Advertisment

Last April, the FBI refused to comply with a federal judge when he requested information about the Bureau’s Tor exploit. The FBI used a piece of malware called a Network Investigative Technique or NIT against a massive darknet child pornography website. The malware exposed site viewers to the FBI who subsequently arrested several hundred suspects.. However, the FBI’s struggle to keep the NIT under wraps just lost a conviction; Jay Michaud, one of the suspects in the PlayPen case, won the battle for a full dismissal of charges.

The US government made the decision to dismiss the indictment against Jay Michaud without prejudice. US Attorney Annette Hayes explained that a “dismissal without prejudice leaves open the possibility that the government could bring new charges should there come a time within the statute of limitations when and the government be in a position to provide the requested discovery.” Many defendants fought the case with only the FBI’s illegal NIT deployment as a foundation…

Towards the end of the investigation into members of numerous child pornography (CP) darknet websites, the FBI obtained warrant. The warrant allowed them to deploy the NIT on a non-disclosed number of suspects. The FBI aimed only at those who viewed CP, the FBI claimed. And then we learned that the warrant came from a magistrate Judge in Virginia; she lacked the jurisdiction to sign warrants for cases outside the local district. Yet, law enforcement started arresting suspects across the country. We then learned—in no particular order, that the FBI targeted unrelated Tor users, hundreds of Tormail visitors, then thousands of users.

After court documents from a case against several suspects made their rounds, we learned that the FBI hacked 8,ooo Tor users. Not US exclusive either. Although many successful anti-child-abuse operations spawned from the FBI’s work, only few believed the hacks were warranted. “The fact that a single magistrate judge could authorize the FBI to hack 8000 people in 120 countries is truly terrifying,” the ACLU’s Christopher Soghoian said.

Federal Judges continually ruled against the FBI. Judge Young compared the FBI’s refusal to disclose evidence to a warrantless search without probable cause. Judge Robert Pratt suppressed any NIT-obtained evidence and also compared the exploit to a warrantless search. U.S. District Judge Leon Jordan said the FBI violated the Constitution. The list of judges who ruled against the FBI is long. And now, the US government set a precedent for evidence gathered in this fashion.

Judge Robert J. Bryan oversaw the majority of the United States v. Michaud case. Like many others, he too ruled against the FBI.

Last year, he granted the motion filed by the defense that aimed to suppress any NIT evidence. He said that “for the reasons stated orally on the record, evidence of the NIT, the search warrant issued based on the NIT, and the fruits of that warrant should be excluded and should not be offered in evidence at trial.” He also compared the NIT and subsequent evidence to a warrantless search.

US Attorney Annette Hayes explained the difficult position the government found itself in. “The government must now choose between disclosure of classified information and dismissal of its indictment. Disclosure is not currently an option,” she wrote.

Regarding what the public already knows about the NIT, threatpost wrote:

While details around the NIT haven’t been disclosed, it’s believed the exploit–essentially malware – bypassed Tor’s anonymity protections and siphoned up technical data on victims, including their IP address, MAC address, and other system information, and forwarded it along to law enforcement.

The FBI classified portions of the tool, exploits used in connection with it, and “operation aspects” of the NIT in June 2016, making it highly unlikely information about exploit will become public anytime soon.”

The Michaud case sets an interesting precedent for the future.

Get the latest Bitcoin News on The Bitcoin News
Our Social Networks:
Facebook Instagram Pinterest Reddit Telegram Twitter Youtube