Judge rejects FBI's bid to hack computer of suspect in attempted cyberheist

Warrant request too broad, fails to meet 4th amendment standards

By , Computerworld |  Security

A federal court in Houston has rejected an FBI request for a warrant to hack into the computer of a suspect in an attempted cyberheist.

In, a sometimes testy, 13-page ruling earlier this week, U.S. Magistrate Judge Stephen Smith of the U.S. District Court for the Southern District of Texas characterized the government's request as overly intrusive and infringing on Fourth Amendment protections against unreasonable search.

The FBI in March sought a warrant to search a computer situated at a location unknown to them and belonging to an unknown suspect. In its request, the FBI sought a warrant that would allow investigators to surreptitiously install software capable of extracting information from the target computer, identify its location and also take photos of those who used the system.

The computer in question belonged to a suspect who had attempted to steal money from the online bank account of a Texas resident. An investigation showed that the IP address of the computer used in the attack was from a foreign country. Both the location of the computer and the identity of its owner are unknown.

The FBI's application for a search warrant sought permission to install the spying software on the target computer to collect information and to monitor activity on the computer over a 30-day period.

In its application, the FBI described its software as capable of searching through the computer's hard drive, memory and storage. The software would secretly activate the computer's built-in camera, take video and photos of people using it, generate latitude and longitude coordinates of its location and send all the information back to the investigators, the FBI said in its warrant application.

The specific information that the FBI was seeking from the target computer included records of IP addresses used, records of browsing activity, firewall logs, caches, cookies, bookmarks and terms entered into search engines. The FBI said that it would also use the software to try and identify the computer's owner and the individual who used it at the time of the attempted cyberheist.

Video and still images captured through the surreptitious use of the computer's built-in camera would be used to identify the suspect and also his or her location, the FBI application said

The magistrate judge rejected the application for several reasons.

The search for which the FBI is seeking authorization involves both a search for the computer and of the computer, Smith noted in his ruling. Neither of the searches would take place within the territorial jurisdiction of the court, he said. "Contrary to the current metaphor used by Internet Service Providers, digital information is not actually stored in the clouds; it resides on a computer or some other form of electronic media that has a physical location," he wrote.


Originally published on Computerworld |  Click here to read the original story.
Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Answers - Powered by ITworld

ITworld Answers helps you solve problems and share expertise. Ask a question or take a crack at answering the new questions below.

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Ask a Question