The FBI are not police, are not detectives, and are not competent in these matters. I'm sorry but covert monitoring of a server is going to be vastly more beneficial for an operation than taking the server and is going to net more targets and more evidence.
I remember stories of the FBI sitting on a known front for organized crime and waiting until they got someone worth catching before making a move.
It's a universal truth that any action has a reaction. If the FBI shut down a money laundering front, then the Mob would get wise and get more sophisticated and you won't hurt their operation. If you wait until you can link someone important to the Mob infrastructure and then make a move, then you've seriously effected crime in a city.
The FBI does shit like this and Megaupload before they appear to have their ducks in a row. They don't know what they're doing, and don't know what they're looking for so they consistently appear to jump the gun.
My only thoughts with this are that someone with a lot of power and influence is making this happen. What I wonder is what politician or presidential candidate/whatever has a lot vested and a lot to lose from someone finding out they/their kids/their family is pirating, or running anonymous operations, etc. Seriously, it's the only reason I can think of other than incompetency as to why the FBI is consistently jumping the gun.
I wonder if they'll auction off the server?
Fun fact. The federal government makes ~$3 billion a year off asset seizures. They don't have to charge people with a crime to seize property - the trial is actually conducted against the property itself.) The law enforcement agencies responsible get to keep 50-80% of the proceeds.
http://reason.com/archives/2010/01/26/the-forfeiture-racket/... (disclaimer - source does not pretend to be unbiased ;)
1. Police are taking at least 20% hit right off the top. so, sure $1000 turns into $750 at 5%, the police are going to be looking at $600 profit, at the very best. a $1000 computer would be more like $100 dollars after five years, in which the police keep $80 bucks.
2. You can pirate all the copyrighted material you want in Argentina and Zimbabwe. Furthermore, neither of those countries really care about property rights. if the government wants your stuff, they just take it anyway.
Actually the FBI is a law-enforcement agency with the statutory power to investigate and arrest people for the violation of certain federal laws. I'd consider that police.
They do this sometimes. You don't hear a lot about it, because it is covert, and nobody makes a stink about it in the headlines. But it is time-intensive and expensive, so you can't do it all the time to every target of interest. If you believe the servers already have all the evidence you need, and you can get the servers, it makes sense.
It's like the difference between hiring a private eye to shadow someone for a month, and simply requesting a subpoena. Both have their place.
It would be interesting to correlation frequency of these stories with FBI budget cycles.
The purpose was to disrupt and stop the service with minimal effort and without having to wait for a trial. They were able to judge and punish a business without trial.
Why would they do that? In this case it might be the very common law enforcement motivation of doing something, anything.
They probably just seized it for evidence collection. May First/People Link said they don't keep any logs. Maybe the FBI didn't believe them or think they can do some 'advanced forensics' on the HDD.
It's like keeping your kids school books and a kilo of cocaine both in your cars trunk, then complaining when the FBI takes the whole car into evidence.
I run a number of Tor nodes. I follow the Tor mailing list. I understand that what I am doing is not illegal, but is still very risky. What have I done in response to that risk? All my important shit is hosted elsewhere.
This is a good time to https://help.riseup.net/en/donate
.. lots of options, including bitcoin and flattr.
The E911 article is:
The funny thing is that after all the noise the FBI and government made, it was found that the same document was kind of publicly available (or easily obtainable by anyone).
Good times those :)
Also, if you haven't done so already I encourage you to read the FAQ at the end of the page. It has one of the best answers to "Doesn’t Mixmaster/anonymous remailers enable criminals to do bad things?" I've ever seen.
Can't comment on whether or not its effective, and of course if you have a disaster recovery plan and your site pops back up I don't know what they do, I guess they play whack-a-mole with search warrants.
I say this not to be disagreeable, but to highlight how bad the WOD really is.
And with lots of innocent casualties
And supported by morons
Analogy: the cops need to look at a gun store's records to track down a criminal shooter. The cops have reason to believe people with access to the gun store might go in and destroy those records. Should they be able to shut down the gun store (temporarily) and block access to it while they execute a legal search warrant on it?
Investigations of crimes benefit the public, and so the public (taxpayer) should pay the costs of the investigation, not whatever private party the costs happen to fall upon. Taking this logic to its conclusion, in a fair and just society, if a law enforcement agency executes a search warrant, it should have to pay those affected by the search warrant the reasonable costs of that seizure (e.g. the cost of renting and deploying an acceptable alternative until the equipment is returned, or the cost of lost business if it is a purely for-profit organisation and loss acceptance appears to be the cheaper based on the information available to the business at the time). This wouldn't apply if the court was satisfied following a contested hearing that the person having assets seized was a party to a crime being investigated.
While the above would be fair, it is not how the law works in many jurisdictions, because politics works on what politicians can fit in a sound bite (lower taxes! more law enforcement on the same budget!), not necessarily what is fair to minorities like innocent parties having their equipment seized.
Frankly, your logic makes no practical sense.
They do, actually, except most of the time they don't bother with the warrant, and it doesn't make the news because neither law enforcement nor the companies involved have any interest in disclosing it.
If secure anonymization technologies become a lot more common, law enforcement organizations will eventually learn not to bother. Until then, anyone running such a service (such as a Tor exit node) should expect to have this happen to them periodically.
- Those companies probably have too many servers and too much data to make seizing all of it productive.
- Those companies would be less likely to be effected, as they have backups and redundant servers for handling outages.
- Those companies keep records that they provide to law enforcement when presented with a warrant or subpoena.
It's 100% ok to run an anonymizing remailer, with no backup strategy in place. It's retarded to act surprised and indignant when the server gets seized because it was probably used to commit a crime.
Did you read the press release? Riseup was not running the anonymizing remailer, it just happened to be on the same physical machine as some of Riseup's infrastructure/e-mail accounts/listservs/etc.
From the press release:
The seized server was operated by the European Counter Network (“ECN”), the oldest independent internet service provider in Europe, who, among many other things, provided an anonymous remailer service, Mixmaster, that was the target of an FBI investigation into the bomb threats against the University of Pittsburgh.
Obviously the person down voting me is not aware of how Bin Laden used USB sticks...
Under previous federal administrations, such information was required to be destroyed if collected. However the current administration and counter-terrorism guidelines assert that such private information may be held for 5 years, and shared between government agencies.
I do not agree with the FBI confiscating servers to figure out where the anonymous bomb threats have been coming from, but I'm kind of glad they are and feel bad for that.
But really, what you're complaining about is CYA (cover your ass) security. It's a lot easier for the person in charge to decide to clear out the building, and answer to a bit of grumbling with "just doing my job to keep you people safe" than it is to deal with the (extremely unlikely) fallout that would come from ignoring a real bomb.
I mean, that is the Essenes of a bomb scare as opposed to a bomb threat or an actual bomb, no?
Pitt has the tallest educational building in the US (Cathedral of Learning - which has had 14 bomb threats), plus many other buildings on campus are rather tall too. I cannot begin to imagine how exhausting these bomb threats have been to the police. Many people don't want to evacuate the buildings either. But what if some lunatic takes advantage of how desensitized and relax people are becoming to go a shooting spree... that is the more scary thought.
And today is the anniversary of the 1995 Oklahoma city bombing.
However I am uncertain if a "threat" was ever called in for either.
This is evidence that a called in thread will likely never be real - real attacks aren't called in with warnings.
The unibomber is one example. He would send mail bombs if newspapers didn't heed his threats and publish his ramblings.
126 is alot. I bet if you were to investigate the timing of these threats you might find some interesting correlations...
Here is a spread sheet about the bomb threats (not made by me):
Here is a blog someone started to keep track of bomb threats: http://stopthepittbombthreats.blogspot.com/
I hope Riseup posts a list of those 300 e-mail accounts that were taken offline, so the owners know that they are now on an FBI watch list.
I also went to check their wikipedia page to see if there was a history section, and Riseup doesn't seem to have one.
Now I'm going to go soothe my paranoia.....
I'm sure the time I'm thinking of had to have been before 2004 because I remember not even having a drivers license at the time.
If this stuff is so gosh-darn important, I feel these users have put their faith in the wrong hosting organization...
riseup is a collective driven isp that is focused in social change activists, so they do have values and principles different than making money. the issue here is not the disrupt, it's the attack on those values.
i hope you now understand why nobody ask about that, it is important, but not the issue about this. also it's because this values people put faith in them and not in google, amazon or another money focused company, me included :)
*I know it is not a react quickly because human lives could be at stake - but considering anything tied to a presidential election could lead to a person voted to office that could jeopordize a nation.
Dramatic description aside, I really hope that what they mean is - lost one copy of it, waiting for DNS change to propagate... Am I hoping for too much?
Doesn't a judge have to issue a warrant?
And does anyone know what was this about, e-mail threat to do ... ?
You think they give a fuck about the other 4 slices on your server? No. They don't. In fact it says so right in their SLA.
If you are trying to defy the FBI, and 100% of your site architecture resides within Amazon's infrastructure you are not robust.
They are all the same == Downtime.
My point is that if you have a "server" that can be seized, you have not designed a robust system.
Imagine the FBI trying to seize Google or Amazon or Facebook (well, a lot easier in the case of facebook only because they have so few datacenters by comparison.)