FBI fat-thumbs data centre raid A bungled FBI raid on a data centre has taken out an unknown number of Web sites. Apparently targeting a particular – but unnamed – customer of DigitalOne, the G-men seized three enclosures of equipment, according to the New York Times. Among the collateral damage is New York publisher the Curbed Network, and the Pinboard …
Not a bad point, though not completely relevant. This could easily happen to a hosting or co-location provider. I have my own servers sitting in a co-location facility which could be subject to an FBI raid one day due to another customer in proximity. Even though my servers are clearly marked as belonging to me, the feds may very well van them as well.
You know, just to be thorough.
The big question comes, can the FBI be held liable for damages as a result of taking non-involved servers offline like this? Especially if said servers are outside of the scope of the assumed warrant in-hand at the time? My guess is no, or the process would be expensive beyond the point of principle.
And, of course the resultant trickle down affecting customers of customers of customers of customers, ad nauseum. SOMEONE is going to be nailed to the wall for this.
Paris, nailed.
No, Ray 8, that was just a data centre, and not real cloud computing. Every properly prepared executive board presentation will clearly demonstrate that if you put your data in The Cloud it will be absolutely safe and neither earth quakes not nukes from orbit will be able to hamper access to your data.
What's a JCB? I know it's a company that makes a wide range of construction equipment. From the context in this thread and other places, and from some almost useless online dictionary results, I get the impression it connotes something a little more specfic (like what we USians would call a backhoe).
between this, and http://www.theregister.co.uk/2011/02/18/fed_domain_seizure_slammed/ and the 141 / Kentucky bullshit Im amazed there isnt a massive re-education program in place for the US Justice departments.
seriously, can you imagine this sort of shit going down in a bank? "we have no idea which deposit box. Take em all" "we know the first 6 digits of the laundering account, so freeze all of them starting with that"
someone needs to slap the fuck out of whomever approved the warrant to empty out 3 enclosures.
Wee teacher, cos someone in the DoJ chain clearly needs a tech lesson.
a proper warrant would have required DigitalOne to clone the *particular* customer's data and take only that *particular* customer's site(s) offline .. not necessarily in that order
if they do not have the knowledge and skill to do that, what is the fucking point of taking a bunch of racks they probably can't fire up without DigitalOne's help ? .. DigitalOne should be the first in line to sue
do hope they get sued for any damages, however it is very hard to sue the Feds, and harder to sue the FBI ( only if the scope of the warrant was violated ), and impossible to sue a Fed judge for damages
the colo/server farm site at all. Couldn't they have surreptitiously done so without tipping off the target?
Now, the target who may have been smart enough to pay for redundant services may have had "hearbeats" or "beacons" of sorts running between the two sites so that if a take-down happened, they'd know. OTOH, if there was no heartbeat, and their criminal endeavours were disrupted, they'd know.
Siezing 285k feet of server racks could take hundreds of techs weeks or months if they're looking for physical evidence, but, with the right cooperation from the sysadmins, might sweep all the servers' data files (contiguous and scattered) in weeks. In any case, it's going to be expensive to find whatever it is their court order specifies, and it should come out of their budget if critical services disrupted can be traced back to this scattershot takedown/confiscation. Very broad blast.
But, I like that bank analogy:
"seriously, can you imagine this sort of shit going down in a bank? "we have no idea which deposit box. Take em all" "we know the first 6 digits of the laundering account, so freeze all of them starting with that""
First good chuckle of the day for me. There were other chuckles, but yours, Heff, was the best so far, hehehehe.
But, maybe one reason they took the whole shedload was the criminals may have been dastardly and clever enough to cause dispersion of their own files so as to make taking one rack insufficient and taking them all a huge gamble and a political nightmare, as well as a CLM (career-limiting move) for all signature authorities involved.
@ray What has any of this got to do with cloud computing? This is an old school hosting company, not a cloud provider.
If you had a well designed cloud based setup you could quickly rebuild your infrastructure at another location or even on another provider.
I'd be impressed if even the FBI could confiscate enough of Amazons AWS infrastructure to cause them a serious problem.
...for illegal purposes. Already "white hats" have used rented cloud capacity to cheaply demonstrate proof of concept attacts which would otherwise be impossible or impractical with resources available to ordinary folk.
So what happens when LulzSec, Anonymous, uses a cloud to carry out a DDoS or to brute force a password table? What happens if Pakistan or Iran is discovered using a cloud to run nuclear simulations?
They WON'T be told that it's a commoditised service. They WON'T be told the evidence they are after is not there. They will take every machine (or at least datastore) within their reach and make whatever is outside that reach effectively inaccessible, at least from within the US.
@BB: My favorite piece of news about the (probably pre-LulzSec) hack of Sony was that it was launched from an Amazon Cloud Services box.
Lots of bandwidth, Amazon quite obviously has no effing idea what anyone's doing in there, their own router teams included, and who wants to be Sony had lots of permit ecs2.* rules in their firewalls - and that's assuming they bothered with firewalls on those connections at all.
They might not have; they might have believed the bandwidth salesmen who told them MPLS=VPN.
Another reason why putting your data in the hands of another company is a bad idea. Wonder how many companies might bite the dust because of the FBI's inconsiderate tactics and how much US tax payers might wind up paying as the results of lawsuits by affected companies. This is a good reason for companies to consider just where they off site data to the clouds. FBI stupidity like this might just keep the US from being a major player in cloud computing. Hopefully the more details on how many companies were affect will be published when it becomes available.
"Hopefully the more details on how many companies were affect will be published when it becomes available."
If they've REALLY f**d up as we expect they have there'll be a cover-up "In the interests of National Security" (translation:- they're likely to get their asses sued off and they can't afford it) OR they'll miraculously "find" something dodgy on all of the siezed drives and lock up all of the owners. (More paperwork bu thte headlines will read "US winning the war on terror")
Me, cynical, never.. (it's the one with the RAID 5 pockets)
The way the installation is described it is not really Cloud, but if your servers are hosted or virtually hosted at a third party data center it might be worth finding out who your "neighbours" are in the racking. Impossible I know, but it could be an embarrassing question to ask your hosting company.
"Excuse me, but are any .xxx websites hosted in the same rack as my mega corp server?"
Do they? At some point a bright spark will remember that all they have to do is tinker with CALEA et al and force the cloud to allow real time network access to whatever they want. And as we are all potential terrorists, without any court orders or indeed any other oversight.
"A Smith & Wesson beats four aces".
I don't suppose the Dibble half-inching a bunch of hardware was very high up in the planning. If it wasn't for the damage done to other users, the FBI's ultimate low-tech hack might even be funny. Part of me really hopes they're investigating a DoS attack.
That said, I wouldn't be laughing if my site was one of those not working.
Oh, there may be a few. Don't expect any victories for the Little Guy, though.
Sovereign Immunity claims by the FBI alone will tie up the case for decades, and that's assuming the Gov't doesn't win their case. Should the gov't fail in claiming Immunity, the next steps will continue at whatever glacial pace the best government lawyers can force.
There's little point to it all, except to make oneself a big enough nuiscance that the Fibbies releaqse the hardware just to shut the owners up. Of course, the Fibbies might instead turn their magnifying glass on the plaintiffs, too...
> another instance spins up on the other side of the world
You might hope so, and if you've paid extra then it might do so. At least the first time. After that you tend to run out of server farms.
The current incarnation of The Cloud is more marketing hype than engineering reality.
For all the hype you have to remember that we are still talking about spinning magnetic disks in boxes on racks in buildings. Excepting a couple of giants, an individual "cloud provider" is achingly vulnerable today. The cloud is *not* a distributed storage/compute system, like the kind of global RAID the mainstream press imagine it to be; it is just a contract, an SLA and Someone Else's Problem.
> This would be almost impossible to do without seizing every machine in a cloud scenario.
Not at all, you simply snapshot the virtual machine and take a back-up. Or in cheaper incarnations you just snapshot the data. On the other hand, if you want to be sure to have an evidence trail, you take the entire data store and all mirrors and backups. That would be fun for the other customers.
In a data centre you can still point to your server. In a cloud the server is meaningless, but I do not think you can point to your disk drive.
Is right next to East Virginia (see the comic strip "Shoe")
There are plenty of server farms in northern Virginia. This story seems to be getting a lot of coverage in the Washington, DC area, it was even mentioned on the radio. The radio report mentioned unnamed "payment processors" as affected.
One of the servers for the popular app Instapaper was also taken by the FBI in this raid:
This URL has more coverage:
http://blog.instapaper.com/post/6830514157
"In the night F.B.I. has taken 3 enclosures with equipment plugged into them, possibly including your server — we cannot check it.”
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
