FBI Admits To Using Zero Day Exploits To Hack Into Computers

from the that-doesn't-make-you-safer dept

Thu, Dec 10th 2015 3:41pm — Mike Masnick

It's been widely suspected for ages that both the NSA and the FBI made use of so-called "zero-day" exploits to hack into computers. Leaks from a few years ago (which may or may not have come from Snowden) exposed just how massive the NSA's exploit operation was, and there have been plenty of stories of security companies selling exploits to the NSA, who would use them, rather than reveal them and get them patched -- thereby putting the public at risk. Last year, the President told the NSA to get better at revealing these zero day exploits to companies to patch, rather than hoarding them for their own use. Just about a month ago, the NSA proudly announced that it now discloses vulnerabilities 90% of the time -- but conveniently left out how long it uses them before disclosing them.

However, the FBI's use of zero day exploits has been much more of a black box. The FBI has a long history of using various hacking tools to break into computers, and the judicial system has been an ever obedient "overseer" in letting the FBI do damn close to whatever it pleases. But, now, for the first time, the FBI has publicly admitted to using zero day exploits. It comes out in a Washington Post profile of Amy Hess, who heads the Operational Technology Division (OTD) of the FBI.

The profile is pretty interesting, and there's lots of technical wizardry that I think most people would agree is good for the FBI to have for investigating crimes. But the surveillance aspects are pretty sketchy, as always. And here, Hess confesses to using zero days, though she insists that they're not really that useful:

Hess acknowledged that the bureau uses zero-days — the first time an official has done so. She said the trade-off is one the bureau wrestles with. “What is the greater good — to be able to identify a person who is threatening public safety?” Or to alert software makers to bugs that, if unpatched, could leave consumers vulnerable?

“How do we balance that?” she said. “That is a constant challenge for us.”

She added that hacking computers is not a favored FBI technique. “It’s frail,” she said. As soon as a tech firm updates its software, the tool vanishes. “It clearly is not reliable” in the way a traditional wiretap is, she said.

The other tidbit worth reading discusses just how well the FBI informs judges when seeking warrants to use some of its more esoteric spy equipment. The answer, not surprisingly, is that it looks like the FBI frequently misleads the judiciary into the specifics of what it's really doing.

Another group that remains shrouded is OTD’s Remote Operations Unit. There, technicians with a warrant hack computers to identify suspects. Euphemistically called “network investigative techniques,” that activity has stirred concerns similar to those raised with the use of StingRays.

For one thing, the warrant applications do not describe the technique’s use in detail. So judges may not really understand what they are authorizing. Hess said that agents can describe the process more fully to a judge in closed chambers. That’s if the judge knows to ask.

It's these kinds of things that are wide open to abuse -- and the FBI has a very long and very detailed history of abusing its powers.

Again, I think most people would agree that the FBI should have a strong technology team that is able to provide useful tools for criminal investigations. But there's a fine line between an investigation and illegal surveillance. And, at the same time, there's the issue of abusing exploits when they could be making the public safer by getting them patched.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: amy hess, exploits, fbi, hacking, odt, surveillance, zero days

28 Comments

If you liked this post, you may also be interested in...

Reader Comments

Subscribe: RSS

View by: Time | Thread

rw (profile), 10 Dec 2015 @ 2:10pm

What??? You EXPECT law enforcement to make the public SAFER?
[ link to this | view in chronology ]
- Wendy Cockcroft, 15 Dec 2015 @ 5:50am
  
  Re:
  They're too busy preventing crimes - most of which they appear to be making up themselves.
  [ link to this | view in chronology ]
That One Other Not So Random Guy, 10 Dec 2015 @ 4:18pm

"to be able to identify a person who is threatening public safety"
Um... except you have not produced one yet that was not of your own making. Pure bullshit.
[ link to this | view in chronology ]
Glenn, 10 Dec 2015 @ 4:28pm

Criminals will be criminals.
[ link to this | view in chronology ]
Anonymous Coward, 10 Dec 2015 @ 5:04pm

I don't really see what's so objectionable here. Targeted hacks of individuals with a warrant seems like the thing we should be rooting for. This is not mass surveillance.
[ link to this | view in chronology ]
- Anonymous Anonymous Coward, 10 Dec 2015 @ 5:18pm
  
  Re:
  Do you really think those zero days are distributed ONLY to the target of the warrant? How do the virus tracking companies find them if they are not widely distributed? What about all the other people who get infected with them?
  
  Now, if you have finally put your brain in gear, you might see what is so objectionable.
  [ link to this | view in chronology ]
  - Anonymous Coward, 10 Dec 2015 @ 5:40pm
    
    Re: Re:
    >How do the virus tracking companies find them if they are not widely distributed?
    
    You're thinking of a specific type malware, which may or may not take advantage of a zero day exploit.
    [ link to this | view in chronology ]
- That One Guy (profile), 10 Dec 2015 @ 8:41pm
  
  Re:
  What's objectionable is the method. By using zero-day vulnerabilities, rather than informing companies so that they can patch them, they leave many people vulnerable for the sake of gathering information on one. Kinda hard to argue that you're trying to protect the public when you're deliberately leaving a security flaw open like that just so you can use it.
  [ link to this | view in chronology ]
  - Median Wilfred, 11 Dec 2015 @ 8:23am
    
    Re: Re:
    The practice of keeping 0days secret is consistent with the whole "Confidential Informant" mindset. Law Enforcement often lets some of their snitches get away with literal murder in order to keep the snitchery flowing. Overall, we're all less safe, and more crime happens, but LE gets their rat info.
    [ link to this | view in chronology ]
- tqk (profile), 10 Dec 2015 @ 8:51pm
  
  Re:
  I don't really see what's so objectionable here.
  
  If you've got root on suspected bad guy's box, are you going to be looking into what he's done and what he's doing? With a warrant signed by a judge who understands the situation, great!
  
  Are you going to be planting evidence or manufacturing terrorist plots just to get suspected bad guy in jail (which is what the prosecutor is going to be screaming for)? Not so good, and in Chicago (among many other places) I'd expect the latter. Are judges knowledgable enough to demand full transcripts of the cops' actions and believable before and after listings of devices' contents and actions? Ha ha. Very funny.
  
  Who watches the watchers? We still care about chain of evidence and all that boring technical stuff, right?
  [ link to this | view in chronology ]
- Seegras (profile), 11 Dec 2015 @ 4:33am
  
  Re:
  So it's totally Ok to leave the public, administration, military, water treatment, electric grid, power plants, public transport, telcos, ISPs, and other critical infrastructure vulnerable, just so you can snoop on some alleged criminals?
  
  This is, from a security point of view, utter madness.
  [ link to this | view in chronology ]
  - Anonymous Coward, 11 Dec 2015 @ 8:08am
    
    Re: Re:
    Seegras is right about the madness.
    
    What's even more maddening is that some of these systems can be accessed outside the physical property in the first place. Remember Stuxnet? It was supposed to target a specific system but guess what? It got out into the wild and did a little more damage than intended.
    [ link to this | view in chronology ]
Anonymous Coward, 10 Dec 2015 @ 5:14pm

>it looks like the FBI frequently misleads the judiciary
That's a bold claim. Not that I would refuse to believe it, but the cited article doesn't give enough evidence to lead one to that conclusion, as the author states "So judges may not really understand what they are authorizing." Notice the word "may".

Objectivity and skepticism make the best TD articles, I hope we can avoid partisan assumptions.
[ link to this | view in chronology ]
- Anonymous Anonymous Coward, 10 Dec 2015 @ 5:37pm
  
  Re:
  Well there have been a number of incidents where the "FBI" has manufactured a case and brought a person that they manipulated into criminal acts, into court. Sometimes the "FBI" is straight forward with the judge and other times not. Because of that legacy it would be reasonable for every judge to not trust them again, or at least until they have a very long track record of not fudging the truth.
  [ link to this | view in chronology ]
  - Anonymous Coward, 10 Dec 2015 @ 5:45pm
    
    Re: Re:
    >it would be reasonable for every judge to not trust them again
    
    Absolutely. Which is why the roles of Judges and warrants are so important.
    [ link to this | view in chronology ]
Anonymous Coward, 10 Dec 2015 @ 7:27pm

Hey guys, welcome to America, the only thing we like less than a thief is a liar, because a liar steals the truth. Now for the DOJ.
[ link to this | view in chronology ]
Anonymous Coward, 10 Dec 2015 @ 9:15pm

"I love this sort of story because it plays out as "let's ignore the criminal acts because we like the end result"." - said Whatever, never.
[ link to this | view in chronology ]
- Anonymous Coward, 11 Dec 2015 @ 3:14am
  
  Re:
  Pretty much. Whatever will ignore the criminal acts of the government regardless of what the end result is, because he thinks he'll never be affected.
  [ link to this | view in chronology ]
fitzd34 (profile), 10 Dec 2015 @ 9:15pm

FBI Admits To Using Zero Day Exploits
"FBI Admits To Using Zero Day Exploits To Hack Into Computers"

Well .. DOH! .. What was the name of the Desktop operating these exploits ran on?
[ link to this | view in chronology ]
Anonymous Coward, 11 Dec 2015 @ 12:05am

didn`t this kid EDWARD SNOWDEN leaked this information like
3 years ago?
[ link to this | view in chronology ]
Anonymous Coward, 11 Dec 2015 @ 12:06am

CAN the FBI plant evidence using this approach?

YES!

HAVE they planted evidence using this approach?

that is CLASSIFIED™
[ link to this | view in chronology ]
Anonymous Coward, 11 Dec 2015 @ 7:18am

could we not just merge the fbi and cia they seem to be doing a lot of overlap and most of that appears to be illegal and treasonus.
[ link to this | view in chronology ]
Anonymous Coward, 11 Dec 2015 @ 8:39am

FBI are clearly the bad guys.
[ link to this | view in chronology ]
Anonymous Coward, 11 Dec 2015 @ 11:54am

Military: Sometimes you have to destroy a village to save it.
Seems to be the FBI's attitude as well.
[ link to this | view in chronology ]
@b, 11 Dec 2015 @ 12:02pm

Seegras nails it.

Your government keepa hiding the fact that a comet is hurtling towards planet earth, because Agents keeps deciding the United State wants their federal agency digging up potentially useful potential dirt on potential bad guys instead of telling the world a discovered fact that's PLAINLY useful for good guys to be OPENLY told on Day Bloody Zero.

Agency nontransparency is as dangerous as US drone policy is unjust.

What's being done in secret is not being done in America's name. She is kept blind.
[ link to this | view in chronology ]
- Anonymous Coward, 11 Dec 2015 @ 12:26pm
  
  Re:
  What's being done in secret is not being done in America's name. She is kept blind.
  
  More like purposely looking the other way. Willful blindness is no excuse.
  [ link to this | view in chronology ]
Anonymous Coward, 11 Dec 2015 @ 12:47pm

The criminals of the modern age, worshipped by idiots
[ link to this | view in chronology ]
Dave Cortright (profile), 13 Dec 2015 @ 11:49am

Don't forget the hypocrisy of it all...
Isn't hacking into a computer system using a vulnerability like this a crime? I see all sorts of press releases of the FBI charging people for doing exactly this same thing. Heck, even lesser "hacking" crimes (like Aaron Schwartz) have triggered the wrath of the establishment.

I'm not sure this government is really by the people for the people anymore.
[ link to this | view in chronology ]