Hacker News new | past | comments | ask | show | jobs | submit login
[dupe] FBI can obtain a warrant if you run Tor [pdf] (supremecourt.gov)
125 points by dineshp2 on May 8, 2016 | hide | past | web | favorite | 22 comments

We need an accurate, neutral title for this. Suggestions?

Edit: or if it's a dupe, as some comments suggest, please reply with a link to the earlier thread.

Maybe this thread (not really a dupe): https://news.ycombinator.com/item?id=11594597

Ah, that must be the thread people have in mind. Thanks!

That's a dupe by HN's standards: it's a major discussion of the same story.

> That's a dupe by HN's standards: it's a major discussion of the same story.

Ohh, good to know.

This original title for this thread https://news.ycombinator.com/item?id=11596840 seems like the most honest:

US judges can now issue warrants for computers located in any jurisdiction

I can't help but be a bit cynical and suspect that headline would never get so many upvotes because it doesn't fit the HN narrative as well.

I can be wrong, but I suppose main change there is that it's no longer needed to know PC location to get a warrant and this isn't just for Tor. So with my shitty grammar it's would be:

> FBI can obtain a warrant to search computers of unknown location.

Even that is misleading because one valid way to read that sentence is that they can get a warrant for any a computer on the sole basis that its location is unknown. That's not so. They've only eased the requirement that the warrant be issued by judges in the same circuit as the physical computer, in cases when the location of the computer cannot be ascertained.

I don't think the contents in the link back up the claim in the title, it seems to say that if you've been suspected of a crime and you run Tor then the fact that you've used Tor increases the scope of the warrant in limited ways. The warrant is served because of the crime you've been suspected of, not because of the use of Tor.

That's it. It's not saying that just using Tor is enough to be served a warrant. There's really nothing that crazy about any of it.

What are the criteria required to satisfy suspicion?

"I could smell weed, so I arrested this driver's personal belongings including several thousand dollars in cash".

That's a well established area of American criminal law that's not confined to this matter and way too big to discuss in a Hacker News comment.

Title seems to bury the lede if I'm not reading this wrong. The rules would seem to provide warrants to remotely break into computers in unknown jurisdictions ("location has been concealed through technological means") in order to seize data. As in US FBI breaking into computers in other countries.

And look at (b)(6)(B) -- tell me that doesn't say the warrant would be to break into the victims' computers. 18 U.S.C. 1030 is the CFAA.

This was posted a few days ago. I recall that what it actually says is that you can get a warrant to break into the machine even if it can't be proven that the machine is in the jurisdiction of the court giving the warrant, because it is hard to do so when TOR is in use. You still need a valid warrant, it just can come from a different state then where you reside.

Yeah I remember that post. One thing I didn't ask that I meant to. Does anyone know what kind of implications this would have if a warrant is granted for a machine that turns out to reside outside of the USA?

Extreme over the top example scenaria: An employee of a foreign government installs Tor on their work machine, does some things meriting an FBI warrant under this decision. The FBI finds a way to access this machine, and in the process accidentally discovers classified information belonging to the foreign government and that government finds the data breach came from the FBI.

I may be mistaking, but the decision sounds like an awful lot of trouble preparing to happen with regards to foreign relations.

IANAL, but I would think that if you are hiding your identity you lose any rights that come with that.

Do these new rules expand the claimed foreign jurisdiction of US federal courts or not?

The amended rules provide new authorities for issuing warrants when "the district where the media or information is located has been concealed through technological means". In other words, the new rules seem to expand the authority of federal courts when there is a question of which district court has jurisdiction. But what do these new rules mean for cases in which the location of the information is clearly outside of the jurisdiction of any US federal district court, or when there is a question of whether it might be?

Apparently the rules were previously amended to remove the definition of "district court" [0], making this question still more subtle. Note also that the rules explicitly expand the jurisdiction of US federal courts without regard to sovereign geography in cases of terrorism, but not otherwise. (I am reminded why I decided not to pursue a legal career.)

0. See the note pertaining to Rule 1(b) of the 2002 amendment, at https://www.law.cornell.edu/rules/frcrmp/rule_1

There was a case centered around the fact that the defendant maintained a TOR router and occasional exit point in the city I live in a few years ago.

I didn't follow it obsessively but general gist I walked away with was that the authorities were using TOR as an excuse to go after people who had gotten their attention for other reasons, perhaps so simple as annoying people who are simply friends with people in power. And then subject them to a shockingly large range of intrusive police activity (including extended surveillance, pre-dawn raids using specially trained heavily armed police forces), and drawn out prosecution for a litany of minor or petty violations they happened to discover in the process.

At the end of the trial it came out that they never did really try to prosecute any of the TOR related "offenses" and judges were apparently happy to leave TOR usage in some sort of legal grey area.

So it's not just the Americans and the FBI that get up disingenuous shenanigans when it comes to TOR.

Looks like it mostly targets onion sites/eepsites to me, but it's really broadly worded. Damn.

Can someone give context for this document? Why is the Supreme Court proposing amendments to the federal criminal code?

I wish they'd go after the users of shell companies just as aggressively as Tor. But this 1% has super PACs.

off topic: Can everyone stop spelling "Tor" with all caps? https://www.torproject.org/docs/faq#WhyCalledTor

Whoops, thanks, edited. I guess they're like Nato but not yet awol. http://english.stackexchange.com/questions/51924/proper-capi...

Well this is it folks, to be honest I don't really blame em'

Registration is open for Startup School 2019. Classes start July 22nd.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact