Last year the government granted itself permission to widen the scope of warrants when any form of anonymity tools is involved in a case. This expansion, commonly referred to as Rule 41, allows government agents to acquire a warrant that authorizes them to remotely access any computer using, for example, Tor to conceal either its physical location or its users physical locations. Needless to say, the privacy community wasn’t thrilled when news of this expansion broke.
But the privacy community is, unfortunately, relatively small. The government doesn’t really care about it. It’s far more interested in convincing the masses that this expansion of power is a good thing. To demonstrate the value of this power the Federal Bureau of Investigations (FBI) requested and received a warrant to remotely access systems that were infected with a botnet so it could clean the malware:
Mass hacking seems to be all the rage currently. A vigilante hacker apparently slipped secure code into vulnerable cameras and other insecure networked objects in the “Internet of Things” so that bad guys can’t corral those devices into an army of zombie computers, like what happened with the record-breaking Mirai denial-of-service botnet. The Homeland Security Department issued alerts with instructions for fending off similar “Brickerbot malware,” so-named because it bricks IoT devices.
And perhaps most unusual, the FBI recently obtained a single warrant in Alaska to hack the computers of thousands of victims in a bid to free them from the global botnet, Kelihos.
The FBI sought the 30-day warrant to liberate victims through a new procedural rule change that took effect in December amid worries among privacy advocates that the update would open a new door for government abuse. But the first use of the amendments to Rule 41 of the Federal Rules of Criminal Procedure has assuaged fears, at least for the moment, because the feds used their power to kill a botnet.
How benevolent of the FBI!
This is, of course, a purely propagandistic move. Now when some pesky privacy advocate brings up the heinous nature of Rule 41 the federal government can point to this case and berate the advocate for wanting to help botnet operators. It’s a classic maneuver with a proven track record.