On Wed, May 22, 2013 at 10:07 AM, Mark Seiden <m...@seiden.com> wrote: > > On May 22, 2013, at 5:59 AM, Jacob Appelbaum <ja...@appelbaum.net> wrote: > >> James A. Donald: >>> >>> http://www.scmagazine.com/finfisher-command-and-control-hubs-turn-up-in-11-new-countries/article/291252/ >>> That governments attempt to spy on people is not evidence that they any >>> good at it. >> >> Of course. They are quite good at it. Their successes are well documented: >> >> https://citizenlab.org/2012/10/backdoors-are-forever-hacking-team-and-the-targeting-of-dissent/ >> >> https://citizenlab.org/2013/03/you-only-click-twice-finfishers-global-proliferation-2/ > > also the very colorful > > http://epic.org/crypto/scarfo.html > > (this is all from memory, but… > > a keylogger was installed in a black bag job with a magistrate warrant (on > nicky scarfo jr, the son of an imprisoned mobster nicky scarfo sr) > accused of loan sharking and racketeering (as i recall). in a previous > search they had found a pgp encrypted spreadsheet and wanted the passphrase. > > the keylogger supposedly satisfied the minimization requirements (suppressing > logging when he used aol on a dialup…) (i really want to know > how that worked…) http://www.justice.gov/criminal/cybercrime/docs/ssmanual2009.pdf:
The Pen/Trap statute authorizes a government attorney to apply to a court for an order authorizing the installation of a pen register and/or trap and trace device if “the information likely to be obtained is relevant to an ongoing criminal investigation.” and The government must also use “technology reasonably available to it” to avoid recording or decoding the contents of any wire or electronic communications. 18 U.S.C. § 3121(c). When there is no way to avoid the inadvertent collection of content through the use of reasonably available technology, DOJ policy requires that the government may not use any inadvertently collected content in its investigation. However, a few courts have gone beyond the statute’s requirement that the government use technology reasonable available to it to avoid collecting content. Citing the exclusion of contents from the definitions of pen register and trap and trace device, these courts have stated or implied that the government cannot use pen/trap devices that might collect any content at all. ... > they didn't get the passphrase during the first term of the first warrant > (couple months, as i recall.) not much of a loanshark, doesn't update > his books in a couple months, hm… then they renewed the warrant… and > finally got him typing the passphrase…. > which was his father's federal prison number. duh. http://www.justice.gov/criminal/cybercrime/docs/ssmanual2009.pdf: A pen/trap order may authorize the installation and use of a pen/trap device for up to sixty days and may be extended for additional sixty-day periods. See 18 U.S.C. § 3123(c). and At least one court has adopted the severe position that suppression is appropriate when the government fails to comply with court-imposed limits on the time period for reviewing seized computers. In United States v. Brunette, 76 F. Supp. 2d 30 (D. Me. 1999), a magistrate judge permitted agents to seize the computers of a child pornography suspect on the condition that the agents searched through the computers for evidence “within 30 days.” The agents executed the search five days later and seized several computers. A few days before the thirty-day period elapsed, the government applied for and obtained a thirty-day extension of the time for review. The agents then reviewed all but one of the seized computers within the thirty-day extension period, and found hundreds of images of child pornography. However, the agents did not begin reviewing the last of the computers until two days after the extension period had elapsed. The defendant moved for suppression of the child pornography images found in the last computer, on the ground that the search outside of the sixty-day period violated the terms of the warrant and subsequent extension order. The court agreed, stating that “because the Government failed to adhere to the requirements of the search warrant and subsequent order, any evidence gathered from the . . . computer is suppressed.” Id.at 42. _______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography