New law will grant FBI authority to crack your Tor/VPN connection – it’s time to up your game

// September 19th, 2014 // Hacking and Security


No Tor

I wrote last week about protecting your anonymity via a VNP tunnel through a second VPN tunnel on a virtual machine, an easy way to implement a bit of redundancy within your secure channel (as long as you have a fail-safe VPN kill switch mechanism in place). If a recent DOJ proposal to amend Rule 41 of the Federal Rules of Criminal Procedure passes, you might have to be even more cautious – to the point of keeping up with file checksum/hashes to determine if you’ve been compromised, routinely wiping your machine, or running your OS off of a read-only medium (e.g. Live CD).

The proposed amendment would grant the FBI (and presumably any of the other three-char acronyms) the means to “seize or copy” targets whose locations have been “concealed through technological means” – even if the target node is located in a foreign country. Yes, this means they will have the legal authority to penetrate your secure Tor or VPN proxy connection, and as previous events have shown, plant malicious software on your machine to gather evidence. Doesn’t matter where your VPN or Tor exit node sits – if your traffic is exiting in a foreign country, they still can cut in and hack your computer.

The DOJ was quick to point out that the intent was not to grant authorized searches in foreign countries but Ahmed Ghappour, professor at US Hastings College of the Law (blog at, noted that the “practical reality of the underlying technology means doing so is almost unavoidable.” He also pointed out that the amendment would be the “broadest expansion of extraterritorial surveillance power since the FBI’s inception”.

Why the proposed change in law?  Current laws prevent a judge from issuing a warrant unless the target is located within their district. The language in this part of the amendment would specifically remove that restriction:

“(6) a magistrate judge with authority in any district where activities related to crime may have occurred has authority to issue a warrant to use remote access to search electronic storage media and to seize or copy electronically stored information located within or outside of that district if (A) the district where the media or information is located has been concealed through technological means.”

This is pretty clear-cut and doesn’t imply they seek to hack foreign targets but rather, they seek the authority to penetrate targets within their district or targets whose location is *unknown* – it specifically targets Tor and private VPNs. And I would caution you against considering this one of those “yeah, so what is new” kind of changes to the law – its open wording (e.g. “may have occurred”), authorizations allowed (e.g. “search electronic storage media”, “copy electronically stored information”), and purposeful omissions (e.g. no mention of limits on methods they may use) puts it more along the lines of opening the floodgates to government snooping through your online anonymity protections.


Sources: Just Security, DOJ, The Register
Geek wear at Ivy and Pearl Boutique

« « Previous Article: Does anyone remember Barrett Brown?     » » Next Article: Will Samsung Galaxy Note 4/Gear VR become bigger than the Internet? [UPDATED]

Leave a Reply

You must be logged in to post a comment.

%d bloggers like this: