this post was submitted on 26 Jul 2023
172 points (99.4% liked)

Technology

37720 readers
505 users here now

A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.

Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.

Subcommunities on Beehaw:


This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 2 years ago
MODERATORS
top 37 comments
sorted by: hot top controversial new old
[–] Kalothar@lemmy.ca 120 points 1 year ago (1 children)

TLDR

He was raided for unrelated reasons to his mastodon server, the police have a seize it all policy.

There is talk about changing policy to exclude things like servers and similar devices that are not related to the initial reason for the search. There doesn’t seem to currently be laws or rules about what police can or can’t do with data.

That’s the whole article basically

[–] blueskies@lemmy.zip 42 points 1 year ago (1 children)

Good TLDR

I would also add:

Data gathered from the raid can be used to investigate and prosecute crimes unrelated to the original seizure.

Mastodon does not currently encrypt direct messages.

[–] tombuben@beehaw.org 30 points 1 year ago* (last edited 1 year ago)

That's because Mastodon doesn't have direct messages. It is not a chat platform. You can bend the privacy settings to publish posts similarly to DMs, but no one should use it as such.

[–] argv_minus_one@beehaw.org 28 points 1 year ago* (last edited 1 year ago) (2 children)

The whole point of Mastodon is to speak publicly, so I'm not sure I see the problem.

Other than the server owner's property being unnecessarily confiscated, of course. Such thievery is quite clearly a tactic for depriving defendants of the financial and other resources they need to prove their innocence in court.

[–] zaphod@lemmy.ca 7 points 1 year ago (1 children)

The problem is DMs. Having what appears to be a "private" communication mechanism that isn't private at all might mislead users into divulging information that could put them at risk.

[–] OneRedFox@beehaw.org 21 points 1 year ago* (last edited 1 year ago) (1 children)

When you type up a DM on Mastodon, there's a little popup notice that appears next to the text box that says:

Posts on Mastodon are not end-to-end encrypted. Do not share any sensitive information over Mastodon.

IMO the platform handles informing users about this responsibly.

[–] clmbmb@lemmy.dbzer0.com 7 points 1 year ago

Exactly! Mastodon was not conceived to be a private sharing space.

[–] agentsquirrel@beehaw.org 2 points 1 year ago (1 children)

How is a law enforcement agent staring at some workstations and computers to know what equipment was involved in the alleged crime they are raiding the facility for? If the FBI was raiding a home for child abuse and pornography, there's no way they have the access or expertise at the time of a raid to know the server in the corner is only for Mastodon, the box over there is just a Linux firewall, and that box over there is a porn server. There's no practical way to trust a defendant on site as to what is relevant to an investigation or not. I agree that unnecessary confiscation is a problem, but in general I don't think the ill intent is there. I'm not a law enforcement officer, nor am I lobbying in any way for them, I'm just putting myself in their shoes in this situation.

[–] argv_minus_one@beehaw.org 3 points 1 year ago (1 children)

How is a law enforcement agent staring at some workstations and computers to know what equipment was involved in the alleged crime they are raiding the facility for?

That would be a valid argument if they timely returned whatever they don't need, but they don't, so it isn't.

If the FBI was raiding a home for child abuse and pornography, there’s no way they have the access or expertise at the time of a raid to know the server in the corner is only for Mastodon, the box over there is just a Linux firewall, and that box over there is a porn server.

Maybe not, but if they're not completely incompetent, they'll have images of all of those devices within a day or two. They don't have any legitimate need to keep the seized equipment after that.

The cruelty is the point.

[–] agentsquirrel@beehaw.org 3 points 1 year ago

We're talking about law enforcement agencies, not an IT department. Of course it's technically possible to image a machine quickly. However, there are all kinds of steps and rules for chain of custody, transporting evidence, cataloging it, storing, examining it, etc. and a finite number of personnel to perform the work. Revisiting the child pornography example I used, fingerprints and DNA evidence on equipment could be quite relevant to a case. There may even be a need to examine hard drive platters (old school spinning disk, not SSD obviously) to determine if there was data deleted in the past. It's rather simplistic to say it's a matter of just imaging and returning as quickly as possible. I agree the equipment being gone often presents a hardship for a defendant, but arguing that it's intentionally set up this way to inflict cruelty ignores the reality of investigations.

[–] mtset@beehaw.org 16 points 1 year ago (1 children)

Poor data management practices on the part of this admin.

[–] Lowbird@beehaw.org 10 points 1 year ago (1 children)

It seems like yes, but also:

To make matters worse, it appears that the admin targeted in the raid was in the middle of maintenance work which left would-be-encrypted material on the server available in unencrypted form at the time of seizure.

[–] dan@upvote.au 3 points 1 year ago* (last edited 1 year ago) (1 children)

What type of maintenance work leaves the drive unencrypted?

[–] drwho@beehaw.org 4 points 1 year ago (1 children)

The drive wasn't encrypted, a not-encrypted database dump was on the laptop when the raid happened. It might have had to do with gearing up for the Mastodon update that caused us a lot of grief across Fedi a couple of weeks back. Or it could have been database server debugging; the timing was incredibly bad.

[–] dan@upvote.au 2 points 1 year ago* (last edited 1 year ago) (2 children)

But if the drive wasn't encrypted, how is it "would be encrypted material"?

I'm surprised that people are hosting Mastodon servers without full disk encryption given the overhead isn't significant plus the fact that people have private messages in the DB.

[–] wim@lemmy.sdf.org 4 points 1 year ago (4 children)

Just FYI, when your drive is encrypted, and the system is up and running, the keys for the encryption are in memory and thus recoverable. And even if they were magically protected by something like SGX or a some secure enclave, you can still interact with the machine and the filesystem while it is running.

So full disk encryption is NOT a silver bullet to data protection when being raided.

[–] Butters@lemmywinks.com 3 points 1 year ago (1 children)

Right, and then these comments about “encrypted database” the server application needs to be able to access that data, so it will have the key in its config somewhere right?

[–] drwho@beehaw.org 2 points 1 year ago

Yep. And homomorphic encryption is still very far away from being usable. Efficiency aside, the technology is patent encumbered, which is slowing down research into making it usable.

[–] dan@upvote.au 2 points 1 year ago (1 children)

Yeah I didn't realise they'd capture the memory. I though they just unplug the server and take it.

You could potentially have something that recognizes that the server is being tampered with and automatically shuts it down.

[–] drwho@beehaw.org 1 points 1 year ago

Folks have been working on that for a while. I don't know if there are any usable tricks for that, though, been away from the game too long.

[–] drwho@beehaw.org 2 points 1 year ago

Additionally, hardware-based solutions for attackers have been known for about fifteen years now. Wiebetech, for example, sells a nifty gadget that you plug into a UPS and then carefully slide over the power connector of a running machine. Then you pull the plug from the wall and the machine stays powered up. Net result: Contents of RAM are intact, encrypted drives are still accessible because the OS is still up.

[–] algebro@algebro.xyz 1 points 1 year ago* (last edited 1 year ago) (2 children)

AFAIK it's not that easy to access data on the machine while it's running unless they can bypass the lock screen. People pick stupid passwords for their user accounts so it's totally possible to get in in those cases, but otherwise dont you need really sophisticated side channel attacks to get data out of memory on locked system? It's not like there is some port on the MOBO you can just plug into to get access to RAM

[–] drwho@beehaw.org 1 points 1 year ago

It's also possible to keep the lockscreen from coming up. The mouse cursor jigglers that folks buy as pranks these days started off as another device LEOs use during raids. I think Wiebetech invented that one, too.

As for dumping the contents of RAM from a running machine, look up "memory forensics." It's a thing that LEOs have done for quite a few years as well.

[–] HumbleFlamingo@beehaw.org 1 points 1 year ago

I did some work on this a decade or so ago in college. Data stays in memory a lot longer than you'd think at room temp, like minutes, not seconds. If you spray the modules down with an upside down compressed air can, you have plenty of time to remove it, and plug it into some that can dump it to persistent storage.

[–] adespoton@lemmy.ca 1 points 1 year ago (1 children)

The DB itself is encrypted (usually).

And FDE wouldn’t have helped if the disk was currently mounted and the admin logged in; LEO attempts to preserve things as they are, they don’t just unplug the hardware and walk away with it.

[–] dan@upvote.au 3 points 1 year ago

The DB itself is encrypted (usually).

Which DBs support encryption? Genuinely curious, since I usually use full-disk encryption and so often don't have a need to configure encryption in individual services.

they don’t just unplug the hardware and walk away with it.

Huh, I thought that's exactly what they do during a raid. TIL.

[–] CanadaPlus@lemmy.sdf.org 12 points 1 year ago

According to Kolektiva, the seized database, now in the FBI’s possession, includes personal information such as email addresses, hashed passwords, and IP addresses from three days prior to the date the backup was made. It also includes posts, direct messages, and interactions involving a user on the server.

This is all stuff you should assume isn't private anyway. I'm not so sure about "wakeup call".

[–] wren@sopuli.xyz 11 points 1 year ago* (last edited 1 year ago) (2 children)

And people say what instance you choose doesn't matter. Wild that the choice often seems to be between giving your info to mega corps or trusting a random person who's servers could be raided at any moment for entirely unrelated reasons.

[–] GenderNeutralBro@lemmy.sdf.org 18 points 1 year ago

Given what we've learned about illegal and secret government surveillance from whistleblowers like Edward Snowden, I wouldn't trust a megacorp any more than "a random person".

The government already has the keys to all the megacorps' kingdoms. The only possible way to protect your data is to make sure it uses client-side encryption, and that those encryption keys never under any circumstances travel over the internet.

You should assume that any information you give to ANY site is readily available to all major world governments.

Keep your private messages on end-to-end encrypted platforms like Signal or Matrix. Consider everything else public.

[–] dan@upvote.au 14 points 1 year ago (1 children)

or trusting a random person who's servers could be raided at any moment for entirely unrelated reasons.

IMO the end goal of a decentralized network should be to have a large number of small servers. Any raid/takedown should only affect a small subset of users.

[–] jcrm@kbin.social 5 points 1 year ago (1 children)

Right but the instance I'm on could get taken over by an asshole, and get defederated by, or defederates from, my favourite subs. Then I've got to abandon that account and start a whole new one, same as I did leaving Reddit. I'm really not sold on this model until I can transfer my account somehow.

[–] Joph@programming.dev 9 points 1 year ago (1 children)

I believe Mastodon has a "transfer accounts" feature. I don't know if Lemmy and Kbin do though.

[–] dan@upvote.au 2 points 1 year ago* (last edited 1 year ago) (1 children)

It's tricky to implement though. Unfortunately ActivityPub didn't really consider account transfers as part of the initial protocol design.

It's something Bluesky is doing better, since they designed their system to be able to handle transfers from day 1, as a core part of the protocol. (it's going to become federated, eventually, but using their own protocol instead of ActivityPub).

[–] shagie@programming.dev 6 points 1 year ago* (last edited 1 year ago) (1 children)

It’s tricky to implement though. Unfortunately ActivityPub didn’t really consider account transfers as part of the initial protocol design.

Federating user accounts gets into difficulty with GDPR and similar privacy laws that make it challenging to do right and legally in all jurisdictions.

[–] dan@upvote.au 1 points 1 year ago* (last edited 1 year ago)

Yeah... For EU users, I guess it'd have to be limited based on the relevant data transfer laws (i.e. if your account is on an EU instance, only allow transferring to other EU instances).

[–] Five@beehaw.org 3 points 1 year ago* (last edited 1 year ago)

Admin post from Kolektiva:

🚨 Kolektiva.social SECURITY ALERT 🚨

This is an alert for Kolektiva.social users. Please read this post in its entirety!

In mid-May 2023, the home of one of Kolektiva.social's admins was raided, and all their electronics were seized by the FBI. The raid was part of an investigation into a local protest. Kolektiva was neither a subject nor target of this investigation. Today, that admin was charged in relation to their alleged participation in this protest.

Unfortunately, at the time of the raid, our admin was troubleshooting an issue and working with a backup copy of the Kolektiva.social database. This backup, dated from the first week of May 2023, was in an unencrypted state when the raid occurred and it was seized, along with everything else.

The database is the heart of a Mastodon server. A database copy such as the one seized may include any of the following user data, in this case up to date as of early May 2023:

  • User account information like the e-mail address associated with your account, your followers and follows, etc.
  • All your posts: public, unlisted, followers-only, and direct ("DMs").
  • Possibly IP addresses associated with your account - IP addresses on Kolektiva.social are logged for 3 days and then deleted, so IP addresses from any logins in the 3 days prior to the database backup date would be included.
  • A hashed ("encrypted") version of your password.

🚨 👉 As a precaution we highly recommend that all users on Kolektiva.social change their password immediately to a new, unique, and strong password.

We sincerely apologize to all our users and regret this breach. In hindsight, it was obviously a mistake to leave a copy of the database in an unencrypted state. Unfortunately, what would otherwise have been a small mistake happened to coincide with a raid, due to bad luck and spectacularly bad timing.

We understand that our users and other people on the Fediverse will have a lot of questions. We will try to answer them as best we can, but please be patient and bear in mind that we may be overwhelmed with messages, and may be delayed in responding or unable to provide answers to certain questions for legal or technical reasons. As a security culture reminder, it can be extremely harmful to the individuals charged and to our community to openly speculate on the Internet about alleged criminal activity or about what law enforcement may be able to do with seized data. Our present awareness is that the seized Kolektiva data is unrelated to the federal investigation and prosecution and we are exploring legal avenues to have the seized data returned and copies destroyed.

Thank you for your understanding and solidarity :black_sparkling_heart:

👇 Please see our replies to this post for additional information (1/?) 👇

Oh that's nothing. Remember what happened to kfcc?

load more comments
view more: next ›