Australian Law Enforcement Hacked US Users' Computers During Child Porn Investigation

from the everyone-just-hacking-everyone-these-days dept

Thanks to the internet, more law enforcement agencies are exceeding jurisdictional limitations than ever before. The FBI's Network Investigative Technique (NIT) -- deployed during a child porn investigation to strip Tor users of their anonymity -- travelled all over the United States and the world beyond. IP addresses and computer information harvested by the FBI were turned over to Europol and details obtained by Motherboard suggested at least 50 computers in Austria alone had been compromised by the FBI's hacking.

Rule 41 imposes jurisdictional limitations on the FBI's hacking attempts -- something the DOJ is trying (and succeeding, so far) to have changed. But the hacking goes both ways. Not only does the FBI go cruising past US borders while tracking down Tor users accessing seized child porn servers, but law enforcement agencies in other countries are doing the same thing -- and raising the same questions.

Australian authorities hacked Tor users in the US as part of a child pornography investigation, Motherboard has learned.

[...]

In one case, Australian authorities remotely hacked a computer in Michigan to obtain the suspect’s IP address.

“I think that's problematic, because they've got no jurisdiction,” Greg Barns, an Australian barrister who practices criminal and human rights law who's also a former national president of the Australian Lawyers Alliance, told Motherboard in a phone call.

It might be problematic, but no one seems all that interested in doing anything about it. No defendants garner less sympathy than those viewing child pornography, and law enforcement partnerships fighting the problem span the globe. No law enforcement agency is going to turn down child porn tips from another agency -- no matter where that agency is located or how it obtained this information.

The issues raised by these extraterritorial searches are likely to only be addressed (inconsistently) by local courts. Legislators aren't interested in restricting the pursuit of child pornographers, and as long as cases are handled locally and setting aside any chances of extradition demands, there's really no compelling reason for them to head off these abuses before they get worse.

The technique deployed by Australian law enforcement does raise a few questions of its own, though. It appears the agency deployed a phishing attack that prompted recipients to click a malicious link that phoned home with user info. The link, though, turned the agency into an actual distributor of child porn, rather than the more passive technique the FBI used when it took over hosting duties for a few weeks after seizing a child porn site's server.

Details on how exactly this was achieved are limited, but according to a court document from another case, “When a user clicked on that hyperlink, the user was advised that the user was attempting to open a video file from an external website. If the user chose to open the file, a video file containing images of child pornography began to play, and the FLA [foreign law enforcement agency] captured and recorded the IP address of the user accessing the file.”

The file was configured in such a way as to route the target’s traffic outside of the Tor network, the document explains.

Seems like a somewhat dubious use of law enforcement resources, but considering undercover officers are able to distribute other contraband (like drugs) in sting operations, it's likely this child porn distribution will be viewed as a lawful part of the agency's investigation.

Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: australia, child porn, hacking, malware, nit


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • identicon
    Anonymous Coward, 19 Aug 2016 @ 11:52am

    This is getting serious!

    You can 100% bet that innocent people are being falsely accused over CP charges.

    Just wait until fucks like Erdogan figure out he can silence all of this critics by hiring a bunch of black hats to store CP on citizens in foreign countries machines.

    If you believe this has not yet happened... go put your fucking head back in the sand so you can take you daily governmental fucking up the ass.

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 19 Aug 2016 @ 2:33pm

      Re: This is getting serious!

      You can 100% bet that innocent people are being falsely accused over CP charges.

      Was there ever any doubt?

      link to this | view in chronology ]

    • icon
      Bergman (profile), 20 Aug 2016 @ 12:05pm

      Re: This is getting serious!

      I wonder how many of those people the Australians 'caught' clicked on the link knowing what it led to -- and how many clicked on a 'free stuff' or 'cute kittens' link?

      After all, it's impossible for the accused to prove what link they meant to click on, and we only have the word of an anti-pedophile taskforce that those links said anything at all.

      link to this | view in chronology ]

  • identicon
    Anonymous Coward, 19 Aug 2016 @ 12:09pm

    As is the case in all aspects of life, nothing is going to change until someone important with clout is effected.

    And hopefully not TOO important with TOO much clout or the bombs will start dropping.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 19 Aug 2016 @ 12:27pm

    made up krimes with made up victims...

    evidently are 'okay': the feebs and local drug parasites, er, warriors provide the means, motive and opportunity to entrap the marginally retarded in a non-krime with no victims and no actual drugs or money, but because the lying pigs *say* they told some stupid, desperate dingleberry that there was a COMPLETELY MYTHICAL amount of drugs/money in a mythical drug stash house, those poor saps are convicted of non-crimes withno victims or drugs involved...
    um, how much further down the rabbit hole can we fall ?

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 19 Aug 2016 @ 12:35pm

      Re: made up krimes with made up victims...

      That is the problem.

      We are already at the bottom.

      The police can accuse you of anything, murder you, or arrest you for resisting arrest and get the fuck away with it.

      What does it matter that any additional problems can befall you at that point? This is already enough to destroy lives and families entirely... who gives a fuck if it can get worse, we need relief!

      link to this | view in chronology ]

      • icon
        Machin Shin (profile), 19 Aug 2016 @ 1:22pm

        Re: Re: made up krimes with made up victims...

        Being arrested for resisting arrest is one of the things I really can't understand. This seems to keep happening and I don't get how it hasn't been fixed.

        Any officer bringing someone into a station where the only charge they have is "They resisted arrest" should be fired on the spot. If they were being arrested for something else and then resisted, then fine. If you can't think of a real reason why they were being arrested though....

        link to this | view in chronology ]

        • icon
          That One Guy (profile), 19 Aug 2016 @ 1:44pm

          Re: Re: Re: made up krimes with made up victims...

          Replace 'resisting arrest' with 'contempt of cop' and it makes a lot more sense. In cases like that the 'crime' isn't that you tried to resist arrest, it's that you didn't show them the 'respect' that they so clearly wanted and deserved, and as such need to be punished.

          As for why it hasn't been fixed? Well the police obviously aren't going to object to something that let's them throw their weight around and punish those that don't 'respect' them enough, and most courts and judges bend over backwards to give the police anything and everything they want, because clearly they're the good guys and by definition can't do anything wrong.

          link to this | view in chronology ]

        • icon
          Roger Strong (profile), 19 Aug 2016 @ 3:14pm

          Re: Re: Re: made up krimes with made up victims...

          Being arrested doesn't necessarily mean that you'll be charged. You could be released without charges pending an investigation or a decision from someone higher up.

          Here in Canada folks protesters are occasionally arrested for trespassing when occupying a government or corporate office. They can cooperate with police, or they can go completely limp and be dragged away. Neither is resisting arrest. But the slightest amount of resistance is a different matter.

          Usually some government or corporate official, to reduce bad publicity, will announce that they're not pressing trespassing charges.

          But some protesters find themselves facing "resisting arrest" charges regardless. That its the only charge they face doesn't mean that there wasn't a real reason for the arrest.

          link to this | view in chronology ]

          • identicon
            Kronomex, 19 Aug 2016 @ 4:25pm

            Re: Re: Re: Re: made up krimes with made up victims...

            The problem is that simply "being arrested" tars you with the C. P. brush and could have a detrimental effect on you for the rest of your life. There will always be the suspicion hovering over you and who is to say that it won't eat at you for so long that you might only see one way out. What happens when friends, relatives, etc find out? Your first sentence is not well thought out.

            link to this | view in chronology ]

        • icon
          Padpaw (profile), 19 Aug 2016 @ 4:04pm

          Re: Re: Re: made up krimes with made up victims...

          a police state tyranny is the goal of whoever is running the scenes behind america

          link to this | view in chronology ]

    • icon
      Padpaw (profile), 19 Aug 2016 @ 4:04pm

      Re: made up krimes with made up victims...

      until we hit violent revolution or mass genocide. they tend to go hand in hand.

      link to this | view in chronology ]

  • icon
    Padpaw (profile), 19 Aug 2016 @ 3:49pm

    It is not about child porn, that's just being used as an excuse.

    This is meant to set precedent for hacking info on people they just don't like be it political, protesting, environmental, personal grudges etc.

    link to this | view in chronology ]

  • identicon
    bob, 19 Aug 2016 @ 3:56pm

    government just needs to obey harder!

    I guess governments just decided that if you can't beat the crooks, join them.

    The only thing that did separate the two was a moral high ground. I agree that police should be allowed to do sting operations with child pornography (just like other contraband), but it needs to follow the rules and laws as well as preserve evidence chains or you are just like the criminals and should be imprisoned.

    link to this | view in chronology ]

  • identicon
    Papa Fox, 19 Aug 2016 @ 5:28pm

    No hacking, just good police work

    Just a few facts...

    1. Queensland Police arrested an Australian man who operated a child porn server, gaining control of the server
    2. They moved the server so that it was physically located within Queensland
    3. The server was modified such that to download child porn, the server would email a link to the video
    4. If a perp opened the email and clicked on a link while *not* using TOR, their IP address was visible. A unique cookie was set as well. The email contained a link to real child porn.

    So, no 'hacking' took place. No software was installed/modified on the target computer. If the suspect was located outside of Queensland, then the arrest and analysis of the computers was carried out by the appropriate local police - in USA it appears to be the FBI.

    So, no hacking took place, just good police work. To be accused through this QP operation, a suspect had to have (a) a matching email address and an IP address matching the one used to download child porn; (b) the unique cookie installed during the download; and (c) probably one or more pieces of child porn on the computer.

    link to this | view in chronology ]

    • icon
      John Fenderson (profile), 19 Aug 2016 @ 7:40pm

      Re: No hacking, just good police work

      That is "hacking" by all traditional definitions. I think what you meant to say was that no malware was used or access controls bypassed.

      link to this | view in chronology ]

      • icon
        G Thompson (profile), 20 Aug 2016 @ 12:14am

        Re: Re: No hacking, just good police work

        No, hacking implies that the system was not in your control, and was taken over nefariously or by other non legal means, when in fact it was in the full legal control of the QLD police (with oversight from the Australian Federal Police in fact too).

        IF they obtained access to a server without the owners knowledge then that is 'hacking' whereas here the owner was fully aware since he gave up the server as part of the arrest with all access codes and other necessary knowledge to control and run the server. This was a honeypot structure pure and simple and under Australian law quite legal, no matter what American law might scream about in regards to problems with the 5th, 4th or even 1st amendment.

        link to this | view in chronology ]

        • icon
          John Fenderson (profile), 20 Aug 2016 @ 7:05am

          Re: Re: Re: No hacking, just good police work

          "No, hacking implies that the system was not in your control, and was taken over nefariously or by other non legal means"

          Yes, I am perfectly aware that this is what many people think "hacking" means now. I'm simply unwilling to stop fighting the battle against this corruption of the term. At least until we have a new term that can replace the traditional meaning of "hacking".

          Here's an excellent essay about the tradition meaning of the word: http://www.catb.org/jargon/html/meaning-of-hack.html

          link to this | view in chronology ]

  • icon
    That Anonymous Coward (profile), 20 Aug 2016 @ 12:40am

    First they hacked the terrorists, and I said nothing because I wasn't a terrorist.
    Then they hacked the protest groups, and I said nothing because I have privilege.
    Then they hacked their rivals, and I said nothing because I agreed with them.
    Then they hacked the pedophiles, and I said nothing because pedos are icky.
    Now they've hacked everyone everywhere, and I don't dare say anything lest I be whisked off to Reeducation Camp.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 20 Aug 2016 @ 3:02pm

    It's okay because children.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 23 Aug 2016 @ 12:16am

    terrorists rape children then frame them for child porn later

    link to this | view in chronology ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.