Fourth Circuit adopts narrow reading of the CFAA

We have discussed previously the tension between a wide and narrow reading of the CFAA - see Jeffrey's original take on Nosal - Ninth Circuit en banc adopts narrow reading of CFAA, and my analysis of the dissent - Why Nosal’s dissent is surprisingly persuasive. Well, the Fourth Circuit has sided with the "narrow" camp, in WEC Carolina Energy Solutions v. Miller. Not surprisingly, it is another case of employee disloyalty that has been dressed up to be a federal hacking violation.  Essentially, Miller (or his assistant) downloaded...

Read More

Minnesota district court holds defendant does not have standing to challenge GPS use

In United States v. Barraza-Maldonado, 2012 U.S. Dist. LEXIS 99992 (D. Minn. 2012), the district court ruled that evidence acquired from the use of a GPS device should not be suppressed because the defendant did not have standing in the vehicle. Following an order from a magistrate, the defendant argued that the GPS evidence should be suppressed. However, the court found that in order for the use to have been unconstitutional under Jones, he would have "to be able to maintain an action for trepass," requiring him to have a property interest in...

Read More

Tennessee district court awards man $20,000 in wiretap violation suit against his ex-wife

In November, I wrote a post about the Tennessee case of Klumb v. Goan, involving a man suing his ex-wife under the federal Wiretap Act after she installed spyware on his computers. Last week, a federal district court ruled in favor of the husband, awarding him $10,000 in statutory damages and $10,000 in punitive damages. Klumb v. Goan, 2012 U.S. Dist. LEXIS 100836 (E.D. Tenn. 2012). Prior to the marriage, the soon-to-be wife purchased eBlaster, a common spyware application. The program records all keystrokes and websites visited, takes screenshots,...

Read More

Fifth Circuit reverses CP sentencing enhancement due to government's failure to prove "relevant conduct"

The Fifth Circuit vacated and remanded a sentence due to an enhancement for possession of 277 images of child pornography because the defendant was charged with distribution and no evidence was presented that the additional images were "relevant conduct" under the guidelines. United States v. Teuschler, 2012 U.S. App. LEXIS 15284 (5th Cir. 2012). The defendant had communicated with what he thought was a 13-year-old girl in an Internet chatroom, though in reality it was a police officer. Ultimately, he sent images of adult and child pornography,...

Read More

Pennsylvania district court suppresses GPS evidence

I won't continue to belabor the details of these cases unnecessarily, but in United States v. Ortiz, 2012 U.S. Dist. LEXIS 101245 (E.D. Pa. 2012), the district court held that pre-Jones GPS evidence violated the Fourth Amendment and does not fall under the Davis good faith rule. Law enforcement used two GPS devices in the investigation - one for about a month and the second for two weeks. The second device led to the discovery of $2.3 million in suspected drug money. UPDATE: Professor Orin Kerr has written about Ortiz on Volokh...

Read More

District court to consider whether reasonable suspicion makes GPS use reasonable

In a pending case before a federal district court in Missouri, the government is arguing that use of GPS without a warrant was not unreasonable because officers had reasonable suspicion. In Jones, the Supreme Court decided when GPS use is a search but did not consider when it is reasonable. Here's the language from the magistrate's order (available here): From this information, the undersigned concludes that the investigating agents had a reasonable suspicion that defendant Robinson had previously engaged in and was currently engaging...

Read More

The End of DarkComet RAT - Part 3: Could the creators of RATs (or similar software analogues) be prosecuted (law)

And now, on to the finale - could DarkCoderSc be prosecuted for creating, supporting, and distributing the DarkComet RAT. NO (in the United States) First, DarkComet RAT can be easily distinguished from Mariposa and Blackshades, on the following grounds: 1. DarkCoderSc never sold what he made - there was no profit motive, and thus one could argue, no intent to defraud. 2. As far as I know, DarkCoderSc was never affiliated with any illicit group as the Blackshades RAT creator was - which would make that person liable for numerous charges,...

Read More

Facebook attempts to identify sex predators actions, cyberbullying

A recent Reuters article discusses what little is known of a Facebook attempt to identify sex predators on the social networking site. The program screens for inappropriate language and exchanges and flags certain conversations for review. Upon finding an inappropriate conversation, Facebook notifies law enforcement. The article details how other companies handle the issue and what other options exist. Facebook has also modified their "report" option to help teens report cyberbullying. Users ages 13 and 14 can now click "This post is a...

Read More

Cybercrime Review will be onsite at Defcon 20, Blackhat, and BSides LV

I will be out in Las Vegas next week for the trifecta of Defcon, Blackhat, and BSides. I hope to do some reporting from there if any of the presentations have a good legal or criminal flavor. Feel free to send messages to myself at @cybercrimerev while I am there. For a look at the respective conferences, see: Defcon 20 Blackhat USA 2012 BSides Las Vegas 20...

Read More

Google Play app containing malware may have been downloaded 100,000 times

Symantec blogger Irfan Asrar has found malware in the Google Play market known as Android.Dropdialer that sends text messages to premium-rate numbers, resulting in expensive charges on the user's phone bill. The malware, hidden in downloads entitled "Super Mario Bros." and "GTA 3 Moscow City," was available for download for over two weeks and may have been downloaded nearly 100,000 times. Google attempts to scan all apps in the market for malware, but as here, some apps fall through the cracks when the actual harmful code is downloaded by the...

Read More

Scholars debate Fourth Amendment doctrine after Jones

At this year's Privacy Law Scholar's Conference, a panel presented their views on Jones's transformation of Fourth Amendment doctrine. Each panel member submitted a proposal as part of a competition won by Professor Susan Freiwald. All proposals are available on the USvJones.com website. Hat tip to Professor Orin Kerr (a participant in the panel) for posting the video on Volokh Conspira...

Read More

District court okays warrantless pre-Jones GPS use, holds that good faith rule doesn't require binding precedent

A Massachusetts district court judge has held that evidence acquired as the result of GPS use before Jones is not subject to suppression because law enforcement acted in good faith, pursuant to nonbinding precedent. United States v. Baez, 2012 U.S. Dist. LEXIS 97969 (D. Mass. 2012). In 2010, law enforcement suspected the defendant of having committed arson and placed a GPS device on his car. The device was active for 347 days. He was later arrested after another fire and sought suppression at trial. The district court found that "the...

Read More

Measuring the cost of cybercrime

In case anyone was a skeptic as to the financial impact of cybercrime, I'd like to draw attention to a recently released paper entitled Measuring the Cost of Cybercrime.  The paper was submitted for the Workshop on the Economics of Information Security, which was held in Berlin, Germany at the end of June. The presentation has also been posted, which will give you the abridged version if you want to avoid reading all 26 pag...

Read More

Anonymous launches plan to destroy all CP websites

Hacktivist group Anonymous has launched a campaign to "eradicate [child pornography] from the Internet." Anonymous plans to take down message boards and other websites that are "dedicated to pedophiles for chat and picture sharing." They claim to have already invaded several sites, posting the users' IP addresses and e-mail addresses publicly on the Internet (such as her...

Read More

Second circuit vacates CP conviction after officers violate terms of search warrant

In United States v. Voustianiouk, 2012 U.S. App. LEXIS 14317 (2d Cir. 2012), the Second Circuit reversed a motion to suppress and vacated the conviction and sentence after law enforcement searched the defendant's home in violation of the Fourth Amendment. The agents obtained a search warrant to search a first floor apartment listed as the contact for an ISP, but when they arrived, they learned that the person listed on the account actually lived on the second floor. When they found the defendant, they showed him the search warrant and proceeded...

Read More

Mississippi district court refuses good faith argument for warrantless GPS use despite arguable precedent

In May, I wrote about an Alabama district court upholding the use of a GPS device prior to Jones under a good faith argument because the Eleventh Circuit has precedent (old Fifth Circuit which includes today's Fifth and Eleventh Circuits) allowing a beeper to be placed on the exterior of a car. United States v. Rosas-llescas, 2012 U.S. Dist. LEXIS 74594 (N.D. Ala. 2012). A Mississippi district court refused to do the same in United States v. Lujan, 2012 U.S. Dist. LEXIS 95804 (N.D. Miss. 2012), holding that the use "was per se unreasonable...

Read More

900,000 account details released, password "123456" remains popular

In case you hadn't heard, nearly a million account details were publicized within the last two days. Here's the breakdown: Yahoo - 453,492 Formspring - 420,000 Billabong.com - 20,000-35,000 The Yahoo accounts were acquired by hackers through a vulnerability in its Yahoo Voice subdomain, which might also reveal access info to many other users' accounts. The group behind the attack, D33Ds, noted, "We hope that the parties responsible for managing the security of this subdomain will take this as a wake-up call, and not as a threat." The release...

Read More

Fourth Circuit remands Vicky series restitution award

In a case concerning the Vicky child pornography series, the Fourth Circuit held that a child pornography victim is entitled to restitution in an amount "only for harm that he proximately caused." On remand, if the district court determines that proximate cause is established, they will then calculate "the quantum of loss attributable to [the defendant] for his participation in Vicky's exploitation." The victim had suggested that general cause, rather than proximate cause, is the proper structure. This, the Fourth Circuit held, "would expand the...

Read More

The End of DarkComet RAT - More Technical Details

For more technical information on the DarkComet RAT, and how it has been used in concerted campaigns against governments, dissidents, and even gamers, see this Threatpost Article - Dark Comet RAT Tailored For Attacks On Gamers, Governments. For the deeper technical analysis - check out the write up by Arbor Networks that is referenced in the Threapost piece - Exterminating the RAT Part I: Dissecting Dark Comet Campaigns. That is the first of a series that Curt Wilson of Arbor is doing on the technical side.  The links at the bottom...

Read More

The End of DarkComet RAT - Part 2: Should the creators of RATs (or similar software analogues) be prosecuted (ethics)

I pose the question above at a high level of generality to include in this discussion not just the writer of DarkComet RAT, but writers of other RATs, and more importantly, writers of similar software, for-profit or otherwise. Because I do believe there is one line to be drawn when the person who created the software intended to, or does profit from it. It is clear from my previous post that law enforcement surely does believe that writing software for these motives may be criminal - the Mariposa botnet creator and the Blackshades RAT creator were...

Read More

The End of DarkComet RAT - Part 1: The Introduction - Update

I forgot to mention the story from last year about how DarkComet was ported to Mac computers - facts are important -  if for no other reason than to bolster the argument that DarkComet's uses are likely more malicious than condoned. Before you rail against me - let me note as an aside that I recognize the Metasploit, Backtrack, Core Impact, etc, etc, etc. argument against criminal enforcement. They are legal tools that do the same, and they generate more money (exponentially) than DarkCoderSc could have ever made with DarkComet....

Read More

The End of DarkComet RAT - Part 1: The Introduction

If you are not aware, the author of the DarkComet RAT (Remote Administration Tool) has stopped offering the software, and stopped updating it - a move that has somehow been argued to be a victory for law enforcement, although they didn't actually do anything.  Yes, I have heard of deterrence. However, I will leave for another day whether or not the creator of this software should or could actually be liable for the damage it has caused....

Read More

Application of American law to online casino theft

Courtesy of morguefile.com With the potential for online gambling to soon become widespread in the United States through the Justice Department's December opinion, there are many issues that need to be addressed. One such issue is discussed in a paper I have recently uploaded to SSRN entitled "Cyber Thieves in Online Casinos: Applying Real-World Laws to Virtual Acts." The paper deals with the ways in which money may be stolen in online casinos...

Read More

Report reveals 1.3 million requests for cell phone subscriber information in 2011

Rep. Ed Markey For those who have assumed that requests for subscriber information from phone companies were minimal and that there was often no charge, a release of reports today shows just how pervasive and expensive these activities are. In July, Congressman Edward Markey (D-Mass.) requested figures from nine cell phone companies and revealed the information today. Markey, first elected to the House in 1976, said of the findings, "We...

Read More

Sixth Circuit okays warrantless seizure to prevent destruction of evidence

In United States v. Bradley, 2012 U.S. App. LEXIS 13752 (6th Cir. 2012), the Sixth Circuit held that a 26-hour delay in obtaining a search warrant after seizing a laptop was not unreasonable as the defendant may have deleted evidence. A Kentucky investigator was using hash values to search for distributors of child pornography over a peer-to-peer network. After finding a distributor's IP address, it was tracked to a local fire station. Police went to the station and asked the defendant if they could use software to search his computer for child...

Read More

Computers with DNSChanger virus lose Internet Monday

In case you've forgotten, computers infected with the DNSChanger virus will lose Internet access on Monday. The virus once redirected computers to fake DNS servers, but the system was shut down by the FBI. A new server safely redirected Internet traffic temporarily, but it is scheduled to be taken down next week.  To check to see if your computer is infected and to learn how to fix the problem, visit the DNS Changer Check-Up site or the FBI's...

Read More

ACLU releases app for recording police action

The ACLU has released "Police Tape," an Android app that allows users to "securely and discreetly record and store interactions with police, as well as provide legal information about citizens' rights when interacting with the police." Videos are automatically uploaded to an external server, preventing deletion by law enforcement, and the app itself can run in the background while recording so it isn't obvious what is happening.Recently, some states have enacted laws banning the recording of police action, though such a ban may be a violation of...

Read More

Exciting stories from the Twitterverse

For those of you who aren't following us on Twitter, I wanted to highlight a few recent stories we posted. But also, you should follow us on Twitter (@CybercrimeRev) - we put up some great stuff! How a lone grad student scooped the government and what it means for your online privacy @NeedADebitCard retweets images of credit cards people put on Twitter. Have a good laugh, and then remind people not to do this! Kansas website posts names,...

Read More

Washington court finds no constitutional protection for texts after reaching recipient

A panel of the Washington Court of Appeals held in State v. Hinton, 2012 Wash. App. LEXIS 1510 (Wash. Ct. App. 2012), that the United States Constitution does not provide protection for text messages once they are received by the intended recipient. In Hinton, the recipient of the text message had been arrested earlier in the day on drug charges. An officer heard the incoming message sound from the phone, read the message, and engaged in a...

Read More

Court upholds verdict that defendant did not "knowingly exceed authorization" when he clicked on and viewed emails in an open Yahoo! inbox

In an unpublished decision, the Superior Court of New Jersey, Appellate Division denied the plaintiff's motion for judgment not withstanding the verdict in a case where the defendant opened emails in an inbox that was left logged in on a computer next to him. The case is Marcus v. Rogers, 2012 N.J. Super. Unpub. LEXIS 1523 (June 28, 2012). The facts of the case are interesting - the defendant was involved in a dispute over his salary with...

Read More

District Court: CP mandatory minimum leads to unconstitutional sentences

An Ohio district court sentenced a man convicted of child pornography possession to five years in prison (the mandatory minimum), despite sua sponte arguments from the court suggesting the sentence is unconstitutional considering the defendant's background, conduct, and mental health. United States v. Marshall, 2012 U.S. Dist. LEXIS 90487 (N.D. Ohio 2012). The court began the opinion: Child pornography remains one of the fastest growing areas of prosecution by the Justice Department. Law enforcement teams are policing the internet and...

Read More

Kentucky district court applies good faith to warrantless use of GPS placed on vehicle in Seventh Circuit

In United States v. Shelburne, 2012 U.S. Dist. LEXIS 85368 (W.D. Ky. 2012), a federal district court has refused to suppress evidence acquired after the warrantless use of a GPS device because the device was placed on the vehicle in a circuit where GPS use was allowed pre-Jones.  The GPS device was placed by Indiana (Seventh Circuit) law enforcement, and the defendants then traveled to Kentucky (Sixth Circuit) where they were arrested. The government argued, and the court accepted, that since the relevant actors were in the Seventh...

Read More