Sunday , February 25 2018
Home / Technology / The DOJ’s Bizarre Subpoena Over An Emoji Highlights Its Ridiculous Vendetta Against A Security Researcher

The DOJ’s Bizarre Subpoena Over An Emoji Highlights Its Ridiculous Vendetta Against A Security Researcher

Yesterday we broke the loopy story of how the DOJ issued a subpoena to Twitter trying to establish 5 Twitter customers, not due to something they’d carried out, however as a result of another person the DOJ disliked — a safety researcher named Justin Shafer — had tweeted an emoji at them in response to a dialogue a couple of totally different case. You’ll be able to learn all the main points in that unique put up, in case you missed it yesterday. There was a lot craziness in that story that I did not even get to cowl all of it. A few of these named within the subpoena have posted their ideas — together with Ken “Popehat” White and Keith Lee. I recommend studying each, because the subpoena directed at every of them was notably foolish, on condition that each freely make their identities public. The DOJ did not appear to do even the slightest analysis into the accounts it was demanding data on, or it could have recognized simply how simple it was to “unmask” White and Lee.

As for the opposite three Twitter accountholders — all of them are nameless. However the DOJ actually has zero authorized foundation for unmasking them. As we have mentioned repeatedly previously, nameless speech can also be protected by the First Modification, and there is a very excessive bar for regulation enforcement to get previous to unmask nameless audio system. EFF’s Kurt Opsahl pointed to a concise assertion on this in a latest ruling within the Awtry v. Glassdoor case, which Lee additionally reposts in his weblog:

The Supreme Courtroom has acknowledged that “an creator’s choice to stay nameless, like different selections regarding omissions or additions to the content material of a publication, is a side of the liberty of speech protected by the First Modification.” McIntyre v. Ohio Elections Comm’n, 514 U.S. 334, 342 (1995). Certainly, “[t]he proper to talk anonymously was of elementary significance to the institution of our Structure.” Doe v. Inc., 140 F. Supp. 2d 1088, 1092 (W.D. Wash. 2001) (citing McIntyre, 514 U.S. at 341-42). Specifically, “Justice Black . . . reminded us that even the arguments favoring the ratification of the Structure superior within the Federalist Papers have been printed beneath fictitious names.” McIntyre, 514 U.S. at 342 (citing Talley v. California, 362 U.S. 60, 64 (1960)). So too have been the responses of the anti-federalists, which have been printed by authors who used such fictitious names as “Centinel,” “Brutus” and “The Federal Farmer.” In re Anonymous Online Speakers, 661 F.3d 1168, 1172-73 (9th Cir. 2011).

Additional, it’s well-established that nameless speech on the Web, like different varieties of nameless speech, enjoys First Modification safety. In re Anonymous Online Speakers, 661 F.3d 1168, 1173 (9th Cir. 2011)(“on-line speech stands on the identical footing as different speech—there may be `no foundation for qualifying the extent of First Modification scrutiny that must be utilized’ to on-line speech”) (quoting Reno v. Am. Civil Liberties Union, 521 U.S. 844, 870 (1997)). Because the Ninth Circuit has defined, “the power to talk anonymously on the Web promotes the strong trade of concepts and permits people to precise themselves freely with out `worry of financial or official retaliation . . . [or] concern about social ostracism.’” Id.(quoting McIntyre, 514 U.S. at 341-42).

First Modification safety of nameless speech “just isn’t limitless, nonetheless, and the diploma of scrutiny varies relying on the circumstances and the kind of speech at concern.” Id. Political speech is taken into account to be “core” speech and is afforded the best stage of First Modification safety. McIntyre, 514 U.S. at 346. On-line messages corresponding to those at concern listed here are additionally entitled to some stage of First Modification safety, even when the hurdle for overcoming that safety is much less stringent than it’s for political speech. See In re Anonymous Online Speakers, 661 F.3d 1168 at 1177; see additionally Highfields Capital Mgmt., L.P. v. Doe, 385 F. Supp. 2d 969 (N.D. Cal. 2005) (discovering that identification of particular person who anonymously posted derogatory feedback about an organization on a web based message board was protected against disclosure beneath the First Modification); Art of Living Foundation v. Does 1-10, No. 10-cv-5022 LHK, 2011 WL 5444622, at *5 (N.D. Cal. Nov. 9, 2011) (discovering the usual articulated in Highfields utilized to anonymously posted on-line commentary criticizing the plaintiff’s group).

That the Assistant US Attoreny, Douglas Gardner, who signed off on the subpoena, both did not know this or did not care is vastly troubling and problematic. As Scott Greenfield colorfully summarizes of the federal brokers concerned on this case, wanting on the particulars, “this situation is so utterly idiotic as to make one wonder how they can get out of bed without hurting themselves.”

After all, for White and Lee, that is largely amusing. For the opposite three, it is doubtless that the DOJ will backdown, although it might trigger them one thing of a headache within the meantime.

However the actually loopy story is what is going on on with Justin Shafer, the safety researcher on the coronary heart of all of this. As we defined yesterday, Shafer had uncovered some unhealthy expertise practices by numerous dental software program corporations — together with faux encryption that resulted in an FTC effective — and a large open FTP server revealing non-public data on prospects. The latter resulted within the FBI raiding his dwelling and taking all of his electronics. That, in fact, set issues off on the loopy course resulting in the emoji subpoena, as a result of Shafer obtained fascinated by discovering out extra about FBI Particular Agent Nathan Hopp (who Shafer initially thought was Nathan “Hawk”). As talked about yesterday, I do not agree with Shafer’s selections and actions in making an attempt to trace down Hopp, however to argue that it was, in anyway, prison Cyber Stalking appeared nuts.

Dissent Doe, one of many nameless customers whose data was subpoenaed by the DOJ, and who has labored with Shafer previously to (ethically) expose breaches has an extended put up detailing just how totally fucked up the DOJ’s claims are towards Shafer. It is even worse that we initially thought. Within the criminal complaint we posted yesterday, we did not even get into the sooner components, the place FBI Particular Agent Ronnie Buentello tries to attach Shafer to a reasonably well-known black hat hacking group that offers in vulnerabilities and illegally accessed data, referred to as The Darkish Overlord. The Darkish Overlord really was within the press this week for accessing non-public data from a plastic surgeon who works with many well-known individuals, and promising to launch the data.

Within the Buentello’s affidavit with the prison grievance towards Shafer, the FBI agent tries to attach Shafer to The Darkish Overlord, claiming that the dental database he had found obtainable on-line was additionally present in The Darkish Overlord’s possession, and in addition presenting proof of communications between Shafer and The Darkish Overlord. It is in no way clear what that has to do with with Shafer’s alleged “Cyber Harassment” of Nathan Hopp, nevertheless it’s actually introduced to the grand jury in a strategy to make Shafer out to be a foul dude:

On June 29, 2016, FBI Atlanta (NDGA) opened a prison laptop intrusion investigation on a person utilizing the net moniker, “TheDarkOverlord,” who claimed to have stolen 655,00zero affected person medical data and tried to extort medical amenities he victimized. As a part of their case, FBI Atlanta is investigating JUSTIN SHAFER as a co-conspirator of “TheDarkOverlord.” Subsequent media experiences confirmed “TheDarkOverlord” had posted the data for gross sales the place he was searching for 60 Bitcoins ($39,782.00) for a Farmington, Missouri database of 47,864 data, which was discovered on JUSTIN SHAFER’s laptop throughout a search warrant executed on January 29, 2017; 170 Bitcoins ($112,200.00) for a Central/Midwest database containing 207,572 data; and 300 Bitcoins ($197,940.00) for a Blue Cross/Blue Defend (BC/BS) database containinng 396,458 data. Since his look in June 2016, “TheDarkOverlord” has claimed roughly 15 main laptop breaches and the sale of 1 million buyer PII data, and engaged in extortion of the victims throughout the US, focusing on medical suppliers, monetary corporations, giant U.S companies, and even a supplier of most cancers servcies in Indiana. Most often, “TheDarkOverlord” extorted his victims with verbose, condescending, and abusive language, and taunted sufferer corporations, their workers, and (in no less than one case) the kids of sufferer workers. “TheDarkOverlord” has carried out threats to launch information when victims declined to pay, and has made implied threats to FBI Brokers in Atlanta and New Orleans.

Collaboration between a number of FBI Divisions has subsequently recognized vital hyperlinks (IP addresses, emails, social media ccounts) between “TheDarkOverlord” and JUSTIN SHAFER. On January 29, 2017, FBI Dallas, FBI Atlanta, FBI Saint Louis, FBI New Orleans, and FBI Newark executed a search warrant at JUSTIN SHAFER’s residence, positioned in North Richland Hills, Texas. At time of entry, JUSTIN SHAFER was logged into no less than two totally different workstations in his dwelling workplace and storage. Throughout the execution of the search warrant, the FBI seized roughly 29 proof gadgets, together with desktops, laptops, arduous drives, router, a number of cell telephones, quite a few common serial bus (USB) drives, CD’s, and an Xbox sport console. A chat session showing to be with “TheDarkOverlord” was noticed on a pc throughout the execution of the search warrant. Within the months following the preliminary search warrant on Could 25, 2016, a number of on-line media retailers printed articles defending Shafer as a “safety researcher” and admonished the FBI for executing a search warrant at his residence. SA Nathan Hopp was current for each search warrants that have been executed on Could 25, 2016 and on January 29, 2017.

Sounds fairly nefarious, proper? Proper. Besides… as Dissent Doe factors out, this leaves out a ridiculous quantity of context that means that somewhat than collaborating with “TheDarkOverlord” (or possibly even being TheDarkOverlord as some would possibly learn the Buentello’s account to recommend, Shafer had an extended historical past of making an attempt to expose TheDarkOverlord — and, particularly to share the main points of what he discovered with the FBI.

What the FBI didn’t inform the court docket was that Shafer had emailed that very database to the FBI in July, 2016, telling the FBI that TheDarkOverlord gave it to him, unsolicited, duing a chat on Twitter.

So right here’s “Exhibit A” for you: the e-mail Justin Shafer despatched on July 1, 2016 to this blogger and the Dallas FBI with the database the FBI would later declare supported a suspicion that he was a “co-conspirator:”

On July 1, 2016, Shafer emailed the Dallas FBI a duplicate of a database TheDarkOverlord had given him by way of Twitter. On March 31, 2017, the FBI claimed they discovered it throughout a raid of his dwelling in January and by no means talked about that he had supplied it to them voluntarily in July, 2016.

Okay. However how about that supposed “chat session” that Shafer was having with The Darkish Overlord when the FBI raided his home?

The affidavit referred to a chat session, however didn’t point out whether or not it was a file copy of an previous chat session or a brand new one in progress on the time of the raid. In actual fact, Shafer did have quite a few non-public (DM) conversations on Twitter with TheDarkOverlord that Shafer logged. He typically reviewed the logs afterwards, searching for extra clues within the materials. Shafer typically shared his logs of the chats with this blogger and with others – together with the FBI.

So now view “Exhibit B:” an e mail Shafer despatched on July three, 2016 to an NHS unit within the U.Ok. to warn them that they’d been hacked by TheDarkOverlord. Shafer had been informed concerning the hack in a personal dialog with TheDarkOverlord after which tried to contact the NHS in order that they might safe their information and warn sufferers. Shafer additionally cc:d Dallas FBI on that e mail, and included a part of the chat log between him and TheDarkOverlord:

When Shafer discovered that TheDarkOverlord hacked the NHS, he tried to inform the NHS and cc:d the Dallas FBI. A part of the chat log between Shafer and TheDarkOverlord that was emailed to the Dallas FBI to alert them. The FBI would later recommend that discovering chat logs on Shafer’s computer systems was someway proof that he was a co-conspirator.

As Doe factors out, Shafer was even persevering with to share data on The Darkish Overlord with the FBi after the FBI had raided his home. Doe factors out, a la Scott Greenfield’s observations, that these FBI and DOJ people do not appear to have the slightest clue what they’re doing:

It appears the FBI couldn’t inform a white hat from a black hat. Or maybe the Dallas FBI didn’t share the data he was offering to them with the Atlanta and Missouri areas of the FBI and different areas investigating TheDarkOverlord. Regardless of TheDarkOverlord’s weird makes an attempt to implicate Shafer or tease him, Shafer had at all times helpfully supplied data to the FBI. What co-conspirator does that?

And do notice that Shafer provided this assist to the Dallas FBI in July, 2016 – even after they’d raided him in Could, 2016 and upset his kids and broken his property (he claims). He was nonetheless being a whitehat. What a disgrace that the Dallas FBI didn’t reply to him that manner.

Now take into account “Exhibit C:” If Shafer was a co-conspirator, why was he working across the web making an attempt to get TheDarkOverlord affected person information dumps eliminated? Right here’s an e mail from in February, 2017 thanking Shafer for notifying them and saying they suspended TDO’s account. It was not the primary time Shafer had contacted them. And as soon as once more, Dallas FBI was cc:d.

File-sharing web site thanked Shafer for alerting them to an information dump of delicate data.

So starting in July, 2016 and thereafter, Dallas FBI acquired proof that Shafer supplied to attempt to assist them catch TheDarkOverlord. Does any of the proof above appear to be somebody conspiring with TheDarkOverlord or does it appear to be somebody making an attempt to assist regulation enforcement catch TheDarkOverlord?

As Doe additional factors out, the FBI has all of this proof. It selected to selectively current it to a grand jury in a fashion that absolutely misrepresents Shafer’s relationship to The Darkish Overlord (and to the FBI, for that matter). It actually appears as if the considerably clueless FBI was simply so targeted on defending one among its personal — Particular Agent Nathan Hopp — that it seems to have virtually framed Shafer to the grand jury to result in his eventual arrest and indictment.

And, on that notice, in April of this yr, Shafer was indicted (although, considerably oddly, in a distinct district…) for the supposed Cyber Stalking of Hopp. The indictment, considerably ridiculously, claims that Shafer “with intent to injure, harass, and trigger substantial emotional misery” had “used and tried to make use of, amenities in interstate and international commerce, together with email correspondence and web web sites, to have interaction in a course of conduct that prompted and tried to trigger substantial emotional misery to the victims.”

Once more, I feel that Shafer in all probability went overboard in venting his anger about Hopp and posting some publicly obtainable data about Hopp and his household. He additionally did attain out to Hopp’s spouse by way of Fb — which, once more, appears dumb. However to argue that his messages have been harassing looks like a stretch. The dialog was Shafer asking Hopp’s spouse to ask Hopp to return the movies of his youngsters that had been seized in an earlier raid. Once more, this can be a dumb factor to do, nevertheless it looks like a stretch to name it cyber stalking.

In the meantime, one other factor discovered within the unique affidavit was a chat between Shafer and a pal of his, Darrell Pruitt, by which Pruitt responded “What an asshole” following Shafer’s sharing some data on Hopp. Pruitt commented on our story, noting that his involvement meant that the FBI confirmed up at his workplace:

As a pal of Justin, he shared with me his suspicion of FBI Particular Agent Nathan Hopp’s (or Hawk’s) perceived vendetta because it was taking place. I responded, “What an asshole.” And that was sufficient to warrant an unannounced go to to my dental workplace by two brokers, whose questions indicated to me that they actually did not have a clue concerning the case they have been prosecuting. I feel they have been disillusioned that I really did not help Justin in figuring out Hopp, that I’ve nothing to do with TheDarkOverlord, and that no cash had been exchanged between Justin and me… Thus went an hour of my life which I am going to by no means regain – To not point out that my first affected person waited in my dental chair for an hour whereas I used to be requested pointless questions. I used to be even warned by one of many brokers that “‘I do not know’ will solely go to this point.” However it’s the rattling fact.

This entire story is loopy and weird — however actually raises severe questions on a DOJ and FBI completely uncontrolled.

Source link

Check Also

Stuxnet-style code signing is more widespread than anyone thought

Enlarge / The 2 authentic signing certificates Stuxnet used to bypass Home windows protections. One …

Leave a Reply

Your email address will not be published. Required fields are marked *