Feds Say They Can Search Bradley Manning's Friend's Laptop Because They Can
from the leave-us-alone dept
Back in May, we noted that Homeland Security's ICE group had taken David House's laptop and had kept it for 49 days because he's friends with Bradley Manning, who is accused of leaking the State Department cables to Wikileaks. House was traveling back to the US from a vacation in Mexico and Homeland Security has long held that it can take your laptops at the border for any reason whatsoever. House (with the help of the ACLU) sued the government over this. Not surprisingly, the Justice Department is defending the actions of ICE, basically using the "we did it because we can, so shut up" argument.There is no basis for the Court to conclude that searches of laptops or other electronic devices at the border should be subjected to a different standard than that for other closed containers. Nor is there a basis for the Court to conclude that Plaintiff’s First Amendment rights were violated by the routine search and detention of his devices at the border.This is, at best, disingenuous and, at worst, dishonest. There is a tremendous "basis" for a court to conclude that searches of electronic devices differ than searches of a closed container. That's because, as we've discussed at length before, what's in your laptop and what's in a container at the border are entirely different:
- You mostly store everything on your laptop. So, unlike a suitcase that you're bringing with you, it's the opposite. You might specifically choose what to exclude, but you don't really choose what to include. With a suitcase, you specifically choose what to include.
- The reason you bring the contents on your laptop over the border is because you're bringing your laptop over the border. If you wanted the content of your laptop to go over the border you'd just send it using the internet. There are no "border guards" on the internet itself, so content flows mostly freely across international boundaries. Thus if anyone wants to get certain content into a country via the internet, they're not doing it by entering that country through border control.
On a separate note, the reason given for having to keep House's laptop for so long? Because the laptop ran both Linux and Windows and the tech geniuses at Homeland Security had trouble understanding how to deal with that.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: 4th amendment, bradley manning, david house, free speech, laptops, privacy, seizures
Reader Comments
Subscribe: RSS
View by: Time | Thread
When the feds search a closed container. They open it up, search it, and then immediately give it back.
When the feds search a laptop or other electronic device, they send it to a computer foresnic division and they search it for months.
That's a huge fricken difference, nimrods!
[ link to this | view in chronology ]
so what was the outcome, or isn't there one (yet)?
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Because I said so.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
I can see this scenario playing out in my head with a confused forensic tech muttering:
"For some weird reason, our Windows based forensic software isn't reading half the hard drive."
[ link to this | view in chronology ]
Re:
That isn't to say that the real guys at the main offices and research labs don't know their stuff...they do. It's just that data forensics is not exactly an entry level job and most of these guys only get a week of training and don't bother to keep up with the state-of-the-art. Not to mention the fact that often, they're handling a ton of other projects.
[ link to this | view in chronology ]
Re: Re:
Unfortunately they have to spend all their time refining the "preconfigured CD, suite of software and manuals" for the chumps instead of doing any actual investigating
[ link to this | view in chronology ]
Re: Re: Re:
[ link to this | view in chronology ]
Re: Re:
Either SIFT by SANS Institute, or "Sleuth Kit", both GPL and *nix based are so much better and wonders of wonders work on Windows, and Linux/Unix based Systems since they are booted from the USB/CD itself.
Booting up a Laptop by its own O/S is NOT forensically Sound practice since it is guaranteed to corrupt & change evidence.
Does anyone know of any cases from ICE/DHS seizing laptops, then using whatever so called 'evidence' found in a criminal (or civil) case that has gone to conclusion? I had a quick look and could not find any.
[ link to this | view in chronology ]
Seriously...To say with a straight face that a person's laptop is the same as a suitcase as far as searchability is just ridiculous.
I agree hat a balance must be struck between the legitimate rights of individuals and the ability of law enforcement to do their jobs. Still...8 weeks of detention is simply ridiculous and in my mind, doesn't represent a fair limitation on peoples rights for the benefit gained by law enforcement...
[ link to this | view in chronology ]
Re:
Let people enter the country with their personal belongings. Laptop included. It worked before 9/11, it'll work even now.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
I also noted their "technical difficulties" with a dual-boot system
Surely an forensic analyst worthy of the job title knows enough to boot House's laptop from external media and copy the hard drive (byte-for-byte) onto analysis media. They should also know how to perform differential comparison against a stock install of the operating system(s) involved in order to determine what's installed, where, how, etc. before then moving on to data (documents, email, bookmarks, web browser cache, IM logs, etc.). None of this is hard -- just tedious. (Although automated tools do help quite a bit.)
So are they really so miserably incompetent? Well, maybe. They're certainly incompetent at lots of other related things (see GAO report referenced in TechDirt article earlier today).
Or...
Was House clever enough to encrypt files of interest or perhaps an entire disk/disk partition with something like TrueCrypt? And is the delay therefore not for the reasons stated but because they've been busy trying to break the encryption and haven't managed to do so? (Note in passing: this wouldn't stop them from copying the drive(s), though; they'd just end up with copies of the encrypted material.)
So I don't know. I was inclined at first to just chalk it up to incompetence, but after considering just whose laptop this is and why they wanted to get it, I have difficulty imagining that House left anything interesting unencrypted. And I'll bet the feds really really really want whatever's in there.
I hope he left them a nice cache of midget clown goat porn.
[ link to this | view in chronology ]
Re: I also noted their "technical difficulties" with a dual-boot system
[ link to this | view in chronology ]
Re: I also noted their "technical difficulties" with a dual-boot system
the feds are incompetent. they will catch no competent terrists
[ link to this | view in chronology ]
Re: I also noted their "technical difficulties" with a dual-boot system
[ link to this | view in chronology ]
Re: Re: I also noted their "technical difficulties" with a dual-boot system
Incidentally, Linux systems support a large number of different filesystems, some of which are intended for use with Linux, some of which are intended to provide cross-platform capability. I'd like to think (but maybe I'm overestimating their ability) that they'd be able to read any of the contemporary ones listed here: http://en.wikipedia.org/wiki/List_of_file_systems
[ link to this | view in chronology ]
Re: I also noted their "technical difficulties" with a dual-boot system
[ link to this | view in chronology ]
Re: Re: I also noted their "technical difficulties" with a dual-boot system
“Homeless Man Dies After Being Brutally Beaten by Five Fullerton Cops”, (July 29, 2011)
[ link to this | view in chronology ]
Re: Re: Re: I also noted their "technical difficulties" with a dual-boot system
That makes absolutely no sense!
[ link to this | view in chronology ]
Re: Re: I also noted their "technical difficulties" with a dual-boot system
[ link to this | view in chronology ]
Re: Re: Re: I also noted their "technical difficulties" with a dual-boot system
[ link to this | view in chronology ]
Re: Re: Re: I also noted their "technical difficulties" with a dual-boot system
Once the government has your hardware alone in their hot little hands for more than a few hours, then you've got to assume it's as compromised as a voting machine.
Voting machines are a very hard problem. At least with a laptop, you can just get a new one from some random store.
[ link to this | view in chronology ]
Re: Re: Re: I also noted their "technical difficulties" with a dual-boot system
[ link to this | view in chronology ]
Re: Re: I also noted their "technical difficulties" with a dual-boot system
Though if there is reasonable suspicion under the warrant that there is something to be found on the image you are analysing/investigating then the original evidence, ie: the physical laptop in this case, is kept in evidence under the chain of custody procedures. Mainly this is so if it goes to court you can show the actual physical item (so much easier for judges and juries to look at ;P ) and also that the other party has the oppurtunity to get their OWN independent analysis on the same item without trusting the mirror image the prosecution (in this case) took.
[ link to this | view in chronology ]
Re: Re: Re: I also noted their "technical difficulties" with a dual-boot system
You're thinking corporate security / police criminal investigation. Not national security investigation. Against target known to use strong crypto.
[ link to this | view in chronology ]
Re: I also noted their "technical difficulties" with a dual-boot system
Another way to put this is that ICE is practicing being childish. The drive is probably encrypted and they most likely are just doing that to be vindictive. Quite honestly, I just don't see any good reason for ICE to even exist.
[ link to this | view in chronology ]
Re: I also noted their "technical difficulties" with a dual-boot system
[ link to this | view in chronology ]
SOP
So it is routine to detain peoples devices?
[ link to this | view in chronology ]
Re: SOP
Oh! Look at what just happens to be crossing the border right now! What luck!
[ link to this | view in chronology ]
Re: Re: SOP
"Here you go, we are done investigating your suitcase-like device now. I know it took a while but Apple can be damn slow... I mean these investigations do take time. Thank you for your cooperation."
[ link to this | view in chronology ]
Title error
[ link to this | view in chronology ]
If for any reasons that border guards suspect that you are carrying something illegal with you, they have the rights to detain you, they have the rights to seize the item(s) in question, and they have the rights in investigate.
When you bring a laptop over the border, you are presenting yourself at the border with the laptop and all that is on it. It is pretty much on par with showing up with boxes and boxes of paper with all of the same information printing. The border guards have the right to inspect every piece of paper you are bringing over the border, so why would they not have the right to check your laptop?
It is, at best, disingenuous and, at worst, dishonest to suggest that the border guards do not have the right to inspect anything and everything coming into the country. Oh yes, btw, they can (and do) check cell phones as well.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
Ah, there's the BIG IF. IF they suspect anything, they can do the searches and the detentions. They can't just go around and bother every citizen with idiotic searches, and there should be BIG penalties for doing so.
Last I checked, the US is a democracy, and you don't treat your citizens as criminals in a democracy. Or maybe it's time to admit that it isn't so anymore?
[ link to this | view in chronology ]
Re: Re:
US customs is one of those areas where your rights are fairly limited because until you clear customs, you are not "landed" in the US. This is particularly true of any goods of chattel that you happen to have with you. Until inspected, the border agency has the right to refuse it entry.
The "if" is very, very, very small. The if can be your shifty demeanour, lack of a good response to a question, or even admitting to dealing with people who are under law enforcement surveillance. If you go out of the country and meet up with narco traffickers, example, you should expect that you might get a cavity search.
The border isn't like a street corner police stop. When you start learning not to apply those rules to a border crossing, the rest of it makes a whole lot more sense.
Considering the low number of Americans who have a passport, it isn't surprising that there is a whole lot of ignorance.
[ link to this | view in chronology ]
Re: Re: Re:
Case in point, what threat can anyone's bits be excepting to a repressive government?
[ link to this | view in chronology ]
Re: Re: Re:
And if border patrols persistently abuse their powers (as they clearly have here) expect the democracy to remove those powers - if it doesn't happen then you don't have a democracy.
[ link to this | view in chronology ]
Re: Re: Re: Border
> rights are fairly limited because until you
> clear customs, you are not "landed" in the US
Of course the they keep expanding the defintion of "the border" more and more to give themselves the authority to circumvent the Constitution anywhere they like.
If I recall correctly, "the border" is currently defined as being 150 miles inland from any international boundary.
That effectively makes the entire state of Florida a Constitution-free zone.
[ link to this | view in chronology ]
Re: Re: Democracy
I'm not sure when you checked, but the US has never been a democracy. It's a constitutional republic. Always has been.
[ link to this | view in chronology ]
Re: Re: Re: Democracy
FTFY
[ link to this | view in chronology ]
Re: Re: Re: Re: Democracy
You score 100% on ideological commitment, Това́рищ !
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re: Re: Re:
Government has a dire shortage of smart, talented computer security workers willing to be loyal and devoted to a system where people have no rights.
Fortunately, there are plenty of other folks happy to work for a system where the border guards take keen pleasure in "vindictive, extrajudicial punishment".
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Authority
> dishonest to suggest that the border guards
> do not have the right to inspect anything
> and everything coming into the country.
Point me to the Article and Section of the Constitution that says the Bill of Rights is suspended at the border.
Hint: it doesn't exist.
This 'border authority' is nothing but another one of those ever more frequent self-serving 'interpretations' of the Constitution by the government to justify not obeying a law which they find inconvenient and bothersome.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: When you bring something across the border, it is pretty much fair game.
And what about keeping the personal items 19 days beyond policy and saying "we're under-staffed". We, as citizens don't have to accept the behavior. This is like sentencing someone to one year in jail and keeping them 18 months because "there weren't enough guards to open the cell door". So, again, your assertion is reasonable, if we accept the premise that federal agents can invade your privacy for one reason and pretend they are doing it for another.
[ link to this | view in chronology ]
Makes one wonder how they would handle virtualization. I have more than half-dozen different virtual systems on my mac, mainly different linux distros, FreeBSD and a couple of windows versions. And now that Apple's Lion license allows for virtual installs, I could really mess with the DHS geniuses and have OS "Inception" for them to unwind.
[ link to this | view in chronology ]
Re:
I imagine a lot of swearing and a little crying
[ link to this | view in chronology ]
Physical searches make sense if your already spying...
At which point, the NSA has it.
I know this isn't the point of this particular topic, but Mike keeps rolling out the 'this makes no sense' argument. With the NSA tapping the cables, physical searches make sense (to the feds, at least).
[ link to this | view in chronology ]
Re: Physical searches make sense if your already spying...
Encryption doesn't exist in your world? =P
[ link to this | view in chronology ]
Re: Re: Physical searches make sense if your already spying...
[ link to this | view in chronology ]
LOL, so what's the point?
I mean, obviously if THIS was a problem for them - then the possibility of hidden data being found is pretty much Zero.
But again, if you have data you don't want found on your laptop - put it on a flash drive and put it in the mail.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Friends of anyone suspicious are automatically suspect
See: McCarthy.
[ link to this | view in chronology ]
Rules
(*) Put some soft-core pr0n on the factory disk drive, so no-one gets too suspicious.
2. Do NOT ever devise your own encryptation algorithm. You are not a cryptographer (**). Use only carefully scrutinized implementations of well-regarded algorithms.
(**) If you are a cryptographer, then this only applies to operational use. And you know why.
3. ALWAYS generate your own random numbers.
[ link to this | view in chronology ]
Re: Rules
[ link to this | view in chronology ]
Re: Re: Rules
But if you're good with a soldering iron, building your own random number generator may still compare favorably with commercially-available hardware.
[ link to this | view in chronology ]
Re: Re: Re: Rules
[ link to this | view in chronology ]
Re: Re: Re: Re: Rules
http://dilbert.com/strips/comic/2001-10-25/
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Rules
Is Dilbert loyal to the Pointy-Haired Boss?
Is Dogbert taking payoffs from Elbonia?
Is Catbert likely to cover up for the Fullerton cops ?
[ link to this | view in chronology ]
Re: Rules
[ link to this | view in chronology ]
Re: Re: Rules
[ link to this | view in chronology ]
Re: Re: Re: Rules
[ link to this | view in chronology ]
Re: Re: Re: Rules
[ link to this | view in chronology ]
Welcome to the Cloud
Nothing is stored on it, but when they boot it up and you checked "remember password" should they get to search all your data that isn't even "on" the laptop as you crossed the boarder?
I bet I know their answer...
[ link to this | view in chronology ]
Re: Welcome to the Cloud
If not, then a border inspection is the least of your problems.
[ link to this | view in chronology ]
What they don't have the right to do, and what needs more emphasis here, is keep the laptop and send it away for forensic analysis: unless they first found something there locally and in a reasonable time frame that now justifies further seizure.
[ link to this | view in chronology ]
Re:
They should make a copy of the drive deleting any data they believe suspicious and return to you the edited drive. If they do not find anything illegal they should then return to you the original drive.
[ link to this | view in chronology ]
Note that the constitution does not grant rights, it enumerates and protects rights that exist independantly from the government and limits what the government is allowed to do.
[ link to this | view in chronology ]
Re:
That, and $2.25 will get you a cafe latte.
“Thomas, citing witnesses, said officers hit his son with the butts of flashlights even after he stopped moving.” —LA Times
[ link to this | view in chronology ]
We must work hard next election to vote out of office the dems and reps and then maybe we can begin to take our country back from the growing 1984 occurring.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
This actually means doing business with the USA almost by default increases the TCO of a laptop since you need to by a spare in the event the first one gets confiscated. But at the same time since you can't afford to lose your data to ICEbaby you'll keep everything in the "cloud" and make do with a cheapo laptop anyway lowering your TCO of a laptop.
America is a very confusing place to be. It's better to stay at home.
[ link to this | view in chronology ]
Searches
The question becomes, what exactly were they expecting to find on that laptop? Did they think he was bringing in a prohibited item? If not, they had no business searching it.
The simple fact that they get to search, does not mean that they get to search everything for any reason. If a cop is patting you down for his own safety, that's a legal search. But that doesn't mean he then gets to go through your wallet. Similar situation here - they are guarding the border and therefore get to search. But ONLY for things illegally being taken over the border.
[ link to this | view in chronology ]
Something we very much want to avoid is having the federal security apparatus become the equivalent of societal Lupus. I think if a lot of us start using this analogy in other places it could become a meme and perhaps lead to some sanity.
Another point about seizing computer equipment. we want to use computers an an extension of our minds. That is their power. But then encryption and freedom from searching becomes an extension of the right to remain silent. Unfortunately the average Joe does not view the right to remain silent as important for anyone but criminals. But anyway, taking someone's computer and searching it is similar to having a brain scan technology - which is why they like to do it. I think the average Joe would appreciate that analogy.
[ link to this | view in chronology ]