How do you know if the FBI is going to come after you for an innocent little hack?

Documents reveal feds' methods, though not priorites that make FBI's attention unpredictable

By  

Ever wonder how the FBI decides a case is worth investigating, and how it decides whether the investigation is justified just because a crime was committed, or because it was committed by or in the name of some counter-cultural force such as Anonymous that needs to be squelched?

So did Ars Technica, which filed a Freedom of Information Act asking for case documents describing how the FBI investigated attacks by members of Anonymous on web pages and Facebook accounts connected with Fox pundit Bill O'Reilly and his staff in 2008.

[Lock down your Wi-Fi or the FBI might come knocking and Good news on privacy, 4th Amendment, disguised as dumbest story you'll hear all day]

The FBI case documents on Anonymous (PDF) showed the FBI opened the investigation only a day after members of Anonymous broke into the member database of O'Reilly's Fox web site, which held contact and login information for 205 members paying $5 a month for more streams of bloviation than they could get straight from Fox or O'Reilly free.

Hackers took the membership data and used some of it to buy joke products (penile enlargement products for one woman member) and to break into AOL, Facebook and other accounts for which the O'Reilly members used the same login information.

The FBI got involved after Fox staffers claimed members of Anonymous contacted the network to threaten they planned to rape the woman to whom they'd sent penile enlargement products.

Agents' first concern, apparently, was that evidence would be lost or deleted. They sent "preservation letters" to Facebook and ISPs ordering that activity logs, messages and other records relevant to the attacks not be deleted or modified.

By analyzing server logs, the FBI found attackers got in by using an applet designed to create a list of new members without going through the security that protected the rest of the site's administrative functions and data.

Anonymi found the error, the documents theorize, by running searches from "various IPs" looking for pages within the administrative section but not controlled by security. The new-member report gave them the 205 names, emails and logins they used.

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Answers - Powered by ITworld

ITworld Answers helps you solve problems and share expertise. Ask a question or take a crack at answering the new questions below.

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Ask a Question
randomness