly you're not from around here, are you? If you were, you'd know that thinking has been outlawed. Don't think so? Just ask any Republican, from the lowliest Bubba to the top Presidential contenders, and the patrons that are funding them.

0
0
Silver badge

Re: Here we go again

What happens when the FBI (or another of the merkan TLAs) break into a computer in another country and get caught?

Like hacking into a Russian or Chinese Government machine and getting caught?

0
0

Re: Here we go again

"What did happen to Gary McKinnon anyway?"

From the WickedPea: "On 16 October 2012, Home Secretary Theresa May announced to the House of Commons that the extradition had been blocked, saying that "Mr McKinnon's extradition would give rise to such a high risk of him ending his life that a decision to extradite would be incompatible with Mr McKinnon's human rights." She stated that the Director of Public Prosecutions would determine whether McKinnon should face trial before a British court.[21] On 14 December, the DPP, Keir Starmer, announced that McKinnon would not be prosecuted in the United Kingdom, because of the difficulties involved in bringing a case against him when the evidence was in the United States."

0
0
Silver badge

While I can see, from the example, that this can be a somewhat difficult situation, boiling it down to the essentials, we see the same as always: law enforcement agencies that complain that following due process is too cumbersome and so want a free-for-all instead.

Taking the example, I can see how current process is problematic for that specific situation. It's a bit of a catch-22: you need a warrant from the relevant jurisdiction for the PC you wish to hack, but you don't know which jurisdiction that is until you hack it.

So, if I have understood that correctly (corrections appreciated), then I realise that this is indeed a problem worth discussing and at least attempting to address.

Let's get this out of the way: child sexual abuse is bad. Just plain bad.

So I understand the imperative to do something and I can more-or-less understand the view that all other considerations should be secondary to stopping it. Which is not to say that I support that view, as due-process is there, in part, to prevent emotion and personal judgement from impacting the course of justice, the presumption of innocence and the liberties of the people.

Due process is most important precisely when the situation is emotionally-charged or there is a particularly strong implication of guilt. If you say that due process shouldn't apply when the alleged crime is particularly heinous then who decides which situations qualify and how much evidence is needed to determine which people have their rights removed?

The FBI saying that this is just a 'procedural' thing is massively disingenuous because there is a HUGE change to. Under current rules, the requirement for a warrant to be issued in the appropriate jurisdiction includes the implicit requirement that the department requesting the warrant must be able to actually properly identify the device they are applying for access to.

This change is the removal of that requirement and that is anything but a 'procedural' issue.

16
0
Silver badge
Facepalm

> then who decides which situations qualify

Compensating controls, such as senior/circuit judges, rather than district ones? Preferably ones with a grasp of technology and a track record of butting heads with the FBI? They could give the set of qualified judges a catchy name, like "G[ood]-FISA"?

[*THUD* of landing back on Earth] Nurse, is it time to take my meds?

P.S. No disrespect to judges in general. I'm sure most of them are smart and have integrity.

P.P.S. I'm not saying I agree with this rule change, or assuming they haven't already thought about compensating controls, all I know is what was in the Reg article. The Proposed Amendment detail in the PDF isn't very clear to me!

4
0
Anonymous Coward

And our response is?

This change seems to authorise US law enforcement to hack any PC anywhere in the world - potentially a hostile act of a foreign power, from our perspective.

So, if it goes through, shouldn't the governments of the free world advise the US that we won't be too happy about it?

Or do they already accept that US jurisdiction applies throughout the world?

11
0
Anonymous Coward

Re: And our response is?

No, the US would just call up their "Dirty Laundry" files and point out all the times YOU spied on THEM. That's the thing about spying: it's frequently tit-for-tat and nobody's hands are as clean as you think.

7
0
Anonymous Coward

@AC - Re: And our response is?

I get your point - at least as far as spying is concerned, but this is not just about what the spooks get up to. This is about allowing the police to do the same.

At least the intelligence agencies generally know how far they ought to go. Can you say the same about the average copper?

3
1
Silver badge

Re: @AC - And our response is?

No, I DON'T think the intelligence agencies know their limits. Remember Snowden? Anyway, the intel agencies frequently collaborate with the police since it's the latter that has to the actual arresting. Therefore I consider them to be one unit.

2
0
Silver badge
Thumb Down

Re: And our response is?

Or do they already accept that US jurisdiction applies throughout the world?

The French might kick up a fuss. But Blighty won't - the UK Government is sufficiently subservient to the US that they will accept this just as they accept everything else.

5
0
Silver badge

Re: @AC - And our response is? @Charles 9

No, I DON'T think the intelligence agencies know their limits. …. Charles 9

Actually, they certainly sure do, Charles 9 …… there are no limits. The shame on them is that their intelligence and systems fail them so badly ….. and that makes them vulnerable to being bypassed and extraordinarily rendered irrelevant and impotent, and easily led by useless fools who be useful tools and/or vice versa that.

All of that though may have been what you were saying in your post.

0
0

Calm down

It's not a free for all, it's only for catching those horrible perverts. You don't support those horrible paedos, do you?

Don't think our mate Dave, or Mother Theresa is going to be doing anything other than salivating over the prospect of unfettered access. Perverts.

Carry on, citizen.

9
1
Silver badge

One Possible Solution

All Senator Ron Wyden has to point out is that with this simple change, law enforcement officials could easily be hacking into THEIR computers and perhaps dig up some dirty secrets. Congresspeople have gone to jail in the past, so they're not safe in this case. The point is that this would a potential Executive crimp on the Legislature. Even Republicans would be able to recognize this threat for what it is and this should be enough to set up a quick debate and bill to prevent this. If they get enough bipartisan support, they could even get that rarity of rarities: a veto-proof majority.

3
0
Silver badge

Re: One Possible Solution

"All Senator Ron Wyden has to point out is that with this simple change, law enforcement officials could easily be hacking into THEIR computers and perhaps dig up some dirty secrets."

Is that really the case? AIUI it obviates the need to know where the target is located when applying for a warrant. If that's the only change then providing that they know where the target is located then they could apply for the warrant they could hack into it under the existing rules.

0
0
Silver badge

Re: One Possible Solution

But if the target is an agent or other go-between for someone IN Congress, and this form of extraterritorial power becomes de jure, then as the saying goes, it's open season. It's can easily be seen as basically an attack on foreign sovereignty, and so soon after the scandal that is the Panama Papers, sovereignty as a shield is going to face a double whammy.

0
0
Anonymous Coward

No agent of the state ever planted evidence...

...after illegal searches.

So you are safe citizen.

Carry on, or you will be dealt with.

Oohhh say can you seeeee..

7
0
Silver badge

Wake Up, Smell the Coffee, Java and Cocoa. You're Walking and Talking in AIDream Virtual Machine?*

In God and GOD** we trust you realise there is a right battle royal raging amongst elitists for dominant power and oppressive command and impressive control with Brave New Orderly World Order Programs for revised SCADA Systems Administrations of Plans and Projects for a New American Century, which is just like the old PNAC but approaching from a different angle, exercising vectors in other sectors.

* Although Hellish Prisoner Environment is Default Failed Austere Live Operational Virtual Environment and current Mainstream Media Hosted World View.

** Global Operating Devices

Please note there are no questions posed there for the cover and protection of doubt and disbelief. Things are as they are and to imagine them different is delusional and delivers one catastrophically vulnerable to zeroday exploitation and APT ACTivIT.

5
0
Silver badge

what's changing?

This may result in a change to what happens in courts, but probably not what happens on the net. IP addresses aren't guaranteed to lead to a person. Many people use VPNs in different countries from where they are located. Without knowing the specific person, there simply is no knowing where they are. This leads me to think that these FBI law scoffers enforcers have been happily hacking into people's computers all over the world already.

2
0
Silver badge

Re: what's changing?

But the plods are aware of VPNs and would find ways to trace through them, wouldn't they?

0
0

....

"Why, oh why, didn't I take the blue pill?"

4
0

US slowly being turned into a dictatorship for spooks who want all the data and big business who are happy to supply it if they can make obscene profits!

4
0
Silver badge
Mushroom

Which is why step 1* is getting your vital computing off the 'net. ASAP. As the article pointed out, the FBI/etc. are going to go into already compromised machines. I'd actually pay money to watch that feed. Already they have a real problem getting even lesser talents, something the criminals seem to have an abundance of in addition to the first raters out there. Let the 'Net Ninja Games commence!

* - Some body is going to do something incredibly stupid, perhaps a whole lot of people, supposedly aware of the consequences of cyber-insertions and counter-cyber-insertions, and the shit will hit the nuclear-powered fans all over the internet. If I wasn't convinced before, I'm am absolutely convinced that the criminally insane are in charge of the planetary asylum.

Idiots!

2
0
Gold badge
Unhappy

It's called "Extra terratoriality"

And only the US of A seems to be delusional enough to have it and to enforce it.

6
0
Silver badge
Big Brother

Re: It's called "Extra terratoriality"

Maybe not if the Draft Investigatory Powers Bill aka the Snoopers' Charter gets through Parliament.

AFAIK this also has an extra-territoriality aspect to it.

So once again where the US goes the UK follows like the abject poodle it really is.

2
0
Silver badge

@nematoad -- Re: It's called "Extra terratoriality"

I'm not sure who's leading who at the moment in this race to the bottom.

0
0

SOP - one of the snooping tricks is ruled illegal, so the law is changed to make it legal again.

Never mind that there were good reasons it was illegal in the first place...

4
0
Gold badge

Nah, it's just a scheduling mistake..

They got the timing wrong, John Wayne day was planned for the 26th of May (but may be cancelled as he apparently made racist comments).

Honestly, WTF are these people thinking? Writing something like that into law is, well, "delusional" is probably the most polite word for it.

3
0
Silver badge

December 1st date is key

The article is correct that not much will get done during an election year, but the election is in early November, after which congress and the administration goes to work for a so-called lame duck session until the newly elected take office in January. That's one of the best times to actually get things done, because congressmen who are retiring or were voted out are no longer beholden to their corporate masters, and the ones who will be coming back are less concerned about public opinion because the next election is further off than the memory of most voters.

I don't know whether they will overturn this, but the election year will not be a barrier preventing it.

2
0
Silver badge
WTF?

Hang on a mo

The FBI has already stated that they can't locate internet stalkers - yet now they CAN locate people who aren't stalkers via the internet?

Does not compute.

0
0
Bronze badge

If George Orwell had written a sequel, we would be at the 3rd or 4th book by now.

"Why, oh why, didn't I take the blue pill?"

I took both and am now so confused I don't know if I am coming or going, or going or coming.

Don't forget the people (if you can call them that) who propose and vote for these laws are the same ones who accused Julian Assange, and Australian citizen, of being an American traitor. If they fail to get that small distinction correct then how the hell are they going to get ones with bigger words right.

The words from the guy who drafted the Patriot Act was that he never envisaged it to be used in the way it has. The TLAs can NEVER be trusted as they will twist anything and everything to support their view. "So, you invoke your legal right to remain silent. You MUST have something to hide"

Good luck to the TLAs hacking my TAILS key while it sits in my pocket. All these wankers are doing is encouraging those much clevererer than me to write better and better encryption apps to stop the spying bastards.

POWER TO THE PEOPLE!

0
0

Page:

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Forums

Biting the hand that feeds IT © 1998–2017