FBI Hacking Case Judge Doesn’t Understand Computing

A US Judge, during a case regarding the FBI’s use of Network Investigative Technique (NIT) – effectively a form of hacking – was found to have little knowledge or understanding of the concepts being discussed.

During a hearing in Seattle on Friday (15th March), Judge Robert J. Bryan presided over the case of Jay Michaud, a public school administrator in Vancouver, Washington, who was charged with possession of child pornography. Michaud was caught in a sting operation by the FBI, during with the law enforcement agency seized a hidden Tor service called Playpen, hosted it from its own server, and used NIT to bypass the Tor encryption to obtain his real IP address. The use of NIT in the case is being contested.

During the hearing, Judge Bryan appeared confused as to how NIT works: “I am trying to understand,” he told the court. Below is a transcript from the hearing (via Vice Motherboard), during which Judge Bryan fails grasp how NIT is implemented:

Judge Bryan: “Do the FBI experts have any way to look at the NIT information other than going to the server?”

Colin Fieman (Michaud’s public defender): “Your Honor, they don’t go to the server.”

JB: “Where do they go? How do they get the information?”

CF: “They get it from Mr. Michaud’s computer.”

JB: “They don’t have his computer.”

CF: “That’s what the NIT is for.”

Struggling to wrap his head around NIT, Judge Bryan later said, “I suppose there is somebody sitting in a cubicle somewhere with a keyboard doing this stuff. I don’t know that. It may be they seed the clouds, and the clouds rain information. I don’t know.”

While, on the face of it, Judge Bryan’s comments are amusing – though, to be fair, the ideas being conveyed during the case can be impenetrable to people without an inclination toward technology and computing – it is worrying that someone without a grasp of the subject being discussed is then expected to make a ruling on the matter, and that Judge Bryan’s ignorance, though not necessarily his fault, does not automatically recuse him from presiding over the case.

Or, as Vice Motherboard puts it:

““If a smart federal judge still has trouble understanding after hours of expert testimony what is actually going on,” then the average judge signing warrant applications has little hope of truly understanding what the FBI is proposing, Nate Wessler, staff attorney at the American Civil Liberties Union (ACLU), told Motherboard in a phone interview.”

Image courtesy of HackRead.

Innocent Tormail Users May be Victims of FBI Hacking

In 2013, the dark web email service Tormail was seized by the FBI and the contents of their servers taken with them. It was also suspected that the FBI had made use of a network investigative technique (NIT), an FBI term for a hacking tool to compromise some users of the service. A report by the Washington Post on the FBI’s use of NITs confirmed these suspicions but also opened many more questions, such as the scope of the hacking.

Prior to its takedown by the FBI, the Tormail service ran on the dark web, only accessible through the Tor network. Such hidden email services are typically used by those in need to privacy, whether for legitimate reasons, such as journalism, or less than legal activities such as drug dealing, trading on Silk Road and other activities that could draw the attention of the FBI. The agency had supposedly obtained a warrant to hack the accounts of certain people thought to be associated with the distribution of child pornography.Despite this, at the time Freedom Hosting, a web host providing dark web services including Tormail, was seized by the FBI anyone accessing a page hosted by Freedom Hosting was served an error page. This error page was designed to serve malicious code that took advantage of a security flaw in the Firefox browser to transmit the user’s real IP address to a Virginia server.

An ex-user of TorMail told Motherboard that the error page and malicious code “appeared before you even logged in.” This brings into question whether the FBI was acting within its claims of targeting specific users if the real IP address of every single person to access TorMail was reported to them. And while there were certainly criminals making use of the service, many users were not engaging in criminal activity, regardless of their reason for wanting privacy.Christopher Soghoian,

Christopher Soghoian, a technologist for the American Civil Liberties Union, told Motherboard “If the government, in fact, delivered an NIT to every single person who logged into TorMail, then the government went too far.” Not to mention, if the FBI were hacking everyone accessing the service with the only justification being their usage of a privacy service, it could be considered unreasonable and may not respect boundaries for international users. And with NIT orders not being publicly released, even years after the fact, there is no concrete information as to what the judge actually authorized the FBI to do.

Cases like this are worrying to anyone who is concerned about online privacy. With Tor recently suspected to be compromised by the FBI and their director decrying the use of encryption without backdoors, it is unclear where the power of the FBI truly reaches. This lack of public accountability could be a threat to those who desire privacy for innocent reasons and may harm unbiased journalism should the tools it uses put it under threat.