Menu
Criminal defendants demand to see FBI's secret hacking tool

Criminal defendants demand to see FBI's secret hacking tool

Courts are facing a decision: Expose the FBi's techniques or allow defendants to see the evidence against them

A secret FBI hacking tool, used to compromise the Tor anonymous browser in one investigation, is facing challenges from criminal defendants, perhaps putting its future in doubt.

Defendants have demanded to see details of the FBI network investigative technique (NIT), the agency's name for the relatively recent hacking tool, in a handful of criminal cases, but the agency has refused to disclose the information.

A judge in a high-profile child pornography case, in which a website called Playpen was accessible only through Tor, is trying to decide whether the FBI should disclose the NIT"s source code to the defendant.

If the FBI shares the source code, its hacking tools may be compromised in future cases, but the U.S. Constitution's Sixth Amendment gives the defendant a right to confront his accusers and challenge their investigation.

Judge Robert Bryan of the U.S. District Court for the Western District of Washington wrestled with the competing interests in a case status order he issued in the U.S. v. Michaud case this week. 

The defendant's request for the NIT source code "places this matter in an unusual position," Bryan wrote. "What should be done about it when, under these facts, the defense has a justifiable need for information in the hands of the government, but the government has a justifiable right not to turn the information over to the defense?"

Ars Technica, which reported on Bryan's order this week, noted that two other judges, in Oklahoma and Massachusetts, have ruled this year to suppress NIT-obtained evidence. And a defense attorney in West Virginia has filed to withdraw a guilty plea in a case involving NIT evidence.

In another order this week, Bryan refused Mozilla's request for the government to disclose the vulnerability in Tor. Tor is based on Mozilla's Firefox browser.

The FBI's strategy with NIT-aided investigations appears to involve hiding its use of hacking tools, and, in some cases, pressing for guilty pleas before defendants and their lawyers question the investigative techniques, said Nathan Freed Wessler, a staff attorney with the American Civil Liberties Union.

The ability of defendants to confront the evidence against them is "absolutely essential" to conducting fair trials, Wessler said. Secret evidence is "irreconcilable" with the U.S. justice system, he added.

The FBI has defended NITs, saying their use is limited. "The use of Network Investigative Techniques is lawful and effective, and only employed when necessary -- against some of the worst offenders," the agency said in a statement. "The technique is time and resource intensive, and is not a viable option for most investigations ..."

The Michaud case raises several sticky issues, technology and legal experts said.

Both sides should have access to evidence in a criminal case, but FBI disclosure of the NIT's source code could kill the tool's effectiveness going forward, said Paul Fletcher, security evangelist for security vendor Alert Logic.

"Sharing that detailed information in this scenario doesn’t necessarily mean that information should be released to the public," he said by email. "The implications of the FBI being forced to share these techniques could expose their technical capacity and/or their dependence on external sources to help with hacking techniques. In other words, the general public would begin to understand the level of technical capabilities of the FBI." 

In the Michaud case, the defendant's lawyer had agreed earlier to view the source code using FBI-approved security measures, but the FBI backed away from that compromise.

Look for inconsistent rulings across the U.S. related to secret government hacking tools, added James Goodnow, a lawyer with the Fennemore Craig law firm in Phoenix.

"This is a classic example of the law not keeping up with technology," Goodnow said by email. "The law on the disclosure of source code is murky, at best."

The issue is "ripe" to go to an appeals court, or even the U.S. Supreme Court, he added.

In addition, expect more defendants to challenge government hacking techniques, with their lawyers questioning whether the hacking exceeded the limits of a warrant, Goodnow added.

"When it comes to source code, defendants are going to argue that they have a constitutional right to explore whether the officer provided the judge with enough specificity about how evidence was being obtained and whether the obtained evidence is within the scope of that warrant," he said. "No code; no due process; no conviction -- at least that’s how the argument will go."

Follow Us

Join the New Zealand Reseller News newsletter!

Error: Please check your email address.

Featured

Slideshows

Arrow exclusively introduces Tenable Network Security to A/NZ channel

Arrow exclusively introduces Tenable Network Security to A/NZ channel

Arrow Electronics introduced Tenable Network Security to local resellers in Sydney last week, officially launching the distributor's latest security partnership across Australia and New Zealand. Representing the first direct distribution agreement locally for Tenable specifically, the deal sees Arrow deliver security solutions directly to mid-market and enterprise channel partners on both sides of the Tasman.

Arrow exclusively introduces Tenable Network Security to A/NZ channel
Examining the changing job scene in the Kiwi channel

Examining the changing job scene in the Kiwi channel

Typically, the New Year brings new opportunities for personnel within the Kiwi channel. 2017 started no differently, with a host of appointments, departures and reshuffles across vendor, distributor and reseller businesses. As a result, the job scene across New Zealand has changed - here’s a run down of who is working where in the year ahead…

Examining the changing job scene in the Kiwi channel
​What are the top 10 tech trends for New Zealand in 2017?

​What are the top 10 tech trends for New Zealand in 2017?

Digital Transformation (DX) has been a critical topic for business over the last few years and IDC is now predicting a step change as DX reaches macroeconomic levels. By 2020 a DX economy will emerge and it will become the core of what New Zealand industries focus on. From the board level through to the C-Suite, Kiwi organisations must be prepared to think and act digital when the DX economy emerges in 2017.

​What are the top 10 tech trends for New Zealand in 2017?
Show Comments