Hacker News new | comments | show | ask | jobs | submit login

My evaluation is that their priority is preservation of evidence, and they consider a few random websites being down for a couple of days to be relatively unimportant.

True, but unless they think someone at the colo is going to tip off the owners, taking 10 minutes to figure out which machine hosts which site shouldn't be an issue. With a warrant, I imagine the colo would be willing to look up the mapping from company -> rack/server being leased.

Keep in mind that the FBI agent-in-charge's perceived cost for pissing off some small web companies is pretty low; their perceived cost for tipping off whoever they're after, and blowing the entire operation, is much, much higher.

So let's say they go in, and power off all the servers. At this point, they ask the colo host who's server is who's. The non-involved servers get turned back on, and the correct ones get confiscated.

Where's the downside to this? The unrelated sites suffer maybe a few hours downtime max, and they don't have to worry about tipping anyone off.

This is essentially what I had in mind. No different from an operational risk standpoint from grabbing the whole rack, from what I can tell.

Unless you don't know the difference between a server and a rack, as the article suggests.

I have a hard time believing that the FBI cybercrimes division doesn't know the difference. They can't be that inept, it's a big part of their job.

Why are you downplaying the egregious police-stateness of this whole thing?

If the FBI is already there, it really shouldn't be a problem for them to locate the exact server that hosts their alleged offender and confiscate only that one.

How do you think anyone would be tipped off in that situation?

I wasn't addressing the egregious police-stateness at all, one way or the other (which I suppose is downplaying it, by not addressing it, but that wasn't my intention). I think that there should be incredibly strict bounds on what can be seized without a warrant, and still rather strict bounds on what can be seized with a warrant, but I don't know whether this case overstepped those bounds.

For example, I believe it's illegal to take information which was coincidentally seized along with legitimate evidence subject to a warrant, and use it in an unrelated case. I'm strongly in favor of such laws, to discourage "fishing expeditions", where law enforcement uses a legitimate warrant to seize a bunch of unrelated material that they're interested in using for other purposes.

However, I suspect if you walk into a data center where some malicious customer is doing something illegal, probably that customer has tried to make it harder to connect them to what they're doing.

Also, I don't know about this case, but there are lots of small hosting companies that lease servers from other companies, and the staff at the colo only know the lessor, not the lessee. They wouldn't have any access to the hosting company's customer database which might map customers to servers.

Besides, the FBI has to worry about low-probability cases like, what if one of the employees is a friend of, or paid off by, the bad guys? Or what if the bad guys are somehow monitoring the facility?

The FBI has a legitimate goal of seizing the evidence they need as quickly and with as little notice to the bad guys as legally possible.

Did the FBI act wrongly in this case? I don't know enough to tell.

>unless they think someone at the colo is going to tip off the owners,

That is exactly what they are worried about happening.

if anyone associated with the colo tipped someone off (or there was cameras in the colo streaming) 10 minutes is more then enough to start deleting things.

Just power down the whole rack then decide.

Applications are open for YC Summer 2018

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact