FBI Appears To Have Collected Tormail's Entire Email Database... And It's Using It

from the collect-it-all dept

We've mentioned in the past that, for all the focus on the NSA lately, the FBI may be equally, if not more, worrisome for its willingness to collect tons of data on everyone and use it. Back in August, it became pretty clear that the FBI had compromised the Tor Browser Bundle, and had effectively taken over Freedom Hosting -- a popular hosting provider for dark web tor sites -- in order to push out malware that identified Tor users. A month later, it was confirmed that it was the FBI behind the effort, which led to the closing of Freedom Hosting.

Now there are new reports, suggesting that along with Freedom Hosting, the FBI was able to get the full database of emails on TorMail, a popular tor-based email service that used Freedom Hosting and was shut down at the same time Freedom Hosting went down. The reports point to a new lawsuit, in which the FBI was able to get a search warrant to search TorMail using its own copy of the database -- which it clearly had obtained at an earlier date. This basically means that the FBI has a pretty easy time searching all those emails if it needs to:
The tactic suggests the FBI is adapting to the age of big-data with an NSA-style collect-everything approach, gathering information into a virtual lock box, and leaving it there until it can obtain specific authority to tap it later. There’s no indication that the FBI searched the trove for incriminating evidence before getting a warrant. But now that it has a copy of TorMail’s servers, the bureau can execute endless search warrants on a mail service that once boasted of being immune to spying.
This again highlights one of the problems of the "collect it all" approach. Rather than merely targeting a specific individual or group, the FBI now has all of those emails sitting in a database. Even if it's getting a warrant to search, it's now searching its own database, rather than having to go out to get the information from others who might challenge the requests.
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: email, fbi, nsa, searches, surveillance, tor, tormail, warrants


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • icon
    That One Guy (profile), 28 Jan 2014 @ 4:20am

    That must have been an interesting court session...

    FBI: Your Honor, we'd like to apply for a search warrant to search through X, Y, and Z email addresses.

    Judge: What cause and evidence do you have to believe that the listed email addresses contain incriminating evidence?

    FBI: Oh we already have, and have looked through, the email addresses, now we just need an after-the-fact warrant so we can legally search through and use the emails as evidence in court.

    Judge: That seems off for some reason, but my favorite show is on in half an hour, and it's getting close to lunch, so warrant granted.

    link to this | view in chronology ]

    • icon
      Anonymous Howard (profile), 28 Jan 2014 @ 6:21am

      Re:

      Wouldn't copying the whole database "in secret" compromise it's value as evidence? After all, if they could download it, they could have modified it too just as easily.

      link to this | view in chronology ]

      • icon
        That One Guy (profile), 28 Jan 2014 @ 6:49am

        Re: Re:

        You'd think so, but the courts these days are a complete and utter joke when it comes to that whole 'justice' thing, letting government agencies do pretty much whatever they want.

        link to this | view in chronology ]

        • identicon
          Anonymous Coward, 28 Jan 2014 @ 8:42am

          Re: Re: Re:

          yes, damn courts, why don't they just let the criminals do what they want!!!

          link to this | view in chronology ]

          • identicon
            Baron von Robber, 28 Jan 2014 @ 9:08am

            Re: Re: Re: Re:

            That's right! They should arrest the criminal cops asap!

            link to this | view in chronology ]

          • identicon
            Anonymous Coward, 28 Jan 2014 @ 2:52pm

            Re: Re: Re: Re:

            That is the issue, the courts are letting the criminals do what they want.

            The sad part is that it is the government that are the criminals in this instance

            link to this | view in chronology ]

        • identicon
          Anonymous Coward, 28 Jan 2014 @ 1:56pm

          Re: Re: Re:

          You forget though. The courts seem to buy the Feinstein's arguments that these agencies are "professional" though which of course would preclude them from modifying them though. Wait until some Mafia guy is on trial for some crime and the government wants to claim that they tampered with evidence.

          Defense lawyer: "Your honor, my client couldn't have tampered with that evidence because he after all is a professional at this sort of thing."

          Judge: "Seems reasonable to me."

          link to this | view in chronology ]

      • icon
        ottermaton (profile), 28 Jan 2014 @ 9:22am

        Re: Re:

        Silly rabbit. They would never do that because they are professionals

        link to this | view in chronology ]

      • icon
        J. Edgar Hoover (profile), 28 Jan 2014 @ 9:33am

        Re: Re: "copying the whole database "in secret" compromise it's value as evidence?..."

        Plebians, pleaseeee!

        The Value of the Evidence Against You would only be compromised If you were not guilty! GUILTY! GUILTY!


        from the grave...

        link to this | view in chronology ]

      • icon
        Bergman (profile), 28 Jan 2014 @ 9:55am

        Re: Re:

        Yeah, but bear in mind those are the same courts who have no problems with the FBI refusing to use audio recorders, and have a person taking hand-written notes during interviews and interrogations.

        If those hand-written notes disagree with what a suspect claims he said, the most common result is perjury or lying to a federal agent charges for the suspect.

        link to this | view in chronology ]

    • identicon
      Anonymous Coward, 28 Jan 2014 @ 6:24am

      Re:

      I think that's exactly what they're doing, too. They look first, then ask for the warrant because they have "probable cause", since they already know what's in there.

      link to this | view in chronology ]

  • icon
    Ninja (profile), 28 Jan 2014 @ 5:42am

    Please correct me if I'm wrong but if the servers weren't in the US this could have been avoided? Or was it a blunder from the services that allowed the FBI to download the entirety of the database? Or is it the same issue Lavabit faced but they closed way too late?

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 28 Jan 2014 @ 5:52am

      Re:

      As far as I know the servers were in France, so how the database ended up in US hands is an interesting question.

      link to this | view in chronology ]

  • identicon
    Anonymous Coward, 28 Jan 2014 @ 5:44am

    So it's only bad when other people do it?

    Hypocritial villains.

    link to this | view in chronology ]

  • icon
    TiagoTiago (profile), 28 Jan 2014 @ 6:02am

    They stored the emails and account data as plain text in the server?

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 28 Jan 2014 @ 8:47am

      Re:

      "They stored the emails and account data as plain text in the server?"

      probably, criminals are not the smartest group around!

      link to this | view in chronology ]

  • icon
    krolork (profile), 28 Jan 2014 @ 6:15am

    We need a revolution.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 28 Jan 2014 @ 6:37am

    So, It Doesn't Count Until...

    So, it doesn't count until you look at it? Just downloading it doesn't count? Like downloading a copyrighted movie doesn't count until you watch it?

    link to this | view in chronology ]

    • identicon
      PRMan, 28 Jan 2014 @ 8:53am

      Re: So, It Doesn't Count Until...

      Actually, downloading copyrighted material doesn't count until you upload it.

      link to this | view in chronology ]

      • identicon
        PRMan, 28 Jan 2014 @ 8:54am

        Re: Re: So, It Doesn't Count Until...

        BTW, IANAL and, more specifically, IANYL.

        link to this | view in chronology ]

        • icon
          Killer_Tofu (profile), 28 Jan 2014 @ 9:07am

          Re: Re: Re: So, It Doesn't Count Until...

          BTW, IANAL

          Well, as a PRMan that skill could probably come in handy, but that is not what we are here to discuss.

          link to this | view in chronology ]

  • icon
    Coyne Tibbets (profile), 28 Jan 2014 @ 7:02am

    Punishment by association

    The FBI employs punishment by association. They have previously shut down and copied for evidence entire ISP data centers because one domain was suspected of doing something illegal. (FBI shuts down entire ISP to investigate one customer (2004), FBI Raids Dallas Internet Service Provider Core IP (2009))

    It's the equivalent of razing an entire village because one enemy soldier is suspected to be living within it.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 28 Jan 2014 @ 7:17am

    The federal government has forgotten one very important thing in their quest to protect America from the perceived threats of the world, the Bill of Rights is the foundation which this country is built upon. It's creation is what persuaded the states to ratify the constitution. Ignoring it is like voiding a contract, in essence, voiding America. If our elected officials do not reign in these out of control rogue federal agencies, it may be time to take this to the state level and begin looking a succession as an option.

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 28 Jan 2014 @ 7:34am

      Re:

      GOVERNMENT: Bill Rights? Who's he?

      JUDGE: Um, that guy? Y'know, the one you're supposed to uphold?

      GOVERNMENT: Oh, sorry, we killed him in a lobbied "accident".

      JUDGE: Very well, carry on.

      PUBLIC: OBJECTION! This isn't right! This is Tyranny!

      JUDGE: But they have the paperwork and the finances. So there's nothing I can do.

      *GOVERNMENT hands JUDGE a set of Photoshopped pictures*
      GOVERNMENT: There you go, as agreed.

      link to this | view in chronology ]

  • identicon
    Anonymous Coward, 28 Jan 2014 @ 7:21am

    Sounds like Tormail service was either using server-side encryption, or no encryption at all. If Tormail would have used client-side encryption and those emails were uploaded to the Tormail database, then all the FBI would be looking at is a bunch of encrypted data which they'd have no keys to.

    Up your encryption game, people!

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 28 Jan 2014 @ 3:44pm

      Re:

      Except that the encryption standards have been compromised by the US govenment.

      link to this | view in chronology ]

      • identicon
        SumYungGuu, 28 Jan 2014 @ 6:41pm

        Re: Re:

        I wonder if the FBI will focus on the undoubtedly massive trove of Goldman Sachs (and the rest of Wall Street)emails containing descriptions of all their scams? Seriously, Wall Street thugs definitely used TorMail and the like to cover up their shenanigans.

        link to this | view in chronology ]

    • identicon
      Jones, 2 Feb 2014 @ 7:15am

      Re: Tor

      or was setup by the Feds. It was a honey trap from the beginning.

      link to this | view in chronology ]

  • identicon
    Rekrul, 28 Jan 2014 @ 2:52pm

    If the FBI was distributing malware, can't we charge them under the CFAA?

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 28 Jan 2014 @ 4:54pm

    darryl just hates it when due process is enforced.

    link to this | view in chronology ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.