New powers for police to hack your PC Without A Warrant

Backdoors don't have to be locally installed. Maybe someone found a backdoor, literally, to your ISP, and decided to watch you from that end. Obviously by then, it's out of any AV or HIPS.

Warrents vs. no warrents. To obtain a warrent, you go through a legal process to verify the evidence and to make sure that the search/seizure is not illegal and reasonable.

 

OK so lets say you look at it this way, the government gives powers to the spies to make these decisions on their own, they have enough evidence to pursue their own case without the need or time it takes for a Judge to sign a warrant, this way they can catch the perp when they have the chance, this gives them more time to work on their cases because they no longer need to waist valuable time and funds getting a Judge to sign a warrent!

I know it sounds bad but hey their the ones with all the power, If you don't like it find a place that doesn't do these things or start your own campaign to try and stop these things, but the truth will still remain the same, they will and are going to do it regardless of what anybody thinks about it!

Mabee I should just call it an easy access point and their the ones with the key!

 

The constitution works just fine. Warrants are needed (thank God) in searches and siezures in all criminal cases except those involving national security. Your comment that a warrant is "just a piece of paper," is far, far from the truth.

 

My comment in my last post was pointed at those who live in the "UK"

Not the USA!

 

Open source software such as Linux, Firefox, or Open Office have backdoors?

 

With the previous FISA laws in the US, if it was an emergency like that, they already had the power to go ahead and spy, but they had a certain amount of time to submit their findings so that there would be some scrutiny to prevent abuse. FISA, from what I understand, was created to prevent the abuses that were occurring around the time of the Nixon Admin.

Now as for all of this pedophile scare tactic stuff? That is a big sham. It is a hot button that sets off a kind of hysteria that will allow them to do anything without any oversight. Like spy on political opponents, peace groups, the queers (they were caught intercepting emails from gay college students in several states without a warrant), the vegetarians, spy on a personal enemy or as a favor for a friend, to blackmail someone, or spy on a business interest. Who would know? Well, no one is allowed to know. In fact they will be thrown into prison for even talking about it.

"Power corrupts. Absolute power corrupts absolutely".

I use to leave CNN running all the time. Then one day I heard this remarkable statement. They said that 1 out of 5 children are approached by a pedophile on the net who tries to lure them into sex. I stopped everything that I was doing because I was shocked! I thought to myself that this could not possibly be true. So I did some research. And sure enough, it did not even resemble the truth. I found the study and it said nothing of the sort.

And through my research I also discovered that child sexual abuse has declined by a whopping 53% since 1994......about the same time that the internet really took off. 53%!!! In fact, sexual assaults and rapes have been declining as internet use has increased. Rape in all categories has declined 82% or 83% since 1973.

As soon as the Bush administration announced that they would be spying on reporters, informants and whistle blowers started zipping it up. Foreign sources too. So that is a freedom of speech issue and a freedom of the press issue and a right to privacy issue. I am an American and I am also a big Founding Fathers fan. And I consider these types of behaviors to be incredibly un_American. So get a warrant because no citizen should ever be abused by their government. This all needs to be scrutinized.

"Those who would give up Essential Liberty to purchase a little Temporary Safety, deserve neither Liberty nor Safety". Benjamin Franklin

 

I didn't ever say that, but as with any OS, or software, Open source, or not, Nothing is perfect!

Again I wasn't talking about the US!

 

I go on the assumption that every application has a backdoor or phones home for somereason.

 

Warrents can be abused or forged.

Open Source software, like all software, have vulnerabilities. Matter of if it's discovered or not.

Every country has it's own set of laws and regulations regarding warrents and spying and eavesdropping.

And yes, power does tend to corrupt.

As long as you have nothing to hide, your safe. Even if they do single you out of a couple of million of people, you got nothing. Unless they decide to frame you.

 

The fact that software has vulnerabilities does not prove that governmental authorities (or anyone else for that matter) can place code remotely on someone's computer at will.

But it is possible the authorities might get lucky and the computer they're watching is not fully patched, or they have knowledge of a remote code execution zero-day vulnerability in software running on that computer. The latter are highly critical; they're usually fixed within days once publicly exploited and discovered by the developer, so would probably be considered less likely.

Again, the article in question told only a partial truth:

As stated earlier in the thread, some vulnerability (defect, bug, backdoor, undocumented feature - call it what you want), and not just any vulnerability, but a specific type of vulnerability that allows remote code execution through some piece of software, has to be present and successfully exploited in order for anyone to remotely install a 'virus' on someone's system. Without this, it is not knowingly possible.

To assume that secret 'backdoors' exist in consumer software (especially open source software) and are known to authorities (for example, in Europe or North America) so that they can make use of it to monitor people at will, is nothing more than speculation, some would say paranoid speculation.

 

Doesn't have to be an exploit. Could be just brute-force.

 

And the case is tossed out forever.

 

BruitForce is used to Crack Passwords, it is not used to hack into somebody's machine wile the user is logged on! you would need to physically have the users Machine to use Bruitforce to try to crack his/her login password if they are using Whole Disk Encryption, if not their is a trick to just reset the password to gain access!

 

Getting a backdoor in Open-Source software is difficult. A lot of eyes go through those sources and most popular open-source projects are scanned for obvious defects by software. So it isn't feasible.
Closed source is a different story. You call it paranoid, but doesn't the Chinese Skype contain a backdoor? And aren't there a lot of government agencies and intelligence agencies who want access to Skype calls?
Windows doesn't even need a backdoor. I'm pretty sure the NSA/CIA have a copy of the source, all they need to do is search for a bug which enables a backdoor.

Monitoring people at will is something they won't do (yet), but nothing would surprise me nowadays.

 

The government has endless resources and power.

Count on it; if they wanted to convict you, then you can consider it done.

 

LOL.

The Skype company can probably eavesdrop on conversations if they wish, especially with a valid court order, according to Bruce Schneier and also Simson Garfinkel who has studied Skype security. But there is no evidence whatsoever that there is the capacity for authorities even with legal access to remotely search an individual's PC through a backdoor in the Skype software anymore than there is in NOD32 or Returnil. If someone seriously questions this, they should ask any of the developers on these forums if they have the capacity to remotely search your PC through their software.

But more importantly, if malware makers learned of any secret backdoors in end-user software, wouldn't it be much less likely for the backdoor to remain in place because of the potential to exploit it? That was the reasoning people used when complaining about the hidden Sony 'rootkit' a few years ago, that it was potentially exploitable by malware to remotely take over a computer because of vulnerabilities in it. Microsoft and others also have strong economic interests in making their software as secure as they can, I would think.

 

I wouldn't expect to find backdoors or deliberate flaws in individual applications. That would involve too many people, too many companies, etc, resulting in too much risk of it being discovered. That said, it wouldn't surprise me at all if Windows itself had a deliberate backdoor for use by the powers that be. I've often wondered why such a monopoly as MS has been allowed to continue and grow, unless big brother got something they've wanted out of it in return.

 

Where I live it would take a year or more in Cook County jail before a righteous judge tosses it out (unless you are rich or connected).

In the meantime you have to have connections or money to get protection from the inmates.

Pray that the cops have not put out the "word" that you are a sex offender of any kind as this is seen in prison culture as the lowest of the low and are due jail house justice (true or not, this is used as a threat in "interrogations" to get you to "cop" to a lesser "crime"). It happens less now, but it still happens unfortunately.

Chicago is like the isolated old city-states with its own morality which trumps any other "state wide" or "federal" laws/customs ect..

This is the State of Illinois and the City of Chicago from which the next president comes from (hopefully he is not cut from the same cloth and changes the pernicious laws that allow these things [ good bye to the Patriot Act? or at least a reformation of it? I sure hope so]).

 

regarding the talk of back doors here. even if they did have a secret back door
key in windows, for them to be able to remotely monitor your activities they would still have to install their malware on your pc right ?

And a good hips should prevent installation of this.

 

What some fail to understand in the case of the U.S, is all this can happen with one penstroke:

* EXECUTIVE ORDER 10990 allows the government to take over all modes of transportation and control of highways and seaports.

* EXECUTIVE ORDER 10995 allows the government to seize and control the communication media.

* EXECUTIVE ORDER 10997 allows the government to take over all electrical power, gas, petroleum, fuels and minerals.

* EXECUTIVE ORDER 10998 allows the government to take over all food resources and farms.

* EXECUTIVE ORDER 11000 allows the government to mobilize civilians into work brigades under government supervision.

* EXECUTIVE ORDER 11001 allows the government to take over all health, education and welfare functions.

* EXECUTIVE ORDER 11002 designates the Postmaster General to operate a national registration of all persons.

* EXECUTIVE ORDER 11003 allows the government to take over all airports and aircraft, including commercial aircraft.

* EXECUTIVE ORDER 11004 allows the Housing and Finance Authority to relocate communities, build new housing with public funds, designate areas to be abandoned, and establish new locations for populations.

* EXECUTIVE ORDER 11005 allows the government to take over railroads, inland waterways and public storage facilities.

* EXECUTIVE ORDER 11051 specifies the responsibility of the Office of Emergency Planning and gives authorization to put all Executive Orders into effect in times of increased international tensions and economic or financial crisis.

* EXECUTIVE ORDER 11310 grants authority to the Department of Justice to enforce the plans set out in Executive Orders, to institute industrial support, to establish judicial and legislative liaison, to control all aliens, to operate penal and correctional institutions, and to advise and assist the President.

# EXECUTIVE ORDER 11049 assigns emergency preparedness function to federal departments and agencies, consolidating 21 operative Executive Orders issued over a fifteen year period.

# EXECUTIVE ORDER 11921 allows the Federal Emergency Preparedness Agency to develop plans to establish control over the mechanisms of production and distribution, of energy sources, wages, salaries, credit and the flow of money in U.S. financial institution in any undefined national emergency. It also provides that when a state of emergency is declared by the President, Congress cannot review the action for six months.

# EXECUTIVE ORDER 12148 created the Federal Emergency Management Agency (FEMA) that is to interface with the Department of Defense for civil defense planning and funding. An "emergency czar" was appointed. FEMA has only spent about 6 percent of its budget on national emergencies, the bulk of their funding has been used for the construction of secret underground facilities to assure continuity of government in case of a major emergency, foreign or domestic.

# EXECUTIVE ORDER 12656 appointed the National Security Council as the principal body that should consider emergency powers. This allows the government to increase domestic intelligence and surveillance of U.S. citizens and would restrict the freedom of movement within the United States and granted the government the right to isolate large groups of civilians. The National Guard could be federalized to seal all borders and take control of U.S. air space and all ports of entry.

Pay particular attention to Order 12656. This gives them the right to do exactly what this topic is about. Even without enacting this order explicitly, in the name of national security all rights are out the window. That is the way it is, and nothing is going to change that. Also, you may raise your fists in anger all you please in regards to a government entity monitoring your online activities, however, the right to privacy as referred to in the Fourth Amendment states the following: "The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.".

This refers to you and YOUR property, your internet connection does not belong to you, it is provided to you through payment of a service provider. Therefore, said government entity can produce a warrant/reasonable doubt to the service provider and not step one foot on your rights. And, if they have a warrant or enough reasonable doubt to monitor your connection, then out goes the right of privacy for the data stored on the computer.

One last thing, as I mentioned, national security interests have very little limits on what can/can't be done. So, if the government states it is of national security, very little can be done to stop them. I'm all for rights too, but we need to understand the legal powers of governments. Just because we don't like it, doesn't mean it's illegal. I'm sorry if that just plain sucks, but in the U.S at least, it is what it is.

 

dw426 you have gone a little off topic here.

This really has nothing to do with US laws.

whether it is lawful for the authorities to hack into your pc's or not doesn't matter. We are not debating on what the Laws are or if it should be Lawful or not.

lets stay on topic and continue the Technical discussion about the ways the police can or can't hack into your pc etc.

 

Actually that's not true. dw426 was on topic - at least concerning the title of this thread which says: "New powers for police..."
And concerning the link posted by the OP which is a newspaper article discussing, at the beginning, the legality of government hacking.

 

No, they do not have to install anything. They can observe you w/o anything being dropped on your PC.

HIPS can only help if they are dropping something on your PC, say a keylogger.

 

A lot of those Executive Orders will soon be gone.

It would not take a year to show a forged warrant was used. Any decent public defender would have you out within the day. Forged warrants are a rarity. Abuse of warrants in collusion with a crooked judge is a more likely scenario. Cook County? Yeah, I can see that easily.