[HN Gopher] Justice Department withdraws FBI subpoena for USA To... ___________________________________________________________________ Justice Department withdraws FBI subpoena for USA Today records ID'ing readers Author : prostoalex Score : 50 points Date : 2021-06-05 21:37 UTC (1 hours ago) (HTM) web link (www.usatoday.com) (TXT) w3m dump (www.usatoday.com) | xvector wrote: | I wish services didn't store IPs at all. | | If abuse is an issue, why not hash the IP with a nonce? | codetrotter wrote: | IPv4 space is small so they will subpoena the nonce and find | what the original IP was | kadoban wrote: | For ipv4 is there a difference between storing IPs and storing | their hash with a nonce? You can calculate the hash of every IP | address in reasonable time, so it's reversible. | | Only benefit I can think of is you can forget the nonce and now | the data is securely useless, if the nonce was secure, but that | doesn't seem that useful really. | gizmo686 wrote: | There are only 2^32 possible IP addresses. You can brute-force | that on a personal laptop. | vgaldikas wrote: | There's even less 'usable' ones, when you exclude private | ranges etc... | uses wrote: | Hm, I'm confused, usually the whole point of storing an IP is | in case the visitor uses the platform to do something illegal, | like a death threat. Without the original IP law enforcement | can't subpoena the ISP, etc. But also as someone else said, if | you use a nonce, and I think you mean salt, then it can be | cracked nearly instantaneously anyways due to the small space | of IPv4 (~4 billion). | aneutron wrote: | Sometimes there's a forensic purpose. For example, you want to | know which servers exfiltrated your data and to which IP. | | Or for audit purposes (e.g. you might need to prove to some | regulator no outside access was made, which is stupid but ...) | myself248 wrote: | I'm curious if we'll ever find out what they thought they'd learn | from this. | mathattack wrote: | From the article, that's why they withdrew it. | | --- | | " The subpoena, issued as part of an investigation seeking to | identify a child sexual exploitation offender, was withdrawn | after investigators found the person through other means, | according to a notice the Justice Department sent to USA | TODAY's attorneys Saturday." | resoluteteeth wrote: | I think you may have replied to the wrong comment. | b9a2cab5 wrote: | More likely they acquired the data through other means like | hacking into a "foreign" server. | bellyfullofbac wrote: | Probably easier to subpoena the many many tracking pixel | providers embedded on the USA Today website... | boomboomsubban wrote: | >The government's own guidelines require the FBI to pursue | alternative sources before subpoenaing a newspaper | | Or "we could always just buy this data, we requested it for some | other reason but the media got more pissy than we expected." | | The entire thing is just so strange, why was the challenge not | hidden when the subpoena was? | Turing_Machine wrote: | > President Joe Biden recently criticized the policy, saying it's | "simply wrong" to seize journalists' records. | | The FBI is part of DOJ, which is an executive branch department | under Biden's direct authority. If he thinks it's "simply wrong", | he can just order them not to do it. He's not limited to | "criticizing" it. | bowmessage wrote: | Good point. I'm not sure he's even aware of that option, | unfortunately. | hellow0rldz wrote: | Oh, he is. But it's good PR to make positive statements while | doing whatever you want. | wydfre wrote: | Did anybody bother to lookup the article they wanted to get the | IPs for and get scared out of their minds when they realize what | the title was? | | No, I am wrong, Hacker News is right, I have learned my mistake, | we need anonymity - from everything. | whereis wrote: | Did they want the readership data for malicious, unjustified | reasons? | 2OEH8eoCRo0 wrote: | Probably not | chrischen wrote: | They probably just wanted it to make their jobs easier. | serf wrote: | That's a brilliant side-step over a morality qualm, without | ever really answering the question. ___________________________________________________________________ (page generated 2021-06-05 23:00 UTC)