
Give Congress Time to Debate New Government Hacking Rule - SparkyMcUnicorn
https://www.eff.org/deeplinks/2016/11/give-congress-time-debate-new-government-hacking-rule
======
ramblenode
The rule actually makes sense in a vacuum; tying warrants to geographical
jurisdictions is a relic of a pre-internet age. The real problem is more
fundamental: judge shopping. If the rule change goes ahead as planned,
authorities will have an inexhaustible menu of magistrates spanning the whole
country to whom they can appeal for a warrant. There needs to be 1) some
randomization process for assigning warrant requests to judges, and 2) a way
of factoring in any past denials for a warrant in future re-requests.

~~~
3pt14159
Mostly true.

The other issue with this is that with a traditional warrant you _know_ that
they are gaining access. You might not be happy with it, they may have even
busted down the door on the way in, but whatever damage was done was done
once.

With this they break in (potentially damaging your systems), they take your
data (potentially in ways that could leak it to other parties), store it
(potentially insecurely), and even though your operations are compromised you
have no idea.

Who is on the hook when the FBI leaks your SSH keys after they used a 0day to
break into your machine and vacuum up everything on the HD? What if those keys
are used to issue a software update that crashes every one of your businesses
self driving cars all at once?

~~~
tzs
Aren't those issues already present under the current rule, when a magistrate
judge in the district in which the target computer resides issues a warrant to
remotely break in to that computer?

This rule is just dealing with who can issue a warrant, not with what can be
done once a warrant is issued.

------
tzs
A much more useful take on this rule change than the EFF's comes from the
Center for Democracy and Technology: [https://cdt.org/insight/issue-brief-
proposed-changes-to-rule...](https://cdt.org/insight/issue-brief-proposed-
changes-to-rule-41/)

Unlike most groups that have written against this rule change, CDT actually
proposes modifications to address their concerns that would still let the rule
address the problem that it is trying to solve, which is a very real problem.

------
lightbyte
>"Neither the Senate nor the House held a hearing or a markup on the relevant
committees to evaluate these changes," Coons said.

>Wyden countered the defense of the rule change we often hear from law
enforcement officials that letting investigators hack into computers around
the world is only small, procedural tweak.

Both these statements give me very little faith in what our government will do
over the next 4-8 years.

~~~
marricks
Wyden is usually so good on security, depressing to see him defend this rule,
is there more to what he said?

~~~
kej
People supporting the rule change are calling it a minor tweak, and Wyden is
saying it's "an enormous policy shift." Wyden is still on your side on this
one.

~~~
marricks
Ah good! Happy I misunderstood.

------
BadApple1981
More of the status quo. Just codified.

