Jump to content

FBI admits it uses hacker tools to investigate crimes

Mbarton

Is anyone here surprised? opinion goes here:I don't think its that surprising there doing this but doesn't change the fact i'm tired of the U,S pulling these stuns behind the scenes im hoping who ever gets elected, please don't turn into a political fight. Will stop these sorts of things from happening i think there are better ways to go about this kind of stuff.   --@Mbarton

 

42-55538840.jpg

 

 

If the FBI had to choose between telling you about a security hole on your computer or using it to snoop on bad guys, guess what? You'd be left open to hackers.

And apparently, that's been the case for a while.

The agency confirmed to The Washington Post on Wednesday that FBI agents use special hacking code to take advantage of known holes in software and further their investigations. They'll continue using these so-called zero-day exploits, but now there could be further scrutiny of the practice.

The exploits are controversial, and using them involves a trade-off that could end up making some members of the public less safe. So what exactly are these tools, and what does it mean that the FBI uses them?

Do you want to know a secret?

Zero-day exploits take advantage of flaws in common commercial software often used by the general public. To stay effective, the FBI has to use these exploits without telling the software manufacturers there's a problem with their products.

 

The flaws go unfixed then, leaving people vulnerable to hacks not just from law enforcement, but from cybercriminals as well.

"What is the greater good?" FBI official Amy Hess asked the Post. "To be able to identify a person who is threatening public safety?" Or to protect people from being hacked by patching software holes? Hess is the bureau's executive assistant director for science and technology.

Everybody else is doing it, so why can't we?

Zero-day exploits are hard to discover and expensive to buy, so experts say the hackers using them tend to be from organized crime rings or state-sponsored hacking groups.

Legitimate organizations can buy the exploits from security researchers who develop them based on flaws found in software, but it's a bit of a cloak-and-dagger affair, according to journalist Kim Zetter's book "Countdown to Zero Day." Security companies that have admitted to selling zero-day exploits to governments have suffered scorn from their peers in the cybersecurity industry.

Handing an exploit to a government buyer and letting the flaw remain unpatched leaves an opening for hackers to implant malicious software on computers. Such malware can collect banking information and create networks of hacked computers attackers can use on big targets like financial institutions and foreign governments.

Who else uses these exploits? Try the National Security Agency. It's not surprising, then, that the FBI also takes advantage of them. The difference is that the NSA is responsible for foreign spying, and the FBI investigates crime in the US, which means the government is hacking its own citizens.

Somebody's watching me

So the FBI's use of zero days is out in the open. What's next? Expect more discussion of what kinds of warrants the FBI should get to use the tools.

Privacy advocates warn that federal judges don't all understand the power of zero-day exploits, and so oversight on government hackers is too weak. It's the same argument that's arisen over the use of phony cell phone towers, often called Stingrays.

Police use Stingrays to collect all the phone numbers in a given area. A recent set of guidelines from the Department of Justice requires federal law enforcement to clear a higher bar to get permission from a judge to use Stingrays.

Andrew Crocker, an attorney at the Electronic Frontier Foundation, says the first step is finding out what the government's policy for using zero days is to begin with. He has sued to find out and has so far won a redacted version of the policy, which applies to the NSA as well as the FBI, he said. Nonetheless, he said the government might have a good reason for using a hacking tool.

"I don't think that we have ever said that they should never do this," Crocker said. Rather, he said it's about "making sure that this is being done in a way that makes sense from the public's point of view."

 

 

Source:http://www.cnet.com/news/fbi-admits-it-uses-hacker-tools-to-investigate-crimes/

I  have GameServer`s And VOIP servers the only price is that you have fun on them. 

Link to comment
Share on other sites

Link to post
Share on other sites

Oh don't worry the FBI and NSA do  WAY more than just that. They always listen to microphones of any devices (laptops, phones, tablets, desktops), Also they constantly see your cameras on these devices. 

 

Even if your out of battery they can still see it since there's always a secondary battery to power the camera and microphone. Lasts very very very very very very very long time. So don't bother trying to drain that battery.

Judge a product on its own merits AND the company that made it.

How to setup MSI Afterburner OSD | How to make your AMD Radeon GPU more efficient with Radeon Chill | (Probably) Why LMG Merch shipping to the EU is expensive

Oneplus 6 (Early 2023 to present) | HP Envy 15" x360 R7 5700U (Mid 2021 to present) | Steam Deck (Late 2022 to present)

 

Mid 2023 AlTech Desktop Refresh - AMD R7 5800X (Mid 2023), XFX Radeon RX 6700XT MBA (Mid 2021), MSI X370 Gaming Pro Carbon (Early 2018), 32GB DDR4-3200 (16GB x2) (Mid 2022

Noctua NH-D15 (Early 2021), Corsair MP510 1.92TB NVMe SSD (Mid 2020), beQuiet Pure Wings 2 140mm x2 & 120mm x1 (Mid 2023),

Link to comment
Share on other sites

Link to post
Share on other sites

Oh don't worry the FBI and NSA do  WAY more than just that. They always listen to microphones of any devices (laptops, phones, tablets, desktops), Also they constantly see your cameras on these devices. 

 

Even if your out of battery they can still see it since there's always a secondary battery to power the camera and microphone. Lasts very very very very very very very long time. So don't bother trying to drain that battery.

 

Holy shit the tinfoil hat is strong with you

 

I'm a tinfoil hat amateur myself, wanna grab a coffee in a remote zone inside a copper cage ?

Link to comment
Share on other sites

Link to post
Share on other sites

Oh don't worry the FBI and NSA do  WAY more than just that. They always listen to microphones of any devices (laptops, phones, tablets, desktops), Also they constantly see your cameras on these devices. 

 

Even if your out of battery they can still see it since there's always a secondary battery to power the camera and microphone. Lasts very very very very very very very long time. So don't bother trying to drain that battery.

lol

Link to comment
Share on other sites

Link to post
Share on other sites

uhhhmm lol  but doesn't everyone already supposed to know this?

 

They usually buy from third party companies though like Hacking Team is one the prominent companies where law enforcement agencies get their spyware etc.

 

edit:

just a snapshot from the table of known transactions with Hacking Team

1ec6ca82502916ebf1bebfa39d79634a.png

|CPU: Intel i7-5960X @ 4.4ghz|MoBo: Asus Rampage V|RAM: 64GB Corsair Dominator Platinum|GPU:2-way SLI Gigabyte G1 Gaming GTX 980's|SSD:512GB Samsung 850 pro|HDD: 2TB WD Black|PSU: Corsair AX1200i|COOLING: NZXT Kraken x61|SOUNDCARD: Creative SBX ZxR|  ^_^  Planned Bedroom Build: Red Phantom [quadro is stuck in customs, still trying to find a cheaper way to buy a highend xeon]

Link to comment
Share on other sites

Link to post
Share on other sites

Holy shit the tinfoil hat is strong with you

 

I'm a tinfoil hat amateur myself, wanna grab a coffee in a remote zone inside a copper cage ?

My computer science teacher told me about this a few weeks ago.

 

Also wanna hear a funny story? I one time had to go with my friend to replace a dead mobo and we took the train. This train had security cameras and my friend didn't realise. when i told him, he google cat photos on his phone and put his phone up against the cameras and laughed so hard.

Judge a product on its own merits AND the company that made it.

How to setup MSI Afterburner OSD | How to make your AMD Radeon GPU more efficient with Radeon Chill | (Probably) Why LMG Merch shipping to the EU is expensive

Oneplus 6 (Early 2023 to present) | HP Envy 15" x360 R7 5700U (Mid 2021 to present) | Steam Deck (Late 2022 to present)

 

Mid 2023 AlTech Desktop Refresh - AMD R7 5800X (Mid 2023), XFX Radeon RX 6700XT MBA (Mid 2021), MSI X370 Gaming Pro Carbon (Early 2018), 32GB DDR4-3200 (16GB x2) (Mid 2022

Noctua NH-D15 (Early 2021), Corsair MP510 1.92TB NVMe SSD (Mid 2020), beQuiet Pure Wings 2 140mm x2 & 120mm x1 (Mid 2023),

Link to comment
Share on other sites

Link to post
Share on other sites

@Mbarton

 

f07.jpg

Judge a product on its own merits AND the company that made it.

How to setup MSI Afterburner OSD | How to make your AMD Radeon GPU more efficient with Radeon Chill | (Probably) Why LMG Merch shipping to the EU is expensive

Oneplus 6 (Early 2023 to present) | HP Envy 15" x360 R7 5700U (Mid 2021 to present) | Steam Deck (Late 2022 to present)

 

Mid 2023 AlTech Desktop Refresh - AMD R7 5800X (Mid 2023), XFX Radeon RX 6700XT MBA (Mid 2021), MSI X370 Gaming Pro Carbon (Early 2018), 32GB DDR4-3200 (16GB x2) (Mid 2022

Noctua NH-D15 (Early 2021), Corsair MP510 1.92TB NVMe SSD (Mid 2020), beQuiet Pure Wings 2 140mm x2 & 120mm x1 (Mid 2023),

Link to comment
Share on other sites

Link to post
Share on other sites

Is anyone here surprised? --@Mbarton

 

 

<snipped references for clarity>

 

Not surprised, it seems obvious.

 

Considering they hire the people they have caught, or use them for consulting, etc.  It's hardly a surprise that those hackers would need their tools to do their job (or reduce their sentence, lol).  And they'll undoubtedly pass on their skillz to the FBI.  Hackers are generally not ideological zealots who would rather die than help the authorities, but given enough doritos and mountain dew, would probably work for almost anyone...

 

I did. ;)

Folding For Linus since July 2015

Link to comment
Share on other sites

Link to post
Share on other sites

@Mbarton

 

f07.jpg

Its a honor. i wanna thank Logon and Qain from Tek syndicate for making me this way. ^_^ lol

I  have GameServer`s And VOIP servers the only price is that you have fun on them. 

Link to comment
Share on other sites

Link to post
Share on other sites

"Everybody else is doing it, so why can't we?"

 

Omfg he did not just say that. SERIOUSLY? And this guy is getting paid? That is the excuse for hacking? Wow amazed by the stupidity on this one...

MacBook Pro 15' 2018 (Pretty much the only system I use)

Link to comment
Share on other sites

Link to post
Share on other sites

Please add an opinion to your post.

"It pays to keep an open mind, but not so open your brain falls out." - Carl Sagan.

"I can explain it to you, but I can't understand it for you" - Edward I. Koch

Link to comment
Share on other sites

Link to post
Share on other sites

Please add an opinion to your post.

I did it was just short.Its literally the first thing you see here

I  have GameServer`s And VOIP servers the only price is that you have fun on them. 

Link to comment
Share on other sites

Link to post
Share on other sites

I did it was just short.Its literally the first thing you see here

That's just a question my friend. A real opinion goes along the lines  of "This is" + [insert adjective or thought here]

Judge a product on its own merits AND the company that made it.

How to setup MSI Afterburner OSD | How to make your AMD Radeon GPU more efficient with Radeon Chill | (Probably) Why LMG Merch shipping to the EU is expensive

Oneplus 6 (Early 2023 to present) | HP Envy 15" x360 R7 5700U (Mid 2021 to present) | Steam Deck (Late 2022 to present)

 

Mid 2023 AlTech Desktop Refresh - AMD R7 5800X (Mid 2023), XFX Radeon RX 6700XT MBA (Mid 2021), MSI X370 Gaming Pro Carbon (Early 2018), 32GB DDR4-3200 (16GB x2) (Mid 2022

Noctua NH-D15 (Early 2021), Corsair MP510 1.92TB NVMe SSD (Mid 2020), beQuiet Pure Wings 2 140mm x2 & 120mm x1 (Mid 2023),

Link to comment
Share on other sites

Link to post
Share on other sites

That's just a question my friend. A real opinion goes along the lines  of "This is" + [insert adjective or thought here]

True but there wasn't to much to say. i guess my opinion was its weird to think anyone would be surprised by it. 

I  have GameServer`s And VOIP servers the only price is that you have fun on them. 

Link to comment
Share on other sites

Link to post
Share on other sites

Eh this is pretty tame for the FBI, they are one of the reasons I don't have any trust in the government, between them the NSA, and CIA (not to mention our leaders themselves) only a fool would trust the government, just look at all the crap they've pulled in our own country.

https://linustechtips.com/main/topic/631048-psu-tier-list-updated/ Tier Breakdown (My understanding)--1 Godly, 2 Great, 3 Good, 4 Average, 5 Meh, 6 Bad, 7 Awful

 

Link to comment
Share on other sites

Link to post
Share on other sites

Eh this is pretty tame for the FBI, they are one of the reasons I don't have any trust in the government, between them the NSA, and CIA (not to mention our leaders themselves) only a fool would trust the government, just look at all the crap they've pulled in our own country.

Sigh.. why cant we all just be friends and not spy on each other? like i said i would really like some smart people to get into the government who actually get this is not okay. And some people who actually know what the internet is. 

I  have GameServer`s And VOIP servers the only price is that you have fun on them. 

Link to comment
Share on other sites

Link to post
Share on other sites

Oh don't worry the FBI and NSA do  WAY more than just that. They always listen to microphones of any devices (laptops, phones, tablets, desktops), Also they constantly see your cameras on these devices. 

 

Even if your out of battery they can still see it since there's always a secondary battery to power the camera and microphone. Lasts very very very very very very very long time. So don't bother trying to drain that battery.

 

post-8310-0-96759500-1435778330.jpg

The stars died for you to be here today.

A locked bathroom in the right place can make all the difference in the world.

Link to comment
Share on other sites

Link to post
Share on other sites

Is anyone here surprised? opinion goes here:I don't think its that surprising there doing this but doesn't change the fact i'm tired of the U,S pulling these stuns behind the scenes im hoping who ever gets elected, please don't turn into a political fight. Will stop these sorts of things from happening i think there are better ways to go about this kind of stuff.   --@Mbarton

 

I would agree it is not the job of the FBI (or other investigative agency) to inform the public of potential software vulnerabilities. In fact it would be counter-productive to their purpose to do so. If you think there are better ways to go about this kind of stuff, what are they?

Link to comment
Share on other sites

Link to post
Share on other sites

Remember Jacob Appelbaum saying in some German event what I found from YouTube.

That before he had any issues with US, his friend complained about struggling Xbox. So he thought as half joke that maybe government has flashed its firmware or bios? Then a bit later as he started to them issues, he was like ..really, most likely all of his friends Xbox'es got infected just as he suspected. I think he even did show some evidence about that, but that talk was so full of raw tinfoil hat stuff that I may mix it for some other thing.

 

As for the exploits, although I really doubt anyone to inform about them. It would be reasonable good intention & public stunt to at least get dated exploits fixed, and they would most likely get fixed if really FBI sends you a request that look, your software is basically full of shit plz fix. :D

Link to comment
Share on other sites

Link to post
Share on other sites

I would agree it is not the job of the FBI (or other investigative agency) to inform the public of potential software vulnerabilities. In fact it would be counter-productive to their purpose to do so. If you think there are better ways to go about this kind of stuff, what are they?

Your right it would be counter-productive but i don't want them being productive at this at all. if you look at it none of these departments be it the NSA,FBI,CIA have stopped much of anything by invading there citizens privacy.
 
As for a better way to go about this, really old fashion police work is still good for allot of things now i know that's not going to fix everything but it would take some time and some people to come together and talk about it but i believe its possible. Maybe we could start a thread on this.  The Tek covers allot of this if you haven't checked them out i recommend it. https://www.youtube.com/user/razethew0rld/featured

I  have GameServer`s And VOIP servers the only price is that you have fun on them. 

Link to comment
Share on other sites

Link to post
Share on other sites

 

Your right it would be counter-productive but i don't want them being productive at this at all. if you look at it none of these departments be it the NSA,FBI,CIA have stopped much of anything by invading there citizens privacy.
 
As for a better way to go about this, really old fashion police work is still good for allot of things now i know that's not going to fix everything but it would take some time and some people to come together and talk about it but i believe its possible. Maybe we could start a thread on this.  The Tek covers allot of this if you haven't checked them out i recommend it. https://www.youtube.com/user/razethew0rld/featured

 

I don't think it's correct to say that these departments have not stopped much of anything. The majority of the work they do, or how they do it, isn't going to be made public. Not because it's "super secret" tin foil hat stuff, but because of the sensitivity of the information they handle. They are responsible for a lot of personally identifiable information, sensitive information, and information that could be detrimental to national security if released. I also don't think they would be very effective if they were required to be completely transparent.

 

Now I do believe that these agencies should operate within the confines of the law (considering it is one of the reasons we have a judicial branch), and I think that for the most part they do. One thing with government however is the shear number of policies that are all layered on top of each other. These can contradict each other, making it a huge grey area.

Link to comment
Share on other sites

Link to post
Share on other sites

I don't think it's correct to say that these departments have not stopped much of anything. The majority of the work they do, or how they do it, isn't going to be made public. Not because it's "super secret" tin foil hat stuff, but because of the sensitivity of the information they handle. They are responsible for a lot of personally identifiable information, sensitive information, and information that could be detrimental to national security if released. I also don't think they would be very effective if they were required to be completely transparent.

 

Now I do believe that these agencies should operate within the confines of the law (considering it is one of the reasons we have a judicial branch), and I think that for the most part they do. One thing with government however is the shear number of policies that are all layered on top of each other. These can contradict each other, making it a huge grey area.

I agree and like how you worded that, but some of what i'm talking about is stuff like the boston bomber and ISIS attacks big things, they've probably have found lots of child abuse sites and other bad things lurking in the dark parts of the net which is great (except the fact thet don't take allot of them down instead they use it to lure potential criminals) but its not saving lives i guess is what i mean. The NSA thought by just taking all data they could get there hands on, would do be helpful but now there just drowning in all the data and its still a invasion of privacy and against the law to do so.

I  have GameServer`s And VOIP servers the only price is that you have fun on them. 

Link to comment
Share on other sites

Link to post
Share on other sites

Oh don't worry the FBI and NSA do  WAY more than just that. They always listen to microphones of any devices (laptops, phones, tablets, desktops), Also they constantly see your cameras on these devices. 

 

Even if your out of battery they can still see it since there's always a secondary battery to power the camera and microphone. Lasts very very very very very very very long time. So don't bother trying to drain that battery.

Give evidence of your claims. Show me this secondary battery. No teardown will show it.

"It pays to keep an open mind, but not so open your brain falls out." - Carl Sagan.

"I can explain it to you, but I can't understand it for you" - Edward I. Koch

Link to comment
Share on other sites

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×