
If you use Tor, the FBI just labelled you a criminal - JumpCrisscross
http://www.thelastamericanvagabond.com/constitutional-rights/fbi-labled-tor-browser-users-criminals/
======
maxerickson
Recent discussion of the rule change:

[https://news.ycombinator.com/item?id=11594597](https://news.ycombinator.com/item?id=11594597)

------
tomku
I would encourage anyone interested to actually read the proposed rule change.

"(b) Venue for a Warrant Application. At the request of a federal law
enforcement officer or an attorney for the government:

(6) a magistrate judge with authority in any district where activities related
to a crime may have occurred has authority to issue a warrant to use remote
access to search electronic storage media and to seize or copy electronically
stored information located within or outside that district if:

(A) the district where the media or information is located has been concealed
through technological means; or (B) in an investigation of a violation of 18
U.S.C. § 1030(a)(5), the media are protected computers that have been damaged
without authorization and are located in five or more districts."

This is not "labeling you a criminal" or authorizing anyone to get a warrant
to search your computer (remotely or otherwise) simply because you have a copy
of the Tor Browser Bundle installed. The claims in the linked blog post are
flat-out wrong.

What it's actually saying is that during the investigation of a crime, if
either of those two criteria are met, the government can apply for a warrant
in "any district where activities related to [the] crime may have occurred".
That's it.

If you think about this for a second, it makes sense. It's not possible to
file a search warrant in a jurisdiction that you can't determine until after
the warrant is executed. This rule change allows the government to apply for
that warrant in a known jurisdiction, that of one of the victims. It does not
make anything illegal that was not already illegal. It does not "label" anyone
anything. It's a simple recognition of the fact that you can't ask for a
search warrant when you don't know physically where you'll be searching.

Now, whether the whole "remote search" thing is a good idea is a different
question. I happen to think it's not. However, those remote searches are
already a reality and spreading FUD about this fairly innocuous rule change
won't change that.

Edit: My quote was FUBAR, sorry.

~~~
mrsteveman1
> It's a simple recognition of the fact that you can't ask for a search
> warrant when you don't know physically where you'll be searching.

Isn't that in conflict with the 4th Amendment requirement that warrants must
be written "particularly describing the place to be searched"?

How do you describe the place if you don't know where it is?

------
bunkydoo
Yeah I kinda figured from the URL that this was a less-than-reputable source.
But a lot of the other comments bring up a good point, I don't think this is
"labeling someone as a criminal by any means" but it is giving them a new type
of leverage to identify what "probable cause" means in a digital crime case.

It's very similar to having marijuana in the car - the police need 2 signs to
get a warrant (usually red eyes and odor) in this case you'd have to give them
2 signs you were conducting some sort of illegal activity using something like
TOR and they'd have a warrant. But what they would be able to do with that
warrant is largely subject to each individual case - encryption making it
increasingly difficult for them to do their job in some.

------
Karunamon
Awful, clickbait headline. Here is the relevant analysis of the rule change:

" _The amendment would allow them (FBI) to issue warrants to hack into and
seize information on a computer if its location has been “concealed through
technical means._ "

In other words, if you're using Tor or similar, a judge _out of jurisdiction_
(the critical change - since the jurisdiction of a Tor user is necessarily
unknown) can now sign a warrant to have your data/stuff seized.

Problematic, but kind of a far cry from pre-declaring criminality.

~~~
tootie
Honestly, it sounds pretty reasonable. Presuming that the normal standard for
probably cause is required, then all this is saying is you don't have to prove
where the traffic originated from.

EDIT: I read through and that definitely is the case. Probably cause is still
required to issue the warrant.

~~~
downgoesthe4th
The civil liberties activists are taking a weird stance on this. The FBI
already has the legal authority to do what the rule change allows, it's just
that it requires a district judge (appointed by the President for life after
Senate confirmation) to sign the warrant. The important thing isn't what the
rule change allows but who is authorized to allow it. Magistrate judges are
administrative functionaries and handle routine court tasks & cases and are
not approved by the Senate. The rule change is about judge shopping. It
greatly expands the number of potential marks for the FBI to lie to and
mislead through technical mumbo-jumbo and obfuscation on their affidavits and
submitted warrants. When they did bother to submit warrants for deploying
Stingray devices, they were sure to hide their activities behind euphemism and
snowjob and went to judges who would rubber stamp the warrants. As courts have
come to understand what was happening, they have not been happy. Now they're
trying the same tactic with dragnet-style offensive hacking of remote
computers.

------
vgrafe
Does "anonymity software" include VPN as well?

~~~
tootie
The rule says "the district where the media or information is located has been
concealed through technological means". So yes. BUT, the search still requires
a warrant with probably cause. So the thesis of this article would appear to
be completely wrong.

------
nxzero
Might be wrong but it also appears to give the right to access any cluster of
(5+) machines that were hacked together AND download the contents of those
machines WITHOUT any notice or due process for the owners of those machines.

If anyone feels I'm wrong, please explicitly state the line of logic used.

If true, given the scope of exploited devices in the wild - anyone may
randomly get there computer searched and unless they're able to prove the
search was illegal anything on the device is fair game.

Worst case, they hack machines to create "probable cause" using shell
companies or contractors; no idea how this would be legal, but no idea how
this ruling is legal either.

~~~
tomku
See my post in this thread that quotes the rule change. This is entirely about
venue for search warrants. A valid warrant is still required, ALL this rule
change does is expand which jurisdictions the government can apply for the
warrant in.

~~~
nxzero
__Yes, read the full ruling and your comment when it was posted. I do not see
a conflict with what was said and what my statements.

Meaning currently say there are 5000 devices in NYC the FBI is already legally
allowed to hack into them and remotely copy all the contents of those files
without due process or notice to the owners?

________

EDIT(Re: "General warrants" comment below)

Just to be clear, me reading of your comment is that "general warrants" that
allow the FBI to download the contents of any computer that's in a botnet
within the jurisdiction of the warrant provided is legal and the owner is not
required to be notified unless that owner happens to be the defendant in the
filing. Further, unless that warrant is later proven illegal, owner is legally
accountable for the contents of the computer unless they're able to prove that
they are not the party responsible for in illegal activities "discovered" in
the process.

~~~
JoshTriplett
As ridiculous as I find this particular change, in general, warrants do
legally constitute "due process" for a search.

EDIT: added a comma after "in general" for clarity.

~~~
nxzero
Meaning you're saying that all device owners would be notified of that there
computer was remotely accessed and all the contents were copied, right? To me,
ruling reads that only the defendants, if known, must be notified.

------
13of40
Just about the "government hacking" bit in the article: The government already
legally does what would get any of the rest of us arrested for larceny,
kidnapping, assault, fraud, or even murder. Why should we be surprised at
legal hacking? The jurisdiction question is the only thing that makes it
special.

------
Aelinsaar
What an absolute crock, but an obvious step that had to be taken on the road
to criminalizing privacy.

------
nanobit
The day all Americans will only be allowed to sit in a jail are not far away.

