Delivery-Date: Mon, 02 Jun 2014 15:41:22 -0400
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.7 required=5.0 tests=BAYES_00,DKIM_ADSP_CUSTOM_MED,
	DKIM_SIGNED,FREEMAIL_FROM,RCVD_IN_DNSWL_MED,RP_MATCHES_RCVD,T_DKIM_INVALID
	autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by moria.seul.org (Postfix) with ESMTPS id B8E371E094E
	for <archiver@seul.org>; Mon,  2 Jun 2014 15:41:19 -0400 (EDT)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 22A382F50E;
	Mon,  2 Jun 2014 19:41:18 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id A7F5F2F53A
 for <tor-talk@lists.torproject.org>; Mon,  2 Jun 2014 19:31:57 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at eugeni.torproject.org
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id HEpnh3Nqz7gT for <tor-talk@lists.torproject.org>;
 Mon,  2 Jun 2014 19:31:57 +0000 (UTC)
Received: from mail-vc0-x22f.google.com (mail-vc0-x22f.google.com
 [IPv6:2607:f8b0:400c:c03::22f])
 (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id 803CE2F517
 for <tor-talk@lists.torproject.org>; Mon,  2 Jun 2014 19:31:57 +0000 (UTC)
Received: by mail-vc0-f175.google.com with SMTP id id10so5679822vcb.34
 for <tor-talk@lists.torproject.org>; Mon, 02 Jun 2014 12:31:54 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
 h=mime-version:in-reply-to:references:date:message-id:subject:from:to
 :cc:content-type;
 bh=dSCZ4ws8QbA5G4Bs5mx0MBjVA+/FpnUVBmrTlhdTgIA=;
 b=zf4wDKy2iMjXbOpIg/PU7gbj3vkurt8vcc9u1IzUvY71j2/bk3mShl1QlH316jp/Mo
 KAyQCv8Ww9Cj+2FXbuYG7Cmcj9Gy6XWxlO1OlTtLJTMN08/zjgYKVeim7kxXaeYw7T78
 WE25zawus3lp93Dj/Z2a4nmY5LKOyRjPxpli7oJEmoLkO5L8ewKe4p00JpA6IaKktzjF
 aIQ3v+K6K8dhvVBW2wyjmcZADDqUUEXd7khaSk/cSgiC0etGBUtKN2hzK5RcjGZSLuOM
 KMC3pAvKDblFpT5xBqlNvSvaSBs734BPVXD8dScmomu4iYKtiP5OPrwJPjN+Zxf7M1c5
 V9cQ==
MIME-Version: 1.0
X-Received: by 10.220.119.18 with SMTP id x18mr2462953vcq.68.1401737514696;
 Mon, 02 Jun 2014 12:31:54 -0700 (PDT)
Received: by 10.221.65.198 with HTTP; Mon, 2 Jun 2014 12:31:54 -0700 (PDT)
In-Reply-To: <538C648A.8050100@iang.org>
References: <r422Ps-1075i-06EAF10909D147C49DD0C530ECE0356B@Williams-MacBook-Pro.local>
 <538C648A.8050100@iang.org>
Date: Mon, 2 Jun 2014 15:31:54 -0400
Message-ID: <CAD2Ti2_WR1yST_Okvto-GgHd+pend7ALN0+7L=6ExRwq7rdyTQ@mail.gmail.com>
From: grarpamp <grarpamp@gmail.com>
To: tor-talk@lists.torproject.org
Cc: p2p-hackers@lists.zooko.com
Subject: Re: [tor-talk] [Cryptography] DOJ Wants to Expand Authority to
 Break Into Suspects' Computers
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

On Mon, Jun 2, 2014 at 7:48 AM, ianG <iang@iang.org> wrote:
> On 31/05/2014 22:28 pm, Bill Frantz wrote:
>> From SANS NewsBites Vol. 16 Num. 038
>>
>> (May 9, 2014)
>> The US Justice Department (DOJ) has issued a request to the US Judicial
>> Conference standing committee to expand its authority to gain remote
>> access to computers during investigations. DOJ maintains it needs the
>> authority to access computers outside the jurisdiction of an
>> investigation because criminal schemes are increasingly crossing
>> jurisdictions.
>
>
> Please help!  The way I read this, it means a warrant would allow them
> to hack across borders.  So, tit-for-tat:  when the PLA decides to hack
> DoJ's computers, or Target's computers, or IBM's computers, or Lockheed
> Martin's computers, it can simply get a warrant from the People's Court
> #1 of Beijing and cite that to the DoJ.
>
> This seems to give them an asymmetric result far out of Doj's favour,
> why would they pursue this?
>
> Anyone?  What do I not get here?
>
>
>> The proposal has raised concerns among civil rights
>> groups, which say that allowing this activity could pose a threat to
>> Internet security and Fourth Amendment protections. The remote access
>> would be achieved through vulnerabilities known to DOJ but kept secret
>> from the public, thus posing a security threat.
>
>
> Secret vulnerabilities?  NSA whispers, or their own zero-day collection?
>  Oh my?!
>
> The way I read this, they have now de facto authorised every other
> justice department to start collecting zero-days and use them against
> USA corporations.  So next we see the gang of 5 PLA generals in Chinese
> court to collect their warrant.
>
> I can see an advantage here that this might defer the tit-for-tat arrest
> in 5 NSA generals in their next vacation to visit the great sights of
> China ... but other than that, it again seems again like a net loss to DoJ.
>
>
>
>> The US court system
>> currently allows magistrate judges to issue search warrants for property
>> outside their districts only in limited cases. The DOJ request will be
>> considered at the meeting of the US courts' Committee on Rules of
>> Practice and Procedure later this month.
>> http://www.darkreading.com/government/fbi-seeks-license-to-hack-bot-infected-pcs/d/d-id/1252655?
>>
>> http://www.bloomberg.com/news/2014-05-09/federal-agents-seek-to-loosen-rules-on-hacking-computers.html
>>
>> http://www.computerworld.com/s/article/9248242/DOJ_seeks_new_authority_to_hack_and_search_remote_computers?taxonomyId=17
>>
>> http://www.uscourts.gov/uscourts/RulesAndPolicies/rules/Agenda%20Books/Standing/ST2014-05.pdf#page499
>>
>> [Editor's Note (Pescatore): The remote access part is worrisome, opens
>> up huge potential for cyber-damage to innocent bystanders in many ways.
>> It is pretty straightforward to turn off a wiretap or remove a tracking
>> device from a suspect's vehicle. I don't think it removing a remote
>> access Trojan is quite as simple, let alone giving law enforcement the
>> authority to keep vulnerabilities secret from the public.  I don't want
>> to be too hyberbolic, but to me this has the potential for backfire as
>> the "Fast and Furious" ATF project to smuggle guns *into* Mexico to see
>> who buys them. ]
>>
>>
>> I would add to John Pescatore's comment: I can see the TLAs delivering a
>> NSL to developers of major software requiring them to install backdoors
>> and keep quiet about it. Do Apple and Microsoft have a canary? How about
>> Firefox, Opera, Crome etc?
>
>
> And, when the execs of those countries are fronted before court in
> another country, what is the defence?
>
> Is the next thing we are going to see arrests of employees (American and
> Chinese) in China for hacking.

>> http://www.uscourts.gov/uscourts/RulesAndPolicies/rules/Agenda%20Books/Standing/ST2014-05.pdf#page499
>> http://www.law.cornell.edu/uscode/text/18/1030


https://www.aclu.org/blog/national-security/doj-proposal-law-enforcement-hacking-would-undermine-longstanding-check

They're asserting right to:

a) remotely hack computers whose location "is not known because of
the use of technology such as anonymizing software", and to search,
seize and copy information therein.

This new assumption of default jurisdiction should be of major interest
to list members and users worldwide.

b) do the same to you if you've been hacked, regardless of whichever
known US district you're in.

This is a bit different because the criminal is effectively sharing
your house, whether or not you are aware of it (and if aware, whether
or not you choose to report their crime upon you and/or others.
[Presumably for LE to know to hack you they already know of the
criminals crime upon whoever.]). Since they know the location they
should go knock and get the systems as usual, no need for remote
access and non-traditional notice giving.

Forget the talk of zero-days affecting internet security, the jurisdiction
and cross-border issues are what's really at stake here.


c) "The amendment does not address constitutional questions"

Related to source code reviews before commit...
specific case law is nice, but the idea that laws can pass and affect
people before even general review is a flaw that happens all too often.
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

