Cops Demand Google Data On Anyone Who Searched A Person's Name... Across A Whole City

Discussion in 'privacy general' started by Minimalist, Mar 17, 2017 at 2:41 PM.

  1. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    5,844
  2. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,238
    This follows, I suspect, from precedents set in the PlayPen cases, allowing local judges to issue national warrants.
     
  3. boredog

    boredog Registered Member

    Joined:
    Feb 1, 2015
    Posts:
    1,666
    It appears it is a broadband warrant for the entire city of Edina, Mn.
     
  4. deBoetie

    deBoetie Registered Member

    Joined:
    Aug 7, 2013
    Posts:
    1,234
    Location:
    UK
    I find this interesting to the extent to which it appears to be quite narrowly framed. Perhaps the test of this is how many results would be obtained. If it were a handful, perhaps that's justifiable, though does rely on your trust that LE will properly exclude and expunge false positives. And the trouble is, given the behavior of the TLAs and LE (over-reach etc) - that trust is negative.

    On the other hand, this does have the strong whiff of general warrants.
     
  5. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    1,721
    Darn, I hope I didn't search using that person's name. If I did they are hot on the trail of my tor exit node IP. LOL! In a more serious observation this is concerning. This makes me consider installing openvpn on my home router. A family member might click on, or query something thinking its curious only to trigger an investigation like this.

    I had a family router crap out on me and now I am in the situation of pro appliance vs upper home router (Asus merlin) setup. Advanced wireless speeds are critical as several devices use 5ghz AC with MIMO. Pfsense seems to be lagging on advanced wireless with MIMO. I will start a separate thread on this. Not trying to fracture this one. Just sayin.
     
    Last edited: Mar 18, 2017 at 4:48 PM
  6. deBoetie

    deBoetie Registered Member

    Joined:
    Aug 7, 2013
    Posts:
    1,234
    Location:
    UK
    @Palancar - yes, my attitudes have also undergone a sea-change to the extent that the risks of false-positives and the erosion of trust and even basic ethics makes it more dangerous than it was to avoid sticking out. The extra-territoriality of laws is also deeply troubling.
     
  7. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    1,721
    I fully concur where/when a VPN is in play. At this point, I still feel raw TOR usage and "sticking out" (your term) is a greater danger than random false positives. To cloak that dilemma for myself, I simply always use VPNs, with SSL wrappers, in front of TOR. I gain the best of both worlds. MY ISP has no clue I use TOR.
     
  8. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,238
    Yeah, same here. Most people use VPNs for torrenting and streaming. It's good cover, and free entertainment.
     
  9. deBoetie

    deBoetie Registered Member

    Joined:
    Aug 7, 2013
    Posts:
    1,234
    Location:
    UK
    Well it's my view that, although VPN use isn't going to mean immediate demerit, it'll have the effect of degrading your LE "score". Who knows if they won't in future do a little auto-implant and scan if you use a VPN.
     
  10. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    1,721

    """ do a little auto implant and scan ''''' ?

    Were you meaning they would collect or database users that employed VPNs? The term auto-implant lost me, but that doesn't take much, LOL! To me the term implant would more indicate placing something upon my hardware and then using it to scan from within, so to speak. That would be way over the line, and in fact I would hope that I would notice, or at least they would get caught with a move like that.
     
  11. deBoetie

    deBoetie Registered Member

    Joined:
    Aug 7, 2013
    Posts:
    1,234
    Location:
    UK
    I mean, auto-hack. These days, their offensive tools are automated, there is nothing technical to prevent this. The trouble is, experience shows that what is technically possible, they will do, sooner or later.

    They could just treat it as a reconnaissance, maybe do a phishing attack, whatever, just to fill in their rating with a bit more data. The point being that human judgement is nowhere to be seen.

    I'm not sure you'd pick it up, or could distinguish it from any other bad actor.
     
  12. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,238
    Well, that's why you compartmentalize. Even if this VM was pwned, my other VMs would be OK. Unless they deployed a VM breakout exploit, which seems unlikely for broad use. Also, there's nothing on this host machine that links to my real identity. And the machines that I do use as my real identity are on a different LAN. And if I'm doing anything weird, I use a different host machine, or use a VPS.
     
  13. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    1,721
    But Mirimir, your response ASSUMES they are coming at you through the exit node side. That is not really the way this thread reads, or even if I am wrong, doesn't always apply. If a mass VPN "dragnet" surveillance was happening they would be noticing VPN use on your ISP end. Now they are coming at you via the ISP side of the tunnel, and that may in fact be a more likely thing than the exit node side. Your ISP confirms a USA (example here) connection. If its a USA agency they would be better served than tracking an exit node side that could be anyone on the planet. I am just hoping that deBoetie has over-estimated the immediate capabilities of those guys, regarding a mass dragnet approach that can "walk through" any firewall without issues. Not a singular target where lots of time is spent and dedicated to penetration, but a mass collection.

    Following up on the nothing on the host linking to you: I use the exact same approach, and yet don't we ultimately have connections to our ISP, albeit it many hops back down the trail? Unless I have a supremely sensitive matter I don't drive to a hotspot.
     
  14. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,238
    I'm not worried about getting pwned on the ISP side. There are no open ports. Plus perimeter firewall and iptables on the host machines. So I doubt that anything malicious could get through. They could pwn the VPN provider, I suppose. But my primary VPN provider has been around the block a few times, and I trust them well enough.

    So the major threat for me is arguably malware in VMs.
     
  15. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    1,721
    No question the exit node side of the tunnel is where most "crap" gets in on systems. I have been looking through my IP tables for a few weeks now, and while I agree that its unlikely for an ISP side attack, are we being remiss or just assuming we are OK at this point? I have spent hours trying to visualize and examine ways in from the ISP side. Once my system is up I don't see one either. The "3 letters" are so powerful though I wouldn't see anything until its too late. Not losing any sleep on this, just pausing once and awhile and giving due consideration that a tunnel has two ends. Know what I mean? LOL!
     
Loading...