Jump to content


Photo

Innocent sites caught in a dragnet...


  • Please log in to reply
1 reply to this topic

#1 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 23 June 2011 - 08:16 AM

FYI...

Innocent sites caught in a dragnet...
- http://blog.stopbadw...ht-in-a-dragnet
June 22, 2011 - "A New York Times blog reported* last night that entire racks full of web hosting servers were seized by the FBI in an effort, presumably, to get at some evidence living on one of the servers... Other sites that were using those servers reportedly include popular services Pinboard and Instapaper. If the reported information is accurate, it appears the FBI really messed up here, harming several legitimate sites that didn't have to be harmed, and potentially damaging the reputation of the web hosting provider (presumably an innocent intermediary). This also raises questions about how to apply the concept of property seizures to the cyber world. If I'm suspected of a crime, law enforcement can — with a court's permission — seize my computer and search it for evidence. In this case, though, it seems the servers seized didn't belong to the party under investigation. Rather, that party was renting space on a shared server, which in turn was part of a server farm. The FBI's actions seem equivalent to seizing an entire lot full of rental cars because one of the rental agency's customers was suspected to have committed a crime using one specific car on the lot. Courts and law enforcement organizations are going to have to put some effort into figuring out a better way to execute seizures against shared digital resources. This might, for example, mean temporarily taking the server in question (and only that server) offline to create a forensically-valid clone of the contents, rather than seizing the physical equipment. In any case, I hope that we won't see many repeats of this apparent over-reaching."
* http://bits.blogs.ny...-sites-offline/

Confiscated Servers Take Down Sites Unrelated to Investigation
- https://www.sans.org...issue=50#sID307
June 22, 2011

:ph34r: :blink:

Edited by AplusWebMaster, 27 June 2011 - 07:34 AM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#2 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 24 June 2011 - 04:41 AM

FYI...

- http://krebsonsecuri...conficker-worm/
June 23, 2011 - "... The New York Times reported that dozens of Web sites were knocked offline when FBI officials raided a data center in Reston, Va. and seized Web servers. Officials from an affected hosting company told the Times that they didn’t know the reason for the raid, but the story suggested it may have been related to an ongoing investigation into a string of brazen intrusions by the hacktivist group “Lulzsec.” Sources close to the investigation told KrebsOnSecurity that the raid was instead related to the scareware investigation*. The FBI’s statement confirms the SBU’s estimate of $72 million losses, estimating that the scam claimed at least 960,000 victims. Although the FBI made no mention of Conficker in any of its press materials, the Ukrainian SBU’s press release names and quotes Special Agent Norman Sanders from the FBI’s Seattle field office, broadly known in the security industry as the agency’s lead in the Conficker investigation..."
* http://www.spywarein...post__p__749639

:blink:
.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.




Member of UNITE
Support SpywareInfo Forum - click the button