Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Security

The FBI Downloaded CIA's Hacking Tools Using Starbuck's WiFi (emptywheel.net) 38

An anonymous reader shares a report: One of the most interesting details from the yesterday's Joshua Schulte trial involved how the FBI obtained the Vault 7 and Vault 8 materials they entered into evidence yesterday. Because the FBI did not want to download the files onto an existing FBI computer (in part, out of malware concerns) and because they didn't want to use an FBI IP address, they got a new computer and downloaded all the files at Starbucks.
This discussion has been archived. No new comments can be posted.

The FBI Downloaded CIA's Hacking Tools Using Starbuck's WiFi

Comments Filter:
  • by Impy the Impiuos Imp ( 442658 ) on Wednesday February 05, 2020 @03:11PM (#59694270) Journal

    It'a good to know the letter agencies are working together for our benefit.

    • Question is "Whose dick?"
    • by hey! ( 33014 )

      Since the FBI is the primary agency in charge of US domestic counterintelligence, they absolutely should not trust a CIA computer. It might be compromised with malware that either attacks or covers its tracks when contacted from a government network.

      • It's just like when a police officer gets charged with a crime. Their union rep knows not to let them talk to the police and makes sure that they stay quiet and exercise their fifth amendment rights. I'm pretty sure all of the government spooks know that you shouldn't trust anything you get from a government spook.
        • by hey! ( 33014 )

          Above this, there's good reason to investigate a leak of information this way. You want to try to get the information exactly the way the intended recipients would.

      • Indeed! https://thehill.com/policy/tec... [thehill.com]

        CIA officials improperly hacked the Senate Intelligence Committee's computers as staffers compiled a report on "enhanced interrogation" techniques, the spy agency's inspector general has concluded.

        If they'll hack the Senate, they'd have no issues hacking their competitors in the FBI.

        • If they'll hack the Senate, they'd have no issues hacking their competitors in the FBI.

          They might be smart enough to have an issue with it; the FBI is charged with investigating the CIA's compliance with domestic spying restrictions.

    • by thomst ( 1640045 )

      Impy the Impiuos Imp chortled:

      It'a good to know the letter agencies are working together for our benefit.

      They're not.

      I know reading comprehension is deprecated around here - and the idiotic summary assumes you already know who Joshua Schulte [wikipedia.org] is and what he's charged with - but the FBI's investigators downloaded Vault 7 and 8 materials via a Wikileaks-provided torrent over a Starbucks-provided wifi connection onto a freshly-purchased laptop to be able to demonstrate at trial that the CIA materials he's charged with stealing and conveying to Wikileaks were publicly available at the

      • You know the word chortle, but you spam your book on slashdot.

        Your top book review is "Poorly written. Formulaic. Clichéd. Almost totally predictable. Gave up on this one half way through."

        Thom, maybe you should just shut the fuck up for awhile and quit spamming your shitty book and come back next week. Since nobody knows who you are, that's all it will take.

        And deprecated? Come on. Try harder. You can't complain that the summary is idiotic and also complain that we're smart enough not to read it. That

  • Uhm (Score:2, Informative)

    Can someone explain to this dipshit how torrents work?

    "One thing this does is explain that it took an hour to download just what got published on WikiLeaks. This will become a critical detail in proving that the files had to have been stolen from inside CIA — basically the “download speed” argument thrown back at the Russian hack denialists."

    I get what they are trying to say, but... The files exfiltrated from the DNC wouldn't have been in a publicly available torrent file with thousa
  • Comment removed (Score:3, Interesting)

    by account_deleted ( 4530225 ) on Wednesday February 05, 2020 @03:57PM (#59694440)
    Comment removed based on user account deletion
    • access to VPNs

      Are you saying a VPN connection to their own headquarters or some 3rd-party untrusted VPN? And what - are they paying with Bitcoin? While it's true that whoever manages Starbucks' WiFi will certainly have some record of a MAC address that could theoretically be linked back to a manufactured laptop - but they're not going to go to these lengths without a spoofed MAC.

      Are we even sure that the CIA doesn't have any malware on any commercial VPN servers?

      • Comment removed based on user account deletion
        • by AHuxley ( 892839 )
          Re "IP that can't easily be linked to them."
          The NSA and GCHQ dont really worry about any global VPN use.
          They would not be the NSA and GCHQ if a VPN product worked...

          A VPN would not have protected the FBI.
          Once the NSA detects its files in the wild, the NSA and experts from Canada, Australia, New Zealand and the United Kingdom would all be looking for a spy in the FBI .. who has their nations secrets..
          Would Canada, Australia, New Zealand and the United Kingdom let their spy hunt be stopped by any "VPN"
    • There's hardly any equipment required and total cost should be under a hundred bucks. If a file is questionable use any old Thinkpad (for convenient drive swap/removal with one screw). Boot a live Linux off CV/DVD using the toram Knoppix cheat code where it's an option, remove boot media if it's not one of my finalized CD/DVDs, download file, problem solved. If paranoid, disconnect everything from your cable modem except your target machine.
      You can then boot other live OS if what you used isn't suitable equ

      • Comment removed based on user account deletion
      • by bws111 ( 1216812 ) on Wednesday February 05, 2020 @05:12PM (#59694778)

        You don't seem to understand that they are collecting evidence to be presented to a jury. That means things like having a clear chain of custody. They didn't choose this approach because they thought it was the only (or best) way, they choose it because it is easily presentable to a jury. 'We went to the store and bought a laptop (just like you do), 'We went to Starbucks and used their internet to download these files (just like you can)' vs. 'we got an old laptop (which could we could already have planted things on) and used a CD we downloaded from the internet (don't worry, we verified it), and used our network to download this evidence (nothing suspicious there).'

      • by AHuxley ( 892839 )
        The trick is a MAC number never seen online before and again. Gov/mil/police/contractors really like it when that same MAC number is detected again.
    • Yes, the FBI could have a bank of computer assets ready for such inspection tasks, with a full complement of support staff (making a minimum of $50K/year each) to ensure those assets are prepped and available as soon as they're needed. To handle the network side of things, they'll need a few network engineers operating a secret network of VPN endpoints under shell companies (which themselves need accountants and paper-pushers) to ensure the connection can't be identified as being an FBI asset (and thus serv

      • Comment removed based on user account deletion
        • Under normal circumstances, risky activity can simply be conducted on a DMZ within the FBI's network, and it will have no impact on the investigation.

          These aren't normal circumstances. WikiLeaks has spent decades trying to undermine the US government. Identifying every incoming connection to impede an investigation is exactly the kind of stunt they'd pull. They aren't just a passive website somewhere hosting an ISIS propaganda video. They're actively hostile toward US agencies, and appropriate caution would

        • by AHuxley ( 892839 )
          The "rare problem" is result of the NSA looking for a real spy with NSA files working in the FBI.
          The NSA would not stop looking until they had a spy...a spy network... everyone who "worked" near their file..
    • by cusco ( 717999 )

      The FBI? The former holder of the record for the most expensive IT failure in history? IIRC they still have to enter case records into at least three different and entirely incompatible systems and transfer data from one to the other manually.

      The FBI has the same problem as every other law enforcement agency, people join them because they want to be heroes not because they want to be computer geeks. The wannabe heroes almost certainly also treat their techies like crap and pay no attention to anything th

    • by AHuxley ( 892839 )
      Its not Kafkaesque, Catch 22, 1984 ... when the FBI is found moving around NSA files.. the NSA questions would never stop...
      The NSA would see the FBI doing "file" moving networking computer work of NSA work .. to the FBI.
      The NSA would think a Russian agent deep in the FBI exists who is using their day job in the FBI as cover to spy on the inner working of the NSA.
      A NSA security team would go to work after the file movement was detected..
      ie the NSA has projects like "FIRSTFRUITS" to track the movement of
    • The FBI (and lots of IT departments in general) should be equipped with computers that are ready for exactly this kind of job.

      They're smart enough to be less trusting than that when dealing with the CIA.

      Remember, it is the FBI that investigates the CIA's domestic activities to make sure they're not spying on Americans. They're the only people who know the CIA's secrets. Well, the NSA probably does too, but they don't care, they're just obsessed with filing it in a black hole.

  • I can actually die happy now, knowing that all my conspiracies fears were true after all. ;~)

  • why would the FBI or CIA want people to know about that?

Time is the most valuable thing a man can spend. -- Theophrastus

Working...