Language Selection

English French German Italian Portuguese Spanish

FBI wants more subpoena power

Filed under
Security

FBI Director Robert Mueller said Wednesday that Congress should give the agency the power to issue its own subpoenas, instead of having to get approval for them from a court, so that it can collect information more quickly in terrorism investigations.

Mueller said North Carolina State University initially rebuffed FBI investigators this month when they sought enrollment records for a former graduate student suspected of being linked to the London bombings because the investigators did not have a subpoena.

Although the FBI eventually obtained subpoenas and the records, Mueller used the episode to argue to the Senate Judiciary Committee that the bureau needs the new subpoena power.

"We should've been able to have a document, an administrative subpoena, that we took to the university and got those records immediately," Mueller told the committee.

Lawmakers are trying to determine whether to include FBI subpoena power for gathering anti-terror intelligence in a package of amendments to the USA Patriot Act.

Mueller said he objects to any oversight of an FBI subpoena outside of the bureau.

But Sen. Dianne Feinstein (D-Calif.) said she is leery of giving the FBI anti-terror subpoena power without some Justice Department supervision. The FBI already has the authority to issue administrative subpoenas in certain kinds of cases.

Feinstein said an agent seeking to issue a subpoena should be required to justify the need for it to an assistant U.S. attorney because of the possibility that the FBI would amass information about innocent people.

"The resistance to this makes me suspicious," she said.

At North Carolina State, the FBI sought records for Magdy el-Nashar, an Egyptian who attended the university in 2000 and was believed to have rented a house in Leeds, England, near where four bombs used in the July 7 attacks in London are thought to have been made. The attacks killed 56 people.

El-Nashar, who is wanted for questioning by British authorities, has been detained in Egypt. Officials there have said he has no links to the bombings.

In a statement, the university said that under federal privacy laws, it could not turn over records without a subpoena. In all, North Carolina State eventually was served with three subpoenas pertaining to el-Nashar, the statement said.

Mueller's visit to Capitol Hill coincided with the release of a report by Justice Department Inspector General Glenn Fine that found continued shortcomings in FBI efforts to translate a backlog of foreign-language material, including information related to counterterrorism.

The report found that the FBI now has 8,354 hours of tape recordings involving counterterrorism topics waiting to be reviewed, up from 4,086 hours a year ago. But Fine found that the bureau is up-to-date in translating material deemed "highest priority," a category that includes information relating to Al Qaeda terrorism cases.

On another sore subject for the agency, Mueller said the FBI has made "substantial progress" in upgrading its much maligned technology systems. He said the bureau has bought more powerful computers and built a new secure network.

A contractor for a new case management system, code-named Sentinel, is expected to be selected by the end of the year, he said. Sentinel is slated to be implemented in four stages over 40 months, ending in 2009.

An earlier attempt at a case management systemwas scrapped after three years and an expenditure of $170 million.

By Andrew Zajac
Washington Bureau

More in Tux Machines

Proxmox VE 4.3 released

Proxmox Server Solutions GmbH today announced the general availability of Proxmox Virtual Environment 4.3. The hyper-converged open source server virtualization solution enables users to create and manage LXC containers and KVM virtual machines on the same host, and makes it easy to set up highly available clusters as well as to manage network and storage via an integrated web-based management interface. The new version of Proxmox VE 4.3 comes with a completely new comprehensive reference documentation. The new docu framework allows a global as well as contextual help function. Proxmox users can access and download the technical documentation via the central help-button (available in various formats like html, pdf and epub). A main asset of the new documentation is that it is always version specific to the current user’s software version. Opposed to the global help, the contextual help-button shows the user the documentation part he currently needs. Read more

Games for GNU/Linux

Security News

  • Tuesday's security updates
  • New Open Source Linux Ransomware Divides Infosec Community
    Following our investigation into this matter, and seeing the vitriol-filled reaction from some people in the infosec community, Zaitsev has told Softpedia that he decided to remove the project from GitHub, shortly after this article's publication. The original, unedited article is below.
  • Fax machines' custom Linux allows dial-up hack
    Party like it's 1999, phreakers: a bug in Epson multifunction printer firmware creates a vector to networks that don't have their own Internet connection. The exploit requirements are that an attacker can trick the victim into installing malicious firmware, and that the victim is using the device's fax line. The firmware is custom Linux, giving the printers a familiar networking environment for bad actors looking to exploit the fax line as an attack vector. Once they're in that ancient environment, it's possible to then move onto the network to which the the printer's connected. Yves-Noel Weweler, Ralf Spenneberg and Hendrik Schwartke of Open Source Training in Germany discovered the bug, which occurs because Epson WorkForce multifunction printers don't demand signed firmware images.
  • Google just saved the journalist who was hit by a 'record' cyberattack
    Google just stepped in with its massive server infrastructure to run interference for journalist Brian Krebs. Last week, Krebs' site, Krebs On Security, was hit by a massive distributed denial-of-service (DDoS) attack that took it offline, the likes of which was a "record" that was nearly double the traffic his host Akamai had previously seen in cyberattacks. Now just days later, Krebs is back online behind the protection of Google, which offers a little-known program called Project Shield to help protect independent journalists and activists' websites from censorship. And in the case of Krebs, the DDoS attack was certainly that: The attempt to take his site down was in response to his recent reporting on a website called vDOS, a service allegedly created by two Israeli men that would carry out cyberattacks on behalf of paying customers.
  • Krebs DDoS aftermath: industry in shock at size, depth and complexity of attack
    “This attack didn’t stop, it came in wave after wave, hundreds of millions of packets per second,” says Josh Shaul, Akamai’s vice president of product management, when Techworld spoke to him. “This was different from anything we’ve ever seen before in our history of DDoS attacks. They hit our systems pretty hard.” Clearly still a bit stunned, Shaul describes the Krebs DDoS as unprecedented. Unlike previous large DDoS attacks such as the infamous one carried out on cyber-campaign group Spamhaus in 2013, this one did not use fancy amplification or reflection to muster its traffic. It was straight packet assault from the old school.
  • iOS 10 makes it easier to crack iPhone back-ups, says security firm
    INSECURITY FIRM Elcomsoft has measured the security of iOS 10 and found that the software is easier to hack than ever before. Elcomsoft is not doing Apple any favours here. The fruity firm has just launched the iPhone 7, which has as many problems as it has good things. Of course, there are no circumstances when vulnerable software is a good thing, but when you have just launched that version of the software, it is really bad timing. Don't hate the player, though, as this is what Elcomsoft, and what Apple, are supposed to be doing right. "We discovered a major security flaw in the iOS 10 back-up protection mechanism. This security flaw allowed us to develop a new attack that is able to bypass certain security checks when enumerating passwords protecting local (iTunes) back-ups made by iOS 10 devices," said Elcomsoft's Oleg Afonin in a blog post.
  • After Tesla: why cybersecurity is central to the car industry's future
    The news that a Tesla car was hacked from 12 miles away tells us that the explosive growth in automotive connectivity may be rapidly outpacing automotive security. This story is illustrative of two persistent problems afflicting many connected industries: the continuing proliferation of vulnerabilities in new software, and the misguided view that cybersecurity is separate from concept, design, engineering and production. This leads to a ‘fire brigade approach’ to cybersecurity where security is not baked in at the design stage for either hardware or software but added in after vulnerabilities are discovered by cybersecurity specialists once the product is already on the market.

Ofcom blesses Linux-powered, open source DIY radio ‘revolution’

Small scale DAB radio was (quite literally) conceived in an Ofcom engineer’s garden shed in Brighton, on a Raspberry Pi, running a full open source stack, in his spare time. Four years later, Ofcom has given the thumbs up to small scale DAB after concluding that trials in 10 UK cities were judged to be a hit. We gave you an exclusive glimpse into the trials last year, where you could compare the specialised proprietary encoders with the Raspberry Pi-powered encoders. “We believe that there is a significant level of demand from smaller radio stations for small scale DAB, and that a wider roll-out of additional small scale services into more geographic areas would be both technically possible and commercially sustainable,” notes Ofcom. Read more