However, in the recent Playpen case which involved the identification of a few suspects in a child exploitation ring site, Daniel Alfin, an FBI agent has argued that the hacking tool called Network Investigative Technique (NIT) used to identify the Playpen users cannot be considered as “malware.”
In many of the related cases, the warrant that was employed by the FBI to deploy the NIT has been considered invalid as per the jurisdictional limits imposed by Rule 41.
It was last year that FBI hacked a dark web site called Playpen and identified thousands of users. The FBI employed a hacking tool, NIT, which used one single warrant to uncover close to 1,300 hidden IP addresses of the users. These addresses were then traced back to the individuals.
In this context, during testimony earlier last month by FBI agent Daniel Alfin, he argued that the hacking tool used to identify many suspects of the child-exploitation
ring Playpen, including Jay Michaud, cannot be considered as malware because it had the authorization of the court and did not damage the computer’s security.
FBI’s NIT worked as follows: The NIT software was installed in the machines in such a way that when anyone accessed the Playpen website using the Tor browser, their IP addresses were returned.
The FBI took full control of the Playpen site to install the NIT, distribute child abuse images for two weeks and later identify the computers from which the site was accessed. Though Alfin’s argument can be thought of as correct in a limited sense, the allegation was that NIT stripped the users’ protection of maintaining anonymity without their knowledge.
Some users used Tor to mask their identities most likely when seeking illegal contents. The NIT can be considered as “malware” by definition because it was installed to remove the protection that was consciously deployed by the users.
Senator Ron Wyden of Oregon announced the bill “Stop Mass Hacking Act,” which would curtail the FBI from using one single warrant to install and run “malware” on thousands of computers that are at unknown locations.
Recently, Judge Robert Bryan reversed his previous position, ruling that the FBI doesn’t have to disclose the Tor exploit code while simultaneously stating that the FBI should face sanctions for its stand in refusing to provide evidence.
However, the government argued back saying that as the defendant was already in possession of enough amount of evidence, there was no need for the FBI to disclose details of the so-called “malware” exploit and that no sanctions should be imposed on this account.
Though the definition of malware has always been ambiguous, the interpretation of malicious software by the government goes against the commonly understood meaning of the word.
Malware refers to any software program that installs itself and runs on a computer without the consent of the machine’s owner.
However, Alfin’s argument was that the NIT software did not make any changes to the security settings when he loaded the NIT on one of his machines.
When loaded, the NIT did not render his computer more vulnerable than it was before the installation nor did it leave behind any other residual malware, Alfin added.
Latest posts by Richard (see all)
- Wide Range of Job Ads Available on the Dark Web - November 5, 2018
- Continuous Exploit of RDP Pushes FBI to Issue Warning to Potential Targets - October 29, 2018
- Ross Ulbricht’s Fifth Year in Jail - October 10, 2018