FBI's NIT Hit 8,000 Computers In 120 Countries... As Did The Child Porn It Was Redistributing

On the other hand, who needs to wait for the Rule 41 changes to kick in?

In January, Motherboard reported on the FBI's "unprecedented" hacking operation, in which the agency, using a single warrant, deployed malware to over one thousand alleged visitors of a dark web child pornography site. Now, it has emerged that the campaign was actually an order of magnitude larger.

In all, the FBI obtained over 8,000 IP addresses, and hacked computers in 120 different countries, according to a transcript from a recent evidentiary hearing in a related case.

No need to sit back and wait for the DOJ's proposed Rule 41 changes -- including the stripping of jurisdictional limitations for search warrants -- to default their way into adoption on December 1st. This worldwide search, performed under the authority of a single warrant issued by a single judge in Virginia, is just the FBI acting first and asking for forgiveness codification later. From the day two transcript [PDF]:

Every time Your Honor grants a discovery request and we get new information, it's like -- to use an appropriate metaphor, like peeling an onion. There's just another layer of fact there that we did not know about. I mean, we did not know this was a truly global warrant before. There are 120 countries and territories listed outside the United States that the FBI hacked into, and they also hacked into something called a "satellite provider." So now we are into outer space as well.

It's not just the hacking of computers around the world. It's also the FBI's brief stint as perhaps the world's largest distributor of child porn. From the day one transcript [PDF]:

Your Honor, starting with Michaud, and what we know now is there was no discussion of trying to limit the distribution. There were no protocols for these agents for handling or limiting the distribution of child pornography. And the scale of the distribution now went out to at least 120 countries, at least 1 million images. And it is absolutely mind boggling, we have not seen something like this.

And for all the area covered by the investigation -- the number of computers scattered all over the world the FBI sent its NIT to -- there, so far, seems to be very little to show for the agency's efforts. Defense lawyer Colin Fieman:

We have never, in our nation's history as far as I can tell, seen a warrant so utterly sweeping. 100,000 potential targets. Something like 8700 IP addresses captured. At least 1152 open investigations. And now oddly enough only, about 214 arrests.

[...]

What's even more disturbing, even if they disagree about the efficacy of some of those methods, we now know from Agent Alfin's recent testimony which we cited, there was absolutely no discussion at the Department of Justice or the FBI about protocols in terms of handling this stuff or whether these methods of limiting, at least limiting the most egregious distribution were viable. Nobody cared.

Fieman quotes an earlier case dealing with the FBI's physical distribution of child porn in hopes of netting some arrests. The FBI actually created a child porn "catalog," mailed it to sting targets, and sent the targets the child porn they requested. The court in that case was not happy with the FBI's actions.

The Court took it upon itself to make these statements, because they were so troubled by it. So first they start "we are aware of the necessity of such tactics" -- in terms of undercover operations and baiting with contraband -- "we are aware of the necessity of such tactics in so-called victimless crimes such as drug offenses, but the use of these methods when victims are actually harmed" -- and they are talking about the children depicted in these images -- "is inexplicable."

And "moreover" -- this is again Sherman, continuing with the quote from 549 -- "the government's dissemination of the pornographic materials could hardly be described as a 'controlled' delivery." Well, if it's not a controlled delivery where they were able to send it to the defendant and it sat in his house, I think for a period of time, several weeks, and they recovered it ultimately, the scale of lack of control and heedless distribution in this case is mind boggling.

Fieman goes on to point out that on top of ignoring Rule 41 restrictions, on top of acting as child porn distribution kingpins, the FBI's prized NIT could have been delivered and executed without the collateral damage caused by the redistribution of illegal pornographic images.

One of the very troubling things here, as you know from the NIT warrant, the authorization allowed the FBI to deploy the NIT and complete their searches in a matter of a fraction of a second, at the time the targets landed on the home page. So they had authorization to collect all the information they wanted before anybody actually got the content"

Instead, the government kept the site live and not only distributed what was already hosted there, but allowed users to upload new images to be shared and redistributed.

[I] don't know the exact quantity, because all we know from the disclosure is 43 new series [of photos/videos]. But during just that window of time that the FBI was running this site, 43 new series. That means things that haven't been seen from the National Center for Missing & Exploited Children were launched onto, uploaded with the assistance of the FBI through their file hosting feature, onto the site, and have now circulated globally and will never be recovered.

So, not only was the FBI unconcerned about Rule 41, but it was also not that worried that it would be contributing to the world's child porn problem during its investigation. And, it should be pointed out that this is the second time the FBI has seized a child porn site only to keep it running. It did the same thing back in 2012, but that one flew almost entirely underneath the judicial radar.