{"id":18613,"date":"2017-03-10T13:12:18","date_gmt":"2017-03-10T17:12:18","guid":{"rendered":"https:\/\/cosmicconvergence.org\/?p=18613"},"modified":"2017-03-10T13:12:18","modified_gmt":"2017-03-10T17:12:18","slug":"pizzagate-the-feds-would-rather-drop-a-child-porn-case-than-give-up-a-tor-exploit","status":"publish","type":"post","link":"https:\/\/cosmicconvergence.org\/?p=18613","title":{"rendered":"#Pizzagate &#8211; THE FEDS WOULD RATHER DROP A CHILD PORN CASE THAN GIVE UP A TOR EXPLOIT"},"content":{"rendered":"<p><!--more--><a href=\"http:\/\/stateofthenation2012.com\/wp-content\/uploads\/2017\/03\/FBI-4x3-179312300.jpg\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-68221\" src=\"http:\/\/stateofthenation2012.com\/wp-content\/uploads\/2017\/03\/FBI-4x3-179312300.jpg\" width=\"650\" height=\"488\" \/><\/a><\/p>\n<p>LILY HAY NEWMAN<br \/>\nWired.com<\/p>\n<p><span class=\"lede\" tabindex=\"-1\">THE DEPARTMENT OF <\/span>Justice filed a motion in Washington State federal court on Friday to dismiss its indictment against a child porn site. It wasn\u2019t for lack of evidence; it was because the FBI didn\u2019t want to disclose details of a hacking tool to the defense as part of discovery. Evidence in <em>United States v. Jay Michaud<\/em> hinged at least in part on information federal investigators had gathered by exploiting a vulnerability in the <a href=\"http:\/\/www.wired.com\/tag\/tor\" target=\"_blank\">Tor<\/a> anonymity network.<\/p>\n<p>\u201cBecause the government remains unwilling to disclose certain discovery related to the FBI\u2019s deployment of a \u2018Network Investigative Technique\u2019 (\u2018NIT\u2019) as part of its investigation into the Playpen child pornography site, the government has no choice but to seek dismissal of the indictment,\u201d federal prosecutor Annette Hayes wrote in the court filing on Friday. She noted that the DoJ\u2019s work to resist disclosing the NIT was part of \u201can effort to balance the many competing interests that are at play when sensitive law enforcement technology becomes the subject of a request for criminal discovery.\u201d<\/p>\n<p>In other words, the feds are letting an alleged child pornographer free so that officials can potentially catch other dark-web using criminals in the future.<\/p>\n<h3>Open Tor<\/h3>\n<p>The feds have relied on the NIT, which is classified, for evidence in hundreds of other cases. Previously, though, the DOJ was able to overturn orders to reveal information about it, or sidestepped disclosure when a defendant pled guilty before trial. This marks only the second time that federal prosecutors dropped charges rather than expose a secret exploit.<\/p>\n<p>For years now, federal investigators have used hacking tools to <a href=\"http:\/\/www.wired.com\/2014\/12\/fbi-metasploit-tor\/\" target=\"_blank\">undermine the Tor anonymity network<\/a> and identify suspects attempting to conceal their identities and actions. These Tor exploits help federal law enforcement agencies investigate serious crimes, <a href=\"http:\/\/www.wired.com\/2015\/01\/department-justice-80-percent-tor-traffic-child-porn\/\" target=\"_blank\">particularly child porn rings<\/a> on the dark web, that would otherwise be difficult to prosecute. But the DOJ will apparently go to extreme lengths to protect the disclosure of those exploits, raising new questions about the boundaries of investigative hacking.<\/p>\n<p>In fact, <em>United States v. Jay Michaud<\/em> has turned out to be a sort of case study, at each legal stage, for how the government may treat NITs in the future. Federal investigators arrested school administrator Jay Michaud, of Vancouver, WA, in July 2015 for viewing child pornography. The DOJ built their case using a controversial warrant, and in November Congress expanded the DOJ\u2019s ability to get that <a href=\"http:\/\/www.wired.com\/2016\/09\/government-will-soon-able-legally-hack-anyone\/\" target=\"_blank\">type of warrant<\/a>. As the case progressed, Judge Robert J. Bryan suggested that the DOJ could use <a href=\"http:\/\/ia601907.us.archive.org\/14\/items\/gov.uscourts.wawd.218206\/gov.uscourts.wawd.218206.205.0.pdf\" target=\"_blank\">a protective order<\/a> to give relevant details about the NIT to Michaud\u2019s defense in a limited and controlled way. Bryan also noted that he did not have the technical expertise to evaluate any DoJ disclosure himself. The Justice Department refused to pursue a protective order, though, and ultimately opted to drop charges rather than reveal the secret to even a single person.<\/p>\n<h3>A Wider Net<\/h3>\n<p>The controversy in the case didn\u2019t end there, though. In May, Mozilla, the maker of the Firefox browser which Tor is also partly based on, <a href=\"http:\/\/blog.mozilla.org\/press\/files\/2016\/05\/Mozilla-Motion-to-Intervene-or-Appear-as-Amicus-Curiae-in-USA-vs-Jay-Michaud_5112016.pdf\" target=\"_blank\">filed a brief<\/a> asking that the government tell the company about the NIT if the vulnerability was present in Firefox, thereby endangering the browser\u2019s users. The concern about <a href=\"http:\/\/www.wired.com\/2016\/08\/shadow-brokers-mess-happens-nsa-hoards-zero-days\/\" target=\"_blank\">hoarding vulnerabilities<\/a>instead of disclosing them to be patched is that criminal hackers could find the flaws and maliciously exploit them while the government is keeping them secret for investigative purposes.<\/p>\n<p>\u201cMozilla has reason to believe that the exploit that was part of the complete NIT code that this Court ordered the Government to disclose to the defense involves a previously unknown and potentially still active vulnerability in its Firefox code base,\u201d Mozilla wrote in its May submission to the court. \u201cAbsent great care, the security of millions of individuals using Mozilla\u2019s Firefox Internet browser could be put at risk by a premature disclosure of this vulnerability.\u201d<\/p>\n<p>In <em>United States v. Jay Michaud<\/em> the indictment will be dismissed without prejudice, meaning that the DoJ can pick the case up again within the statute of limitations (<a href=\"http:\/\/www.law.cornell.edu\/uscode\/text\/18\/3282\" target=\"_blank\">five years<\/a> in this case) if it chooses. Federal investigators may be gambling that they can drop the case for now and pick it up again in a few years when technology has evolved, and the NIT has either been disclosed for other reasons or is no longer effective, says Riana Pfefferkorn, a cryptography fellow at the Stanford Law School Center for Internet and Society.<\/p>\n<p>\u201cIt\u2019s an interesting avenue to think about whether we might start seeing longer gaps between an alleged offense and an indictment if the government is trying to sort of run out the clock on the utility of its hacking methods.\u201d Pfefferkorn says.<\/p>\n<p>This approach also creates uncertainty for suspects, who are presumed innocent until proven guilty. Jay Michaud will have to wait five years knowing that the DoJ has a case against him, but unsure of whether it will ever pursue the prosecution again.<\/p>\n<p>The drastic measures to hide this exploit may indicate that this particular NIT isn\u2019t just used for domestic criminal cases, but national security investigations as well. \u201cOutside of terrorism-related prosecutions in the FISA context, I can\u2019t think of [situations] where the government uses some type of classified surveillance technique to go after regular domestic crimes\u2014it\u2019s pretty unprecedented,\u201d says Mark Rumold, a senior staff attorney at the digital rights group Electronic Frontier Foundation.<\/p>\n<p>The classified status is one of the many techniques DOJ has used to avoid disclosing the NIT, and the government seems to be using cases like <em>United States v. Jay Michaud<\/em> as a training ground to figure out how to keep hacking tools secret. All that\u2019s certain is that the feds have dropped a case against an alleged child pornographer, with some unknowable trade-off down the road.<\/p>\n<p>\u201cIt does seem to provide this moral hazard that if the government believes they can get away with it, that would seem to incentivize them to push the envelope,\u201d Pfefferkorn says. \u201cAnd my sense is that the government is continually pushing the envelope in what kind of surveillance it will ask courts to authorize.\u201d<\/p>\n<p>___<br \/>\n<a href=\"http:\/\/www.wired.com\/2017\/03\/feds-rather-drop-child-porn-case-give-exploit\/\">http:\/\/www.wired.com\/2017\/03\/feds-rather-drop-child-porn-case-give-exploit\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"iawp_total_views":2,"footnotes":""},"categories":[1],"tags":[],"class_list":["post-18613","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/cosmicconvergence.org\/index.php?rest_route=\/wp\/v2\/posts\/18613","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cosmicconvergence.org\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cosmicconvergence.org\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cosmicconvergence.org\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/cosmicconvergence.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=18613"}],"version-history":[{"count":0,"href":"https:\/\/cosmicconvergence.org\/index.php?rest_route=\/wp\/v2\/posts\/18613\/revisions"}],"wp:attachment":[{"href":"https:\/\/cosmicconvergence.org\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=18613"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cosmicconvergence.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=18613"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cosmicconvergence.org\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=18613"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}