FBI let alleged pedo walk free rather than explain how they snared him

'Tor pedo' torpedo torpedoed


In a surprising and worrying move, the FBI has dropped its case against a man accused of downloading child sex abuse images, rather than reveal details about how they caught him.

Jay Michaud, a middle school teacher in Vancouver, Washington, was arrested in July last year after visiting the Playpen, a dark web meeting place tens of thousands of perverts used to swap mountains of vile underage porn.

Unbeknown to him at the time, the FBI were, for about a fortnight, running the site after taking over its servers, and managed to install a network investigative technique (NIT) on his computer to get his real public IP address and MAC address. The Playpen was hidden in the Tor anonymizing network, and the spyware was needed to unmask suspects – about 1,300 public IP addresses were collected by agents during the operation.

According to the prosecution, a police raid on his home revealed a substantial hoard of pictures and video of child sex abuse on computer equipment. But now, guilty or not, he's now off the hook after the FBI filed a motion to dismiss its own case [PDF] late last month.

Why? Because Michaud's lawyer insisted that the FBI hand over a sample of the NIT code so it could be checked to ensure that it didn't breach the terms of the warrant the FBI obtained to install the malware, and to check that it wouldn't throw up any false positives.

US District Judge Robert Bryan agreed, saying that unless the prosecution turned over the code, he'd have to dismiss the charges. The FBI has since been arguing against that, but has now decided that it's better to drop the case than reveal its techniques.

The Playpen affair has proved to be a legal minefield in more ways than one. For a start, the admission that the FBI had been distributing such images and videos online troubled many. But the agency also only sought a single warrant to distribute its NIT internationally, which may have been illegal at the time.

That's no longer the case, since a change in Rule 41 of the Federal Rules of Criminal Procedure was nodded through by the US Supreme Court and came into effect on December 1 last year. Judges in Playpen cases – there have been hundreds of prosecutions similar to Michaud's lined up by the Feds – haven't always agreed that the FBI had the right to introduce evidence gathered without a local warrant.

In the past the FBI has dropped cases rather than reveal their investigation techniques, particularly with its cellphone-tracking Stingray equipment. But those were minor cases – nothing so serious as child abuse. ®

Similar topics


Other stories you might like

  • FBI warning: Crooks are using deepfake videos in interviews for remote gigs
    Yes. Of course I human. Why asking? Also, when you give passwords to database?

    The US FBI issued a warning on Tuesday that it was has received increasing numbers of complaints relating to the use of deepfake videos during interviews for tech jobs that involve access to sensitive systems and information.

    The deepfake videos include a video image or recording convincingly manipulated to misrepresent someone as the "applicant" for jobs that can be performed remotely. The Bureau reports the scam has been tried on jobs for developers, "database, and software-related job functions". Some of the targeted jobs required access to customers' personal information, financial data, large databases and/or proprietary information.

    "In these interviews, the actions and lip movement of the person seen interviewed on-camera do not completely coordinate with the audio of the person speaking. At times, actions such as coughing, sneezing, or other auditory actions are not aligned with what is presented visually," said the FBI in a public service announcement.

    Continue reading
  • LGBTQ+ folks warned of dating app extortion scams
    Uncle Sam tells of crooks exploiting Pride Month

    The FTC is warning members of the LGBTQ+ community about online extortion via dating apps such as Grindr and Feeld.

    According to the American watchdog, a common scam involves a fraudster posing as a potential romantic partner on one of the apps. The cybercriminal sends explicit of a stranger photos while posing as them, and asks for similar ones in return from the mark. If the victim sends photos, the extortionist demands a payment – usually in the form of gift cards – or threatens to share the photos on the chat to the victim's family members, friends, or employer.

    Such sextortion scams have been going on for years in one form or another, even attempting to hit Reg hacks, and has led to suicides.

    Continue reading
  • Man gets two years in prison for selling 200,000 DDoS hits
    Over 2,000 customers with malice on their minds

    A 33-year-old Illinois man has been sentenced to two years in prison for running websites that paying customers used to launch more than 200,000 distributed denial-of-services (DDoS) attacks.

    A US California Central District jury found the Prairie State's Matthew Gatrel guilty of one count each of conspiracy to commit wire fraud, unauthorized impairment of a protected computer and conspiracy to commit unauthorized impairment of a protected computer. He was initially charged in 2018 after the Feds shut down 15 websites offering DDoS for hire.

    Gatrel, was convicted of owning and operating two websites – DownThem.org and AmpNode.com – that sold DDoS attacks. The FBI said that DownThem sold subscriptions that allowed the more than 2,000 customers to run the attacks while AmpNode provided customers with the server hosting. AmpNode spoofed servers that could be pre-configured with DDoS attack scripts and attack amplifiers to launch simultaneous attacks on victims.

    Continue reading
  • Former chip research professor jailed for not disclosing Chinese patents
    This is how Beijing illegally accesses US tech, say Feds

    The former director of the University of Arkansas’ High Density Electronics Center, a research facility that specialises in electronic packaging and multichip technology, has been jailed for a year for failing to disclose Chinese patents for his inventions.

    Professor Simon Saw-Teong Ang was in 2020 indicted for wire fraud and passport fraud, with the charges arising from what the US Department of Justice described as a failure to disclose “ties to companies and institutions in China” to the University of Arkansas or to the US government agencies for which the High Density Electronics Center conducted research under contract.

    At the time of the indictment, then assistant attorney general for national security John C. Demers described Ang’s actions as “a hallmark of the China’s targeting of research and academic collaborations within the United States in order to obtain U.S. technology illegally.” The DoJ statement about the indictment said Ang’s actions had negatively impacted NASA and the US Air Force.

    Continue reading
  • Five Eyes alliance’s top cop says techies are the future of law enforcement
    Crims have weaponized tech and certain States let them launder the proceeds

    Australian Federal Police (AFP) commissioner Reece Kershaw has accused un-named nations of helping organized criminals to use technology to commit and launder the proceeds of crime, and called for international collaboration to developer technologies that counter the threats that behaviour creates.

    Kershaw’s remarks were made at a meeting of the Five Eyes Law Enforcement Group (FELEG), the forum in which members of the Five Eyes intelligence sharing pact – Australia, New Zealand, Canada, the UK and the USA – discuss policing and related matters. Kershaw is the current chair of FELEG.

    “Criminals have weaponized technology and have become ruthlessly efficient at finding victims,” Kerhsaw told the group, before adding : “State actors and citizens from some nations are using our countries at the expense of our sovereignty and economies.”

    Continue reading
  • Beijing-backed baddies target unpatched networking kit to attack telcos
    NSA, FBI and CISA issue joint advisory that suggests China hardly has to work for this – flaws revealed in 2017 are among their entry points

    State-sponsored Chinese attackers are actively exploiting old vulnerabilities to "establish a broad network of compromised infrastructure" then using it to attack telcos and network services providers.

    So say the United States National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA), and Federal Bureau of Investigation (FBI), which took the unusual step of issuing a joint advisory that warns allied governments, critical infrastructure operators, and private industry organizations to hurry up and fix their IT estates.

    The advisory states that network devices are the target of this campaign and lists 16 flaws – some dating back to 2017 and none more recent than April 2021 – that the three agencies rate as the most frequently exploited.

    Continue reading

Biting the hand that feeds IT © 1998–2022