HOME

TheInfoList



Click Here for Items Related To - Network Investigative Technique
OR:
Network Investigative Technique on:   [Wikipedia]   [Google]   [Amazon]

Network Investigative Technique (NIT) is a form of
malware Malware (a portmanteau of ''malicious software'')Tahir, R. (2018)A study on malware and malware detection techniques . ''International Journal of Education and Management Engineering'', ''8''(2), 20. is any software intentionally designed to caus ...
(or hacking) employed by the
FBI The Federal Bureau of Investigation (FBI) is the domestic Intelligence agency, intelligence and Security agency, security service of the United States and Federal law enforcement in the United States, its principal federal law enforcement ag ...
since at least 2002. It is a
drive-by download In computer security, a drive-by download is the unintended download of software, typically Malware, malicious software. The term "drive-by download" usually refers to a download which was authorized by a user without understanding what is being ...
computer program designed to provide access to a computer.


Controversies

Its usage has raised both Fourth Amendment concerns and
jurisdiction Jurisdiction (from Latin 'law' and 'speech' or 'declaration') is the legal term for the legal authority granted to a legal entity to enact justice. In federations like the United States, the concept of jurisdiction applies at multiple level ...
al issues. The FBI has to date, despite a court order, declined to provide the complete code in a child sex abuse case involving the Tor anonymity network. On May 12, 2016
Mozilla Mozilla is a free software community founded in 1998 by members of Netscape. The Mozilla community uses, develops, publishes and supports Mozilla products, thereby promoting free software and open standards. The community is supported institution ...
filed an
amicus curiae An amicus curiae (; ) is an individual or organization that is not a Party (law), party to a legal case, but that is permitted to assist a court by offering information, expertise, or insight that has a bearing on the issues in the case. Wheth ...
brief inasmuch as the FBI's exploit against the
Mozilla Mozilla is a free software community founded in 1998 by members of Netscape. The Mozilla community uses, develops, publishes and supports Mozilla products, thereby promoting free software and open standards. The community is supported institution ...
Firefox Mozilla Firefox, or simply Firefox, is a free and open-source web browser developed by the Mozilla Foundation and its subsidiary, the Mozilla Corporation. It uses the Gecko rendering engine to display web pages, which implements curr ...
web browsers potentially puts millions of users at risk. It asked that the exploit be told to them before it is told to the defendant, thus raising Fifth Amendment issues as well. Also, US District Judge Robert J. Bryan in Tacoma, Washington has ruled that while the defendant in ''United States v. Michaud'' has the right to review the code, the government also has the right to keep it secret (two other federal judges in related cases have ruled to suppress evidence found as a result of the NIT); On May 25, 2016, however, he ruled that "For the reasons stated orally on the record, evidence of the NIT., the search warrant issued based on the NIT., and the fruits of that warrant should be excluded and should not be offered in evidence at trial..." In March 2017 the
American Civil Liberties Union The American Civil Liberties Union (ACLU) is an American nonprofit civil rights organization founded in 1920. ACLU affiliates are active in all 50 states, Washington, D.C., and Puerto Rico. The budget of the ACLU in 2024 was $383 million. T ...
,
Electronic Frontier Foundation The Electronic Frontier Foundation (EFF) is an American international non-profit digital rights group based in San Francisco, California. It was founded in 1990 to promote Internet civil liberties. It provides funds for legal defense in court, ...
, and the National Association of Criminal Defense Lawyers released a 188-page guide to enable meaningful 4th Amendment analysis. In April a Minnesota judge ruled that the warrant was invalid from the moment it was signed, given that the FBI agent ''knew'' that it exceed the jurisdictional requirements of Rule 41. All evidence gathered after that warrant was served was hence the fruit of the poisonous tree.


Examples of government deployed NITs

The ACLU and Privacy International successfully litigated (see 8-cv-1488 the release of U.S. sealed court records that revealed details about a NIT deployed in 2016 on 23 separate onion services of the
Tor (network) Tor is a free overlay network for enabling anonymous communication. It is built on free and open-source software run by over seven thousand volunteer-operated relays worldwide, as well as by millions of users who route their Internet traf ...
. Th
sworn affidavit
submitted by a Special Agent of the FBI (affidavit template formerly written by the NAIC) indicated the NIT had the following abilities: "The NIT will reveal to the government environmental variables and certain registry-type information that may assist in identifying the computer, its location, and the user of the computer...." *The "activating" computer's actual IP address, and the date and time that the NIT determines what that IP address is; *A unique identifier (e.g., a series of numbers, letters, and/or special characters) to distinguish the data from that of other "activating" computers.
That unique identifier will be sent with and collected by the NIT; *The type of operating system running on the computer, including type (e.g., Windows), version (e.g., Windows 7), and architecture (e.g., x 86); *Information about whether the NIT has already been delivered to the "activating" computer; *The "activating" computer's Host Name. A Host Name is a name that is assigned to a device connected to a computer network that is used to identify the device in various forms of electronic communication, such as communications over the Internet; * The "activating" computer's Media Access Control ("MAC") address. The equipment that connects a computer to a network is commonly referred to as a network adapter. Most network adapters have a MAC address assigned by the manufacturer of the adapter that is designed to be a unique identifying number. A unique MAC address allows for proper routing of communications on a network. Because the MAC address does not change and is intended to be unique, a MAC address can allow law enforcement to identify whether communications sent or received at different times are associated with the same adapter.


List of Government Operations

There is a growing list of government operations that are known to have used NITS. * Operation Torpedo * Operation Pacifier


See also

* Computer and Internet Protocol Address Verifier


References

{{reflist


External links


Playpen affidavit
* ttps://www.documentcloud.org/documents/2830408-MozillaMotion.html#document/p1 Mozilla amicus curiae Computer security exploits Digital forensics software Federal Bureau of Investigation