Everything a Hacker Needs to Know About Getting Busted By The Feds Part 2

Wednesday, May 24th, 2017

Everything a Hacker Needs to Know About Getting Busted By The Feds Part 2

    Naturally when you are first arrested the suits will want to talk to you. First at your residence and, if you appear to be talkative, they will take you back to their offices for an extended chat and a cup of coffee. My advice at this point is tried and true and we’ve all heard it before: remain silent and ask to speak with an attorney. Regardless of what the situation is, or how you plan to proceed, there is nothing you can say that will help you. Nothing. Even if you know that you are going to cooperate,
    this is not the time.
    This is obviously a controversial subject, but the fact of the matter is 
    roughly 80% of all defendants eventually confess and implicate others. This trend stems from the extremely long sentences the Feds are handing out these days. Not many people want to do 10 to 20 years to save their buddies’ hides when they could be doing 3 to 5. This is a decision each individual needs to make. My only advice would be to save your close friends and family. Anyone else is fair game. In the prison system the blacks have a saying “Getting down first.” It’s no secret that the first defendant in a conspiracy is usually going to get the best deal. I’ve even seen situations where the big fish turned in all his little fish and received 40% off his sentence.
    Incidently, being debriefed or interrogated by the Feds can be an ordeal in
    itself. I would -highly- reccommend reading up on interrogation techniques
    ahead of time. Once you know their methods it will be all quite transparent
    to you and the debriefing goes much more smoothly.
    When you make a deal with the government you’re making a deal with the
    devil himself. If you make any mistakes they will renege on the deal and
    you’ll get nothing. On some occasions the government will trick you into
    thinking they want you to cooperate when they are not really interested in
    anything you have to say. They just want you to plead guilty. When you sign
    the cooperation agreement there are no set promises as to how much of a
    sentence reduction you will receive. That is to be decided after your
    testimony, etc. and at the time of sentencing. It’s entirely up to the
    judge. However, the prosecution makes the recommendation and the judge
    generally goes along with it. In fact, if the prosecution does not motion
    the court for your “downward departure” the courts’ hands are tied and you
    get no break.
    As you can see, cooperating is a tricky business. Most people, particularly
    those who have never spent a day in jail, will tell you not to cooperate.
    “Don’t snitch.” This is a noble stance to take. However, in some situations
    it is just plain stupid. Saving someone’s ass who would easily do the same
    to you is a tough call. It’s something that needs careful consideration.
    Like I said, save your friends then do what you have to do to get out of
    prison and on with your life.
    I’m happy to say that I was able to avoid involving my good friends and a
    former employer in the massive investigation that surrounded my case. It
    wasn’t easy. I had to walk a fine line. Many of you probably know that I
    (Agent Steal) went to work for the FBI after I was arrested. I was
    responsible for teaching several agents about hacking and the culture. What
    many of you don’t know is that I had close FBI ties prior to my arrest. I
    was involved in hacking for over 15 years and had worked as a comp uter
    security consultant. That is why I was given that opportunity. It is
    unlikely however, that we will see many more of these types of arrangements
    in the future. Our relationship ran afoul, mostly due to their passive
    negligence and lack of experience in dealing with hackers. The government
    in general now has their own resources, experience, and undercover agents
    within the community. They no longer need hackers to show them the ropes or
    the latest security hole.
    Nevertheless, if you are in the position to tell the Feds something they
    don’t know and help them build a case against someone, you may qualify for
    a sentence reduction. The typical range is 20% to 70%. Usually it’s around
    35% to 50%.
    Sometimes you may find yourself at the end of the prosecutorial food chain
    and the government will not let you cooperate. Kevin Mitnick would be a
    good example of this. Even if he wanted to roll over, I doubt it would get
    him much. He’s just too big of a fish, too much media. My final advice in
    this matter is get the deal in writing before you start cooperating.
    The Feds also like it when you “come clean” and accept responsibility.
    There is a provision in the Sentencing Guidelines, 3E1.1, that knocks a
    little bit of time off if you confess to your crime, plead guilty and show
    remorse. If you go to trial, typically you will not qualify for this
    “acceptance of responsibility” and your sentence will be longer.
    Many hackers may remember the Craig Neidorf case over the famous 911 System
    Operation documents. Craig won his case when it was discovered that the
    manual in question, that he had published in Phrack magazine, was not
    proprietary as claimed but available publicly from AT&T. It was an egg in
    the face day for the Secret Service.
    Don’t be misled by this. The government learned a lot from this fiasco and
    even with the laudable support from the EFF, Craig narrowly thwarted off a
    conviction. Regardless, it was a trying experience (no pun intended) for
    him and his attorneys. Th e point I’m trying to make is that it’s tough to
    beat the Feds. They play dirty and will do just about anything, including
    lie, to win their case. If you want to really win you need to know how they
    build a case in the first place.

    There is a document entitled “Federal Guidelines For Searching And Seizing
    Computers.” It first came to my attention when it was published in the
    12-21-94 edition of the Criminal Law Reporter by the Bureau of National
    Affairs (Cite as 56 CRL 2023 ) . It’s an intriguing collection of tips,
    cases, mistakes and, in general, how to bust computer hackers. It’s
    recommended reading.
    Search and seizure is an ever evolving jurisprudence. What’s not
    permissible today may, through some convoluted Supreme Court logic, be
    permissible and legal tomorrow. Again, a complete treatment of this subject
    is beyond the scope of this paper. But suffice it to say if a Federal agent
    wants to walk right into your bedroom and seize all of your computer
    equipment without a warrant he could do it by simply saying he had probable
    cause (PC). PC is anything that gives him an inkling to believe you we re
    committing a crime. Police have been known to find PC to search a car when
    the trunk sat too low to the ground or the high beams were always on.
    Fortunately the Feds still have to show a little restraint when wielding
    their wiretaps. It requires a court order and they have to show that there
    is no other way to obtain the information they seek, a last resort if you
    will. Wiretaps are also expensive to operate. They have to lease lines from
    the phone company, pay agents to monitor it 24 hours a day and then
    transcribe it. If we are talking about a data tap, there are additional
    costs. Expensive interception/translation equipment must be in place to
    negotiate the various modem speeds. Then the data has to be stored,
    deciphered, decompressed, formatted, protocoled, etc. It’s a daunting task
    and usually reserved for only the highest profile cases. If the Feds can
    seize the data from any other so urce, like the service provider or victim,
    they will take that route. I don’t know what they hate worse though, asking
    for outside help or wasting valuable internal resources.
    The simplest method is to enlist the help of an informant who will testify
    “I saw him do it!,” then obtain a search warrant to seize the evidence on
    your computer. Ba da boom, ba da busted.
    Other devices include a pen register which is a device that logs every
    digit you dial on your phone and the length of the calls, both incoming and
    outgoing. The phone companies keep racks of them at their security
    departments. They can place one on your line within a day if they feel you
    are defrauding them. They don’t need a court order, but the Feds do.
    A trap, or trap and trace, is typically any method the phone company uses
    to log every number that calls a particular number. This can be done on the
    switching system level or via a billing database search. The Feds need a
    court order for this information too. However, I’ve heard stories of
    cooperative telco security investigations passing the information along to
    an agent. Naturally that would be a “harmless error while acting in good
    faith.” (legal humor)
    I’d love to tell you more about FBI wiretaps but this is as far as I can go
    without pissing them off. Everything I’ve told you thus far is public
    knowledge. So I think I’ll stop here. If you really want to know more,
    catch Kevin Poulsen (Dark Dante ) at a cocktail party, buy him a Coke and
    he’ll give you an earful. (hacker humor)
    In closing this subpart I will say that most electronic surveillance is
    backed up with at least part-time physical surveillance. The Feds are often
    good at following people around. They like late model mid-sized American
    cars, very stock, with no decals or bumper stickers. If you really want to
    know if you’re under surveillance, buy an Opto-electronics Scout or Xplorer
    frequency counter. Hide it on your person, stick an ear plug in your ear
    (for the Xplorer) and take it everywhere you go. If you he ar people
    talking about you, or you continue to hear intermittent static (encrypted
    speech), you probably have a problem.
    After you plead guilty you will be dragged from the quiet and comfort of
    your prison cell to meet with a probation officer. This has absolutely
    nothing to do with getting probation. Quite the contrary. The P.O. is
    empowered by the court to prepare a complete and, in theory, unbiased
    profile of the defendant. Everything from education, criminal history,
    psychological behavior, offense characteristics plus more will be included
    in this voluminous and painfully detailed report about your life. Every
    little dirty scrap of information that makes you look like a sociopathic,
    demon worshiping, loathsome criminal will be included in this report.
    They’ll put a few negative things in there as well.
    My advice is simple. Be careful what you tell them. Have your attorney
    present and think about how what you say can be used against you. Here’s an
    P.O.: Tell me about your education and what you like to do in your spare time.
    Mr. Steal: I am preparing to enroll in my final year of college. In my
    spare time I work for charity helping orphan children.
    The PSR then reads “Mr. Steal has never completed his education and hangs
    around with little children in his spare time.”

    Get the picture?
    Pro Se or Pro Per is when a defendant represents himself. A famous lawyer
    once said “a man that represents himself has a fool for a client.” Truer
    words were never spoken. However, I can’t stress how important it is to
    fully understand the criminal justice system. Even if you have a great
    attorney it’s good to be able to keep an eye on him or even help out. An
    educated client’s help can be of enormous benefit to an attorney. They may
    think you’re a pain in the ass but it’s your life. Take a hold of it.
    Regardless, representing yourself is generally a mistake.
    However, after your appeal, when your court appointed attorney runs out on
    you, or you have run out of funds, you will be forced to handle matters
    yourself. At this point there are legal avenues, although quite bleak, for
    But I digress. The best place to start in understanding the legal system
    lies in three inexpensive books. First the Federal Sentencing Guidelines
    ($14.00) and Federal Criminal Codes and Rules ($20.00) are available from
    West Publishing at 800-328-9 352. I consider possession of these books to
    be mandatory for any pretrial inmate. Second would be the Georgetown Law
    Journal, available from Georgetown University Bookstore in Washington, DC.
    The book sells for around $40.00 but if you write them a letter and tell
    them you’re a Pro Se litigant they will send it for free. And last but not
    least the definitive Pro Se authority, “The Prisoners Self Help Litigation
    $29.95 ISBN 0-379-20831-8. Or try http://www.oceanalaw.com/books/n148.htm
    If you disagree with some of the information presented in the presentence
    report (PSR) you may be entitled to a special hearing. This can be
    instrumental in lowering your sentence or correcting your PSR. One
    important thing to know is that your PSR will follow you the whole time you
    are incarcerated. The Bureau of Prisons uses the PSR to decide how to
    handle you. This can affect your security level, your halfway house, your
    eligibility for the drug program (which gives you a year off your sentence)
    ,and your medical care. So make sure your PSR is accurate before you get

    In most cases it will be necessary to formally ask the court to have your
    property returned. They are not going to just call you up and say “Do you
    want this Sparc Station back or what?” No, they would just as soon keep it
    and not asking for it is as good as telling them they can have it.
    You will need to file a 41(e) “Motion For Return Of Property.” The courts’
    authority to keep your stuff is not always clear and will have to be taken
    on a case-by-case basis. They may not care and the judge will simply order
    that it be returned.
    If you don’t know how to write a motion, just send a formal letter to the
    judge asking for it back. Tell him you need it for your job. This should
    suffice, but there may be a filing fee.
    If you have an outstanding warrant or charges pending in another
    jurisdiction you would be wise to deal with them as soon as possible
    -after- you are sentenced. If you follow the correct procedure chances are
    good the warrants will be dropped (quashed). In the worst case scenario,
    you will be transported to the appropriate jurisdiction, plead guilty and
    have your “time run concurrent.” Typically in non-violent crimes you can
    serve several sentences all at the same time. Many Federal inmates have
    their state time run with their Federal time. In a nutshell: concurrent is
    good, consecutive bad.
    This procedure is referred to as the Interstate Agreement On Detainers Act
    (IADA). You may also file a “demand for speedy trial”, with the appropriate
    court. This starts the meter running. If they don’t extradite you within a
    certain period of time , the charges will have to be dropped. The “Inmates’
    Self-Help Litigation Manual” that I mentioned earlier covers this topic
    quite well.

    There are probably a few of you out there saying, “I triple DES encrypt my
    hard drive and 128 character RSA public key it for safety.” Well, that’s
    just great, but… the Feds can have a grand jury subpoena your passwords
    and if you don’t give them up you may be charged with obstruction of
    justice. Of course who’s to say otherwise if you forgot your password in
    all the excitement of getting arrested. I think I heard this once or twice
    before in a Senate Sub-committee hearing. “Senator, I have no recollection
    of the aforementioned events at this time.” But seriously, strong
    encryption is great. However, it would be foolish to rely on it. If the
    Feds have your computer and access to your encryption software itself, it
    is likely they could break it gi ven the motivation. If you understand the
    true art of code breaking you should understand this. People often overlook
    the fact that your password, the one you use to access your encryption
    program, is typically less than 8 characters long. By attacking the access
    to your encryption program with a keyboard emulation sequencer your triple
    DES/128 bit RSA crypto is worthless. Just remember, encryption may not
    protect you.



Leave a Reply

Your email address will not be published. Required fields are marked *