.GOV SPOOFS: Honeypots, Trojan Horses, Entrapment

[elfismiles]

Originally published October 27, 2014 at 7:43 PM | Page modified October 27, 2014 at 11:03 PM
FBI created fake Seattle Times Web page to nab bomb-threat suspect
The FBI created a fake news story on a bogus Seattle Times Web page to plant software in the computer of a suspect in a series of bomb threats to Timberline High School in 2007, documents reveal.
By Mike Carter
Seattle Times staff reporter

Reader Comments

If the FBI had hacked the Seattle Times website to plant this fake story and malware, then the newspaper would have... (October 27, 2014) MORE
The FBI writes one fake story that went to one computer for the purpose of catching one person who was making serious... (October 27, 2014) MORE
Now that's hilarious that the Times, dependent as it is on corporate interests, wants to put up a faux tantrum about... (October 27, 2014) MORE

The FBI in Seattle created a fake news story on a bogus Seattle Times Web page to plant software in the computer of a suspect in a series of bomb threats to Lacey’s Timberline High School in 2007, according to documents obtained by the Electronic Frontier Foundation (EFF) in San Francisco.

The deception was publicized Monday when Christopher Soghoian, the principal technologist for the American Civil Liberties Union in Washington, D.C., revealed it on Twitter.

In an interview, Soghoian called the incident “outrageous” and said the practice could result in “significant collateral damage to the public trust” if law enforcement begins co-opting the media for its purposes.

The EFF documents reveal that the FBI dummied up a story with an Associated Press byline about the Thurston County bomb threats with an email link “in the style of The Seattle Times,” including details about subscriber and advertiser information.

The link was sent to the suspect’s MySpace account. When the suspect clicked on the link, the hidden FBI software sent his location and Internet Protocol information to the agents. A juvenile suspect was identified and arrested June 14.

The revelation brought a sharp response from the newspaper.

“We are outraged that the FBI, with the apparent assistance of the U.S. Attorney’s Office, misappropriated the name of The Seattle Times to secretly install spyware on the computer of a crime suspect,” said Seattle Times Editor Kathy Best.

“Not only does that cross a line, it erases it,” she said.

“Our reputation and our ability to do our job as a government watchdog are based on trust. Nothing is more fundamental to that trust than our independence — from law enforcement, from government, from corporations and from all other special interests,” Best said. “The FBI’s actions, taken without our knowledge, traded on our reputation and put it at peril.”

Frank Montoya Jr., the special agent in charge of the FBI in Seattle, defended the investigation and the technique, which court records show led to the arrest and conviction of a 15-year-old student.

“Every effort we made in this investigation had the goal of preventing a tragic event like what happened at Marysville and Seattle Pacific University,” Montoya said. “We identified a specific subject of an investigation and used a technique that we deemed would be effective in preventing a possible act of violence in a school setting.

“Use of that type of technique happens in very rare circumstances and only when there is sufficient reason to believe it could be successful in resolving a threat,” he said.

Ayn Dietrich-Williams, the spokeswoman for the FBI-Seattle, pointed out that the bureau did not use a “real Seattle Times article, but material generated by the FBI in styles common in reporting and online media.”

Assistant U.S. Attorney Tessa Gorman, chief of the office’s criminal division, was reviewing the EFF documents provided to her by The Times and had no immediate comment. Kathryn Warma, the prosecutor who oversaw the case, has since retired.

The EFF posted 172 pages of documents concerning the FBI’s use of a software tool called a “Computer and Internet Protocol Address Verifier” (CIPAV) in two cases — one involving the Timberline High School bomb threats and the other involving an extortion attempt against a cruise line in Florida. More than half of the documents relate to the Seattle case.

According to the documents, CIPAV lets the FBI “geophysically” locate a computer and its Internet Protocol address.

Soghoian said the software is activated when someone clicks on the bogus link. The technique apparently exploits the same computer-security vulnerabilities used by hackers.

Police in Lacey, Thurston County, contacted the Northwest Cyber-Crime Task Force after the school began receiving a series of bomb threats beginning in late May 2007 and continuing into early June. The school was forced to evacuate students at least twice, and police were unable to identify a suspect.

The documents indicate the FBI in Seattle obtained a search warrant to “deploy” the CIPAV software after the task force, which is run by the FBI, received a public tip about a suspect. Special Agent Norman Sanders, in seeking the warrant, said the bureau would send a “communication” to the suspect’s computer that would make the computer identify itself for the agent.

The case was taken up by the U.S. Attorney’s Office, which helped draft and approve the warrant. The warrant does not say that “communication” would be a bogus news story that appeared to be published online by The Seattle Times.

Mike Carter: mcarter@seattletimes.com or 206-464-3706

http://seattletimes.com/html/localnews/ ... r1xml.html

[elfismiles]

Wombat or other Mod, can this thread be retitled something like, "Government Spoofs"?

Can Authorities Cut Off Utilities And Pose As Repairmen To Search A Home?
by Nina Totenberg

Listen to this story

Some legal cases do more than raise eyebrows — they push the legal envelope to change the law. Such is a federal case in Las Vegas now working its way through the courts.

The question is whether federal agents can disrupt service to a house and then, masquerading as helpful technicians, gain entry to covertly search the premises in hopes of finding evidence that might later justify a search warrant.

The defendants in this case are not your everyday Americans. They are, in fact, Chinese gamblers who were staying in Las Vegas at Caesar’s Palace earlier this year.

Caesar’s, and other gambling casinos, thrive on these high-rollers and provide them with free villas, butlers and other services. But in this case, at least one of the high-rollers had been tossed out of Macau for running an illegal sportsbooking operation. That fact made the Nevada Gaming Commission and the FBI suspicious that the high-rollers were doing the same thing here.

Suspicions, however, aren’t enough for a search warrant. So, according to court papers filed by defense lawyers late Tuesday, the FBI came up with a plan: Working with a computer contractor for Caesar’s Palace, the agents first tried to get into the villas by delivering laptops and asking to come in to make sure the connections worked.

The butler, however, wouldn't let them in. Tape from the secret cameras worn by the agents clearly shows the butler blocking their way.

"I just want to make sure they can connect before I leave. Can we just make sure they can connect, OK?" the agent asks.

"The thing is, you can't go in there right now," replies the butler.

When that ploy failed, the agents came up with "another trick," according to defense lawyer Tom Goldstein: "We'll dress up as technicians, we'll come inside, we'll claim to be fixing the Internet connection — even though we can't, 'cause we broke it from outside — and then we'll just look around and see what we see."

Once inside, the agents wandered around the premises as they covertly photographed the rooms, entering the previously off-limits media room. Inside, they saw a group of men watching the World Cup soccer game and looking at betting odds on their laptops — perfectly legal in Las Vegas.

What else the agents saw is not entirely clear at this point, but when they left, they seemed satisfied they had enough to get a search warrant.

"Yeah, we saw what we needed to see," an agent is heard on the tapes saying. His partner responds, "Very cool."

Defense lawyer Goldstein contends that not only was the search illegal, but the government knew it was and tried to cover it up. He contends that the materials submitted to a federal magistrate judge in seeking a warrant later carefully eliminated all indications that the federal agents had themselves cut the Internet line so that the villa occupants would ask for repairmen to come to the villa to fix the problem.

"They just managed not to tell the magistrate what it is they had actually done," says Goldstein.

Indeed, Goldstein notes that he and his clients never would have known that it was the FBI agents who cut the line were it not for one slip of the tongue that the agents made — recorded on tape — when talking among themselves. He adds that when the defense asked for further recordings, the FBI provided two blank CDs, claiming the recording devices malfunctioned.

"There's no real way of looking at this other than to say that it is a cover-up," contends Goldstein.

Cover-up or not, the legal theory used here by the Justice Department and the FBI would change the legal rules of the road dramatically if adopted by the courts.

"The theory behind this search is scary," says George Washington University law professor Stephen Saltzburg, author of a leading criminal law text. "It means the government can cut off your service, intentionally, and then pretend to be a repair person, and then while they're there, they spend extra time searching your house. It is scary beyond belief."

And it's not just Internet service that could be cut off. Cable TV lines, plumbing or water lines — the list in the modern world is a long one.

Saltzburg, who has himself worked for the Justice Department, is frankly puzzled by the brazenness of the search here.

"It's very difficult to understand, unless they want to try to push the law of consent beyond where it's ever gone before," he says.

The Justice Department declined to comment for this story, saying it would make its arguments in court when the time comes.

Read full story transcript
http://www.npr.org/templates/transcript ... =359725475

http://www.npr.org/2014/10/29/359725475 ... rch-a-home

[elfismiles]

Wombat or other Mod, can this thread be retitled something like, "Government Spoofs"?

Thanks Womby!

FBI says it impersonated AP reporter in 2007 case
By CHRIS GRYGIEL
Nov. 7, 2014 7:20 PM EST

SEATTLE (AP) — The FBI's creation of a fake news story and impersonation of an Associated Press reporter during a criminal investigation undermine media credibility, blur the lines between law enforcement and the press and raise questions about whether the agency followed its own guidelines, free press advocates say.

In a letter to The New York Times on Thursday, FBI Director James Comey said an agent "portrayed himself as an employee of The Associated Press" in 2007 to help catch a 15-year-old suspect accused of making bomb threats at a high school near Olympia, Washington. It was publicized last week that the FBI forged an AP story during its investigation, but Comey's letter revealed the agency went further and had an agent pretend to be a reporter for the wire service.

Comey said the agent posing as an AP reporter asked the suspect to review a fake AP article about threats and cyberattacks directed at the school, "to be sure that the anonymous suspect was portrayed fairly."

The bogus article contained a software tool that could verify Internet addresses. The suspect clicked on a link, revealing his computer's location and Internet address, which helped agents confirm his identity.

"That technique was proper and appropriate under Justice Department and FBI guidelines at the time. Today, the use of such an unusual technique would probably require higher-level approvals than in 2007, but it would still be lawful and, in a rare case, appropriate," Comey wrote.

Kathleen Carroll, executive editor of the AP, said the FBI's actions were "unacceptable."

"This latest revelation of how the FBI misappropriated the trusted name of The Associated Press doubles our concern and outrage, expressed earlier to Attorney General Eric Holder, about how the agency's unacceptable tactics undermine AP and the vital distinction between the government and the press," Carroll said in a statement.

In a letter to the Justice Department last week, the AP requested Holder's word that the DOJ would never again misrepresent itself as the AP and asked for policies to ensure the DOJ does not further impersonate news organizations.

On Friday the Committee to Protect Journalists said in a statement it was "deeply concerned" by the FBI's actions and called for a review of policies.

The Reporters Committee for Freedom of the Press, in its own letter on Thursday to Comey and Holder, asked the agency for full disclosure about the incident.

"The utilization of news media as a cover for delivery of electronic surveillance software is unacceptable," the letter said. "This practice endangers the media's credibility and creates the appearance that it is not independent of the government. It undermines media organizations' ability to independently report on law enforcement."

The letter from the Reporters Committee for Freedom of the Press also said the FBI's actions in the Washington state case appear to violate Department of Justice standards because there was not adequate review or disclosure about the ruse to the judge approving the warrant and FBI counsel.

"The failure to comply with the FBI and Attorney General's own requirements regarding news media impersonation is inexcusable," said the letter, which was co-signed by than two dozen organizations, including The New York Times Company, the Gannett Co., The Washington Post, The McClatchy Company and the American Society of News Editors.

Against the backdrop of Fast and Furious, a flawed ATF investigation in which guns were allowed to be transported across the border in hopes of tracking them in Mexico, the Justice Department last year provided new guidance to U.S. Attorneys' offices about a prosecutor's oversight of sensitive and undercover investigation — including evaluating whether the investigative tactics would affect public safety or yield useful evidence for a prosecution. That guidance has not been made public.

In his letter to The New York Times, Comey said all undercover operations involve deception, "which has long been a critical tool in fighting crime."

He said no "actual story was published, and no one except the suspect interacted with the undercover 'A.P.' employee or saw the fake draft story. Only the suspect was fooled, and it led to his arrest and the end of a frightening period for a high school."

Ryan Calo, a University of Washington law professor and expert in cyber law and privacy, said the FBI should've realized what they had done would eventually become known.

"It's ironic that you think that impersonating the press wouldn't make it into the press," Calo said. "Whether or not it violates any law, to act as the FBI has done, it's certainly ethically problematic and undermines faith in the press and of course the government itself."

Comey said the FBI's tactics are subject to "close oversight, both internally and by the courts that review our work."

___

Associated Press writer Eric Tucker contributed to this report from Washington, D.C.

http://bigstory.ap.org/article/89470f11 ... p-reporter