News Blog

The FBI has backed down on a secret request for information about a user of the Internet Archive digital library, thanks to a legal challenge from two prominent advocacy groups.

The case, which was brought by the Electronic Frontier Foundation and the American Civil Liberties Union on behalf of the archive, dates to last year but only became public on Wednesday. That's because the type of request involved, known as a national security letter (NSL), is accompanied by a gag order that forbids the recipient from disclosing its existence or discussing it with anyone except his attorneys, who are also gagged. As a result of a settlement, the FBI agreed to withdraw the national security letter and to lift the gag order.

The 2001 Patriot Act and its subsequent reauthorization dramatically expanded the FBI's ability to use NSLs, which do not require a court order and are supposed to be used only in investigations related to terrorism. Investigators are able to use the tactic to obtain customer records and logs from Internet service providers, telephone companies, financial institutions, but Congress in 2006 imposed limits on the FBI's ability to use NSLs on libraries. The EFF said this is the first known case to challenge an NSL served upon a library since those legal changes took effect.

The situation with the Internet Archive began last November, when the FBI served founder Brewster Kahle with an NSL (PDF) seeking an unspecified individual's name, address, and "any electronic communication transactional records" (i.e., not the content of communications, but logs of activity) pertaining to the user. Kahle, who is an EFF board member, believed the request was overbroad and decided to challenge the query in court, handing over only publicly available documents in the mean time.

"The free flow of information is at the heart of every library's work," Kahle said in a statement Wednesday. "That's why Congress passed a law limiting the FBI's power to issue NSLs to America's libraries. While it's never easy standing up to the government--particularly when I was barred from discussing it with anyone--I knew I had to challenge something that was clearly wrong."

The Internet Archive, founded in 1996, is a repository for archived Web sites, public domain books, concert recordings, and films, among other things. It has about half a million registered patrons and, according to the EFF, does not collect IP addresses of those who submit items to the collections or of those who read, view, or listen to its collections.

The Bush administration is hardly a stranger to lawsuits targeting its use of NSLs, and its challengers have met with some success in recent years. Last fall, for instance, a federal judge ruled the surreptitious requests for information were unconstitutional. A federal appeals court is expected to hear the government's appeal next month, the EFF said.

In addition, the FBI has taken heat two years in a row from the Department of Justice's inspector general--and, by extension, members of Congress--for misusing its NSL powers, including making attempts to seek and get information that would otherwise require a court order. The FBI says it has since instituted more internal checks on the process.

The police agency on Wednesday was quick to defend its actions in the Internet Archive case and the NSL approach more broadly. Here's a snippet from a statement released by spokesman John Miller:

"The information requested in the National Security Letter was relevant to an ongoing, authorized national security investigation. National Security Letters remain indispensable tools for national security investigations and permit the FBI to gather the basic building blocks for our counterterrorism and counterintelligence investigations. Internet Archive voluntarily provided publicly available information to the FBI, and identified for the FBI that information it possessed which was not publicly available. Internet Archive's refusal to disclose this information formed the basis of its civil suit, which the parties have now resolved through settlement."

Attorneys for Kahle said they considered the settlement a great victory. But they again voiced concern that untold numbers of improper NSLs have gone unchallenged because of their secretive nature.

"It appears that every time a national security letter recipient has challenged an NSL in court and forced the government to justify it, the government has ultimately withdrawn its demand for records," Melissa Goodman, an ACLU staff attorney who worked on the case, said in a statement. "In the absence of much needed judicial oversight--and with recipients silenced and the public in the dark--there is nothing to stop the FBI from abusing its NSL power."

WASHINGTON--The FBI's legacy of botched computer upgrades is still haunting some politicians on Capitol Hill.

At a U.S. House of Representatives Judiciary Committee hearing on Wednesday, former committee Chairman F. James Sensenbrenner (R-Wis.) grilled FBI Director Robert Mueller about what he deemed a "fiasco"--a failed case-management system overhaul known as Virtual Case File.

Sensenbrenner accused Mueller of "continuously frustrating" his committee's attempts to find out how much money had been spent before the failed program was abandoned about three years ago. The FBI has since begun a new effort called Sentinel, whose first phase--a Web portal of sorts for investigators--went live in June last year.

"I want to know how much money was wasted," Sensenbrenner told Mueller.

About $197 million was spent on the program before the FBI opted to "cut its losses" and discontinue VCF, Mueller said. Of that amount, his agency believes it can "recover" about $100 million, but he conceded that hasn't actually happened yet.

"What management techniques have you learned from the fact that the Virtual Case File effort went off the cliff and the taxpayers got stuck with a pretty significant bill, that you're applying to make sure this doesn't happen with Sentinel?" Sensenbrenner asked Mueller.

Mueller said the agency now has help from technology and business process experts that it didn't have when the Virtual Case File project began. He said the agency has also set "firm requirements" so that contractors have clearer guidance on what to build. He described the first phase of Sentinel as "successful, on time, and on budget" and said he expected the same of the second phase.

Rep. Zoe Lofgren (D-Calif.) also urged Mueller to devote more attention to digitizing years of paper FBI records, arguing that if a company like Google can digitize university library volumes in a matter of months, the federal agency has no excuse for inaction. "I don't know if you've done a cost-benefit analysis," she said, "but it seems to me (it's) clear that if you move into the modern age, your agents are going to be optimized in terms of their performance."

Mueller said he agreed, noting that the agency has begun by digitizing all of its terrorism files and placing "emphasis particularly on those areas where we need to have access to those records digitally immediately."

WASHINGTON--The FBI on Wednesday called for new legislation that would allow federal police to monitor the Internet for "illegal activity."

The suggestion from FBI Director Robert Mueller, which came during a House of Representatives Judiciary Committee hearing, appears to go beyond a current plan to monitor traffic on federal-government networks. Mueller seemed to suggest that the bureau should have a broad "omnibus" authority to conduct monitoring and surveillance of private-sector networks as well.

The surveillance should include all Internet traffic, Mueller said, "whether it be .mil, .gov, .com--whichever network you're talking about." (See the transcript of the hearing.)

In response to questions from Rep. Darrell Issa, a California Republican, Mueller said his idea "balances on one hand, the privacy rights of the individual who are receiving the information, but on the other hand, given the technology, the necessity of having some omnibus search capability utilizing filters that would identify the illegal activity as it comes through and give us the ability to preempt that illegal activity where it comes through a choke point."

In response, Issa said: "Can you have someone on your staff designated to work with members of Congress on trying to craft that legislation?"

If any omnibus Internet-monitoring proposal became law, it could implicate the Fourth Amendment's guarantee of freedom from unreasonable searches and seizures. In general, courts have ruled that police need search warrants to obtain the content of communication, and the federal Wiretap Act created "super warrant" wiretap orders that require additional steps and judicial oversight.

In addition, it's unclear whether "illegal activity" would be limited to responding to denial-of-service attacks and botnets, or would also include detecting other illegal activities, such as online gambling, the distribution of "obscene" images of adults engaged in sexual acts, or selling drugs without a license.

To be fair, Wednesday's discussion of the plan was geared toward cybercrime and the Bush administration's classified "cyberinitiative," which includes a shadowy program known as Einstein.

Some politicians have already raised concerns that even Einstein, which is described as dealing only with government networks and not private ones, could infringe upon the privacy rights of American citizens. It's already in place at 15 federal agencies, but Homeland Security has said it's still preparing the necessary privacy impact assessments for a proposed $293 million governmentwide Einstein expansion.

Issa, for his part, referred on Wednesday to malicious attacks being undertaken by foreign and domestic hackers who want to "take control of computers" and harvest the national-security secrets and private information of government agencies, private companies, and individual Americans.

"What authorities do you need to monitor, looking for those illegal activities, and then act on those, both defensively and, either yourselves or certainly other agencies, offensively in order to shut down a crime in process?" Issa asked.

In response, Mueller said he would be happy to have his legislative staff work with members of Issa's committee on creating a bill for a broader-reaching surveillance system.

Issa suggested that perhaps the FBI already has the power to seek voluntary private-sector partners that would like to be "defended" by its agents, provided that they give the FBI their consent. Mueller, however, wasn't so sure, saying, "that's going to require some thought."

[6:00 pm: Updated story with additional quotations from transcript of the hearing.]

CNET News.com's Declan McCullagh contributed to this report.

You may recall that during the heat of the 2006 primary race that prompted then-Democratic Sen. Joe Lieberman to go Independent, the Connecticut politician's Web site, as a colleague of mine so eloquently noted, dropped dead.

At the time, conspiracy theories abounded. There was twittering that liberal bloggers who backed Lieberman's antiwar Democratic rival, Ned Lamont (who went on to win the primary, by the way) were responsible for the site's inaccessibility, and Lieberman's own campaign maintained that a denial-of-service attack had occurred.

Now, nearly two years later, we finally know whom to blame: the Lieberman campaign's own system configuration.

A recent Freedom of Information Act request by the Stamford Advocate, a local newspaper, turned up an FBI memo that concluded there was no evidence of an attack.

Rather, "the server that hosted the joe2006.com Web site failed because it was overutilized and misconfigured," according to an e-mail message dated October 25, 2006 from the FBI's New Haven, Conn., office.

The site crashed because Lieberman officials were exceeding a 100-e-mails-per-hour limit, as configured by their system administrator, on the night before the primary, the memo went on. The system administrator "misinterpreted the root cause" of the additional Web traffic overwhelming the Web server and declared it was being attacked, the FBI memo said.

Lieberman, of course, ultimately won re-election to the Senate as an Independent Party candidate during the November election. The 2000 running mate to Democratic presidential contender Al Gore has also been on the road campaigning for this year's presumptive Republican presidential nominee, John McCain.

WASHINGTON--As Congress debates whether to wipe out lawsuits accusing telephone companies of allegedly illegal wiretaps, the Bush administration has argued such cooperation is key to keeping Americans safe from terrorists.

FBI Director Robert Mueller continued that push on Wednesday, but he wouldn't go so far as to say those "private partners" would stop installing requested wiretaps unless certain legal protection is granted.

To some extent, Mueller is stating the obvious: Federal law requires telephone and Internet companies to comply with lawful wiretap court orders or lawful certifications from the attorney general, with stiff penalties for noncompliance. But Mueller said in various ways that he was concerned that lack of retroactive liability protection would harm the government's "relationships" with telephone companies -- which seems to leave in doubt whether all of the administration's requests were legal.

The seemingly reluctant admission came during pointed questioning by Sen. Arlen Specter (R-Penn.) at a Senate Judiciary Committee hearing. Specter, the committee's ranking member, has proposed an amendment--which has so far been unsuccessful--to a controversial spy law update that would allow lawsuits alleging illegal spying by telephone companies to continue, except with government lawyers substituted in the companies' place.

FBI Director Robert Mueller said he disagreed with that approach, arguing it would provide a "disincentive" for communications companies to team up with federal terrorism investigations.

Then the following exchange ensued:

Specter: A disincentive, OK, but do you think they would stop?
Mueller: I think it is a disincentive...
Specter: But do you think they would stop?
Mueller: I think it would hamper our relationships, yes.... I do think it would hinder our relationships.
Specter: Disincentive, hamper, hinder, but I don't hear you say it would stop....
Mueller: I'm not going to say it's going to stop, but I do believe delay is detrimental to the safety of the country. Delay and lack of clarity, lack of simplicity guiding our relationships inhibits our ability to get the information we need on a daily basis.

The Senate has already passed a bill that would provide so-called retroactive immunity to telephone companies that have been the subject of lawsuits filed between the September 11 attacks and a January 2007 date when the attorney general submitted a once-secret National Security Agency surveillance program for court review. The bill would also provide such immunity going forward and wipe out state-level investigations of possible improprieties.

The House of Representatives refused to take up that bill before a temporary spy law expansion expired February 16 but is reportedly working on a compromise that it originally hoped to bring to a vote this week. At issue is broader modernization of a 1978 law called the Foreign Intelligence Surveillance Act, or FISA, which requires government agents to obtain a court order before gathering intelligence information from conversations that may include U.S. persons.

Later on Wednesday, however, House Majority Leader Steny Hoyer (D-Md.) said a bill won't be on the floor Thursday as predicted, according to a transcript of a briefing for reporters. He said further decisions about how to proceed won't likely be made until late this week or early next week.

"We have said all along, and we continue to believe, that the existing FISA statute authorizes the intelligence community to seek such authority as it needs to act to intercept such communications as it believes are relevant and gives to the telecommunications company the appropriate protections that it needs, so that we believe that the existing law will allow the administration to accomplish what it needs to do," Hoyer said. "However, we do believe that the existing law ought to be modernized, and we are working on that."

Mueller urged passage of the Senate bill with the immunity provisions. By way of defending that suggestion, he said he's not aware of any instance when telecommunications companies have "acted irresponsibly" and that, furthermore, "they are most knowledgeable about the information kept in their databases and how to utilize the software they have developed themselves in order to be responsive."

"We need the active participation of telecommunications carriers more than we have in the past because of the advent of various means of communicating, whether it be cell phones or e-mails, in addition to the advent of regular telephones," the FBI director went on.

Sen. Patrick Leahy (D-Vt.), the Judiciary Committee's chairman, argued that the only time that federal authorities have found wiretaps cut off was owed to their own negligence. He said he was "astonished" by a Justice Department report issued earlier this year that revealed that telephone companies had shut off bureau-initiated wiretaps--including at least one related to suspected terrorists--because the agency had failed to pay $66,000 in bills.

"This is yet another example of the kind of incompetence that plagued the administration's actions in the aftermath of Katrina," Leahy said. "It is unacceptable."

Mueller said the bureau has since put in place "mechanisms to make sure all the bills are paid on time" and downplayed the effect of the wiretap lapses, which he said occurred in only two instances and lasted just a few days. The effect on those investigations, he said, was "minimal at best."

WASHINGTON--The FBI's abuse of secret requests for telephone and e-mail logs was not limited to a three-year period described in an earlier report, the bureau's director acknowledged to a Senate committee on Wednesday.

Last spring, the U.S. Department of Justice's inspector general released a report that the FBI overstepped its authority and may have broken the law from 2003 to 2005 in its use of that covert investigative tool known as a national security letter--an admission that drew rebuke from congressional Democrats and Republicans alike. The Patriot Act dramatically expanded the FBI's authority to issue national security letters.

Now the inspector general has identified "similar" problems that also persisted in 2006, with details to be disclosed in a forthcoming report, FBI Director Robert Mueller told a U.S. Senate committee on Wednesday. He attempted to downplay those findings by assuring the Senate Judiciary Committee that the activity predates "reforms" the agency has since put into place.

"We have instituted new procedures and internal oversight mechanisms to ensure we as an organization minimize the chance of future lapses," he said at a wide-ranging morning hearing on FBI oversight.

The FBI has created a new Office of Integrity and Compliance tasked with identifying and mitigating "areas of potential risk," and the bureau "will continue our vigilance in this area," Mueller added. Last year, he told a House committee that agents had also been "retrained" in how to use the letters and emphasized that none of the missteps was found to be "intentional."

The 2001 Patriot Act gave the FBI expanded ability to use the tactic to obtain confidential information on Americans from banks, credit card companies, credit bureaus, telephone companies, and Internet service providers. National security letters do not require court approval and rely on the investigator's certification that the request is "relevant" to a probe. Recipients are generally not allowed to disclose the document's existence, except to an attorney or others approved by the FBI.

News of the forthcoming report drew surprisingly little attention from the senators present at Wednesday's hearing. Sen. Chuck Grassley (R-Iowa) accused the FBI of stonewalling the committee's requests for internal documents related to its reportedly inappropriate requests for phone records. "Here we are a year later, and the FBI has only produced 15 heavily redacted pages," he said.

But Sen. Patrick Leahy (D-Vt.), the committee's chairman, merely said in his opening statement that he found last year's report "troubling" and looked forward to hearing how the abuses were being "corrected."

There are some jobs offered on Craigslist that some people would kill for, but this one may have asked a bit too much.

A Michigan woman is accused of using the popular bulletin board site to try to hire a hit man to kill the wife of a man with whom she had had an affair. Ann Marie Linscott, 49, was arrested Thursday at her home in Grand Rapids, after allegedly posting an ad in November for a "freelance" job, according to a report by the Associated Press.

Respondents to the ad were offered $5,000 to "eradicate a female living in Oroville, California," and given her name, address and other personal information, the AP reported, citing authorities and court documents.

Authorities are expected to ask that Linscott be extradited to face charges in California. Her court-appointed attorney was not reachable for comment Saturday.

Craigslist is no stranger to postings that solicit illegal activities. In the past, the popular site has seen ads for prostitution, fake sex ads to harass people, and even an invitation to loot and trash a house.

But this appears to be the first time someone has solicited murder on the site, according to Craigslist CEO Jim Buckmaster.

"Out of 550 million classified ads posted over 12 years, this is the first such incident that we're aware of," Buckmaster wrote in an e-mail to the AP. "But again, the ad itself was generic, and we're not a party to subsequent private e-mail communications."

Even law enforcement officers were left shaking their heads.

"I've seen some screwy things, but I've personally never heard of anything like this," Drew Parenti, special agent in charge of the Sacramento, Calif., FBI office, told the AP.

Today the FBI announced the completion of Bot Roast II, the second phase of an ongoing investigation into the creation and use of botnets for illegal online activity. Botnets are networks created by remotely controlling several hundred or several thousand compromised computers worldwide. In 2007, botnets have been used by criminals in various ways to make money online. The ongoing investigation, in at least one specific case, is being assisted by the U.S. Secret Service.

Among the results announced today are three new indictments, the guilty pleas from two others, and the sentencing of three others. To date, the FBI says it has uncovered more than $20 million in economic losses. In one case, it has confirmed damages of nearly $20,000 as the result of distributed denial-of-service attacks caused by a botnet.

One of the individuals named today was at the completion of Bot Roast I in June. He is Jason Michael Downey of Covington, Kentucky, who was sentenced in U.S. District Court, Eastern District of Michigan on October 23, 2007. He will serve 12 months in prison followed by probation, restitution, and community service. One of Downey's victims confirmed to the FBI that financial damages as a result of the DDoS attacks launched by Downey's botnet amounted to losses of $19,500.

New indictments include:

Ryan Brett Goldstein, 21, of Ambler, Pennsylvania. He was indicted on November 1, 2007, by a federal grand jury in the Eastern District of Pennsylvania. Goldstein allegedly used a botnet to create a distributed denial-of service attack on the University of Pennsylvania this past summer.

Gregory King, 21, of Fairfield, California. He was indicted on September 27, 2007, by a federal grand jury in the Central District of California on four counts of transmission of code to cause damage to a protected computer. King allegedly conducted DDoS attacks against various companies.

Robert Matthew Bentley of Panama City, Florida. He was indicted on November 27, 2007, by a federal grand jury in the Northern District of Florida. Bentley allegedly used a botnet for coding and adware schemes. This investigation is being conducted by the U.S. Secret Service.

Additional sentence announced include

Alexander Dmitriyevich Paskalov, 38, with multiple U.S. addresses, was sentenced on October 12, 2007, in U.S. District Court, Northern District of Florida, and received 42 months in prison for his participation in a significant and complex phishing scheme that targeted a major financial institution in the Midwest and resulted in multimillion dollar losses.

Azizbek Takhirovich Mamadjanov, 21, residing in Florida, was sentenced in June 2007 in U.S. District Court, Northern District of Florida, to 24 months in prison for his part in the same Midwest bank phishing scheme as Paskalov. Paskalov established a bogus company and then opened accounts in the names of the bogus company. The phishing scheme in which Paskolov and Mamadjanov participated targeted other businesses and electronically transferred substantial sums of money into their bogus business accounts. Immigrations Customs Enforcement, Florida Department of Law Enforcement, and the Panama City Beach Police Department were active partners in this investigation.

Those awaiting sentencing include:

Adam Sweaney, 27, of Tacoma, Washington. He pled guilty on September 24, 2007, in U.S. District Court, District of Columbia. Sweaney conspired with others to send spam, then gained control of bot-controlled computers to launch additional spam and DDoS attacks.

John Schiefer, 26, of Los Angeles, California. He agreed to plead guilty on November 8, 2007, in U.S. District Court in the Central District of California. Schiefer used malicious software to intercept Internet communications, steal usernames and passwords, and defraud legitimate businesses by fraudulently purchasing goods for himself. Schiefer is the first person to be charged under the federal wiretap statute for conduct related to botnets.

Other arrests announced with Operation Bot Roast I include James C. Brewer of Arlington, Texas, who is alleged to have operated a botnet created from compromised computers at Chicago area hospitals, and Robert Alan Soloway of Seattle, Washington, who is alleged to have used botnets to relay tens of millions of spam e-mails.

The FBI recommends using and updating antivirus software, installing a firewall, not opening unknown e-mail attachments, and using strong passwords as ways to guard against the installation on and use of your personal computer for botnet activity.

The FBI is replacing the Microsoft Access software it uses to track National Security Letter (NSL) wiretap cases with a new, automated, database management system sporting a Java Enterprise Edition application server using Oracle software.

The agency wants to eliminate manual entry of "cumbersome and error-prone" data on its eavesdropping cases. The way it stands now, the databases are not even connected to each other. Instead, an employee must manually enter every NSL lead sent to the Office of General Counsel (OGC)--a process that could take up to a dozen fields including a 15-digit alphanumeric identifier. The new system will automatically "populate" the data data fields so users will only have to enter the information once. (Note to FBI HR; better check the Government Typist Full Employment Act.)

"The OGC database was a giant technological step forward from three-by-five index cards once used to track NSLs," FBI Deputy Director John S. Pistole testified in a House Permanent Select Committee on Intelligence hearing. But "it is not an acceptable system given the significant increase in use of NSLs since 9/11." (PDF)

An NSL is a type of administrative subpoena that requires no probable cause or judicial oversight and comes with a gag order. So if you get one, don't tell anybody.