Feeds

Feds publish computer search manual

One word: crypto

  • alert
  • submit to reddit

Secure remote control for conventional and virtual desktops

When the Feds lack evidence sufficient to hustle a judge into issuing a warrant to examine a computer's contents, they often politely ask the owner or someone who shares it if they might just have a quick peek at the contents of its HD. Incredibly, a significant number of people foolishly cooperate, and so reveal enough evidence for the nosey buggers to bring to a judge and get the desired warrant.

So Lesson One of the US Department of Justice's latest how-to publication, "Searching and Seizing Computers and Obtaining Electronic Evidence in Criminal Investigations", is 'Just Say No'.

Not that it always works. Your idiot roommate, parent or spouse, if s/he shares your computer, can give the Feds permission to search it. The way to defeat that is to encrypt any file you'd prefer agents of Uncle Sam not see. This puts your data in a category similar to the contents of a locked box to which your housemates haven't got a key. They are assumed not to have authority to open it, and obviously not to have the authority to let anyone else do so either.

Another risky practice is leaving potentially incriminating data unencrypted on a disk when the box is sent to a repairman. Here the repair flake may not authorise the Feds to search your box; the law assumes you have a reasonable expectation of privacy from government snooping when you surrender property for the limited purpose of getting it fixed.

Ah, but nothing can stop the ten-thumbed technician from doing his own, private search of the machine, and alerting the Feds to your collection of bestiality pics. In that case, the coppers are authorised to recapitulate the private search, and if that bit of cherry picking should turn up enough evidence to get a warrant, you're stuffed (not to mention keenly embarrassed).

"The fact that a private person has uncovered evidence of a crime on another person's computer does not permit agents to search the entire computer. Instead, the private search permits the agents to view the evidence that the private search revealed, and, if necessary, to use that evidence as a basis for procuring a warrant to search the rest of the computer," the manual explains.

And in some instances the Feds can lie to you, or anyone else in control of your machine, and still conduct a legal search with consent.

One William Roberts last year was told by agents at an airport that they were searching for "currency" and "high technology or other data" that could not be exported legally.

Of course what they were really looking for was just what they found; the large collection of kiddie porn Roberts had on his laptop machine. Poor Roberts imagined that by consenting to let the Feds look for something he knew he didn't have, the rest of his data would be protected by Constitutional requirements of specificity in searches. Little did he know that while en route to France he and his possessions occupied a Constitutional nether-world. He was being treated to a so-called 'border search', in which the Feds enjoy grossly expanded powers.

And there is the growing trend towards executing 'no-knock' searches of computers, which the DoJ thinks is a splendid practice.

"Agents may need to conduct no-knock searches in computer crime cases because technically adept suspects may 'hot wire' their computers in an effort to destroy evidence. For example, technically adept computer hackers have been known to use 'hot keys,' computer programs that destroy evidence when a special button is pressed. If agents knock at the door to announce their search, the suspect can simply press the button and activate the program to destroy the evidence," the DoJ warns.

Here again, as in all the previous cases, there's only one reliable way to protect your privacy: encryption. Use it. ®

Related Story

Hollywood, software groups push DoJ copyright busts

The essential guide to IT transformation

More from The Register

next story
Kate Bush: Don't make me HAVE CONTACT with your iPHONE
Can't face sea of wobbling fondle implements. What happened to lighters, eh?
Video of US journalist 'beheading' pulled from social media
Yanked footage featured British-accented attacker and US journo James Foley
Caught red-handed: UK cops, PCSOs, specials behaving badly… on social media
No Mr Fuzz, don't ask a crime victim to be your pal on Facebook
Ballmer leaves Microsoft board to spend more time with his b-balls
From Clippy to Clippers: Hi, I see you're running an NBA team now ...
Online tat bazaar eBay coughs to YET ANOTHER outage
Web-based flea market struck dumb by size and scale of fail
Amazon takes swipe at PayPal, Square with card reader for mobes
Etailer plans to undercut rivals with low transaction fee offer
Assange™: Hey world, I'M STILL HERE, ignore that Snowden guy
Press conference: ME ME ME ME ME ME ME (cont'd pg 94)
Call of Duty daddy considers launching own movie studio
Activision Blizzard might like quality control of a CoD film
US regulators OK sale of IBM's x86 server biz to Lenovo
Now all that remains is for gov't offices to ban the boxes
prev story

Whitepapers

5 things you didn’t know about cloud backup
IT departments are embracing cloud backup, but there’s a lot you need to know before choosing a service provider. Learn all the critical things you need to know.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.
Rethinking backup and recovery in the modern data center
Combining intelligence, operational analytics, and automation to enable efficient, data-driven IT organizations using the HP ABR approach.
Next gen security for virtualised datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.