> Today, it came to the Government’s attention—based on data obtained through the use of a pen register on the defendant’s gmail account—that the defendant
used a VPN or “Virtual Private Network” to access the internet on January 29, 2023, and February 12, 2023.
It's amusing that the Government calls what they're doing with Google a "pen register". They usually do that to squeeze through the small exception in the Fourth Amendment created by Smith v. Maryland.
The pen register shown in that Wikipedia article is mine. To use it, you need physical access to a phone line, probably at the central office. You put in a blank spool of paper tape, add stamp pad ink to the ink roller, and wind it up with a big brass key. When it detects a dial pulse, the clockwork mechanism starts the tape moving, and each dial pulse produces a dash on the tape. There's a mechanical idle timer which stops tape movement after a few seconds of idle time. I built a box with a phone dial to run that brass device as a demo.
That's what law enforcement had to use in the days of electromagnetic central offices. Only long distance calls were logged. Local calls were, at most, counted. That's why the Supreme Court decision refers to a pen register as an "extremely limited" device.
I mean, I knew that there was mass surveillance occurring, but to this extent... perhaps I needed a refresher on just how much warrantless data is being collected on the citizens of the United States.
The DEA has warrantless access to with no judicial oversight under "administrative subpoenas" originated by the DEA. The DEA pays AT&T to maintain employees throughout the country devoted to investigating call records through this database for the DEA. The database grows by 4 billion records per day, and presumably covers all traffic that crosses AT&T's network. Internal directives instructed participants never to reveal the project publicly.
Information that is legally collectible according to 2014 pen trap laws includes:
Phone
* Dialed numbers
* Received call numbers
* The time the call was made
* Whether the call was answered, or went to voice-mail
* The length of each call
* Content of SMS text messages
* The real-time location of a cell phone to within a few meters
Email
* All email header information other than the subject line
* The email addresses of the people to whom an email was sent
* The email addresses of people whom received the email
* The time each email is sent or received
* The size of each email that is sent or received
Internet
* IP address, port, and protocol used
* The IP address of other computers on the Internet that information was exchanged with
* Time-stamp and size information of Internet access
* Protocol traffic analysis to obtain URL web addresses surfed on the web, emails posted or read, instant messages exchanged, and information posted onto message boards
The last one is particularly damning. Interesting that no warrant is needed for any of this.
Crucially, they said, the phone data is stored by AT&T, and not by the government as in the N.S.A. program. It is queried for phone numbers of interest mainly using what are called “administrative subpoenas,” those issued not by a grand jury or a judge but by a federal agency, in this case the D.E.A.
Administrative subpoena authorities allow executive branch agencies to issue a compulsory request for documents or testimony without prior approval from a grand jury, court, or other judicial entity.
---
Planting AT&T employees and deeply embedding them within the government like that, utilizing "administrative subpoena's" that require no grand jury OR judge (just the DEA themselves) is, in my personal opinion, a breach of my 4th amendment right.
So... let me get this straight... SBF is currently on bail... and the state and his lawyers are arguing about the exact bail terms that should apply...
Shouldn't the terms of bail be set before bail is granted?
> the state and his lawyers are arguing about the exact bail terms that should apply
My understanding is his bail terms didn’t mention a VPN. The government is petitioning the court to alter the bail terms to now prohibit the use of a VPN.
His lawyers are trying to create an issue where none exists, with the implicit threat of bringing up civil rights claims in motion work and at appeal, jacking up the cost to the prosecution.
This is how wealthy defendants operate: argue every little thing to death, then plant stories in the media like 'prosecutors have spent amazing high $/% of budgeted taxpayer monies on trying to prosecute one guy'.
And worse, they then asked the defence lawyers if it would be acceptable to add a 'no VPN' term...
Those defence lawyers then presumably consulted their client before agreeing to it...
So... SBF used a VPN, and was then asked "Heya, we're considering banning you from using VPN's because we can't track what you do on them, what do ya think??". And only later did a ban come into force... Giving plenty of time to use a VPN for whatever deeds he doesn't want the court to know about...
They apparently caught him because he logged into a wiretapped gmail with a VPN. It's not difficult to segment your network such that some software does not use a VPN tunnel. On Linux, it can even be made fool-proof with network namespaces.
You can even render the default network namespace barren such that any accidentally launched software has no network of any kind.
I interpreted it differently - I'm assuming what "pen register" means in relation to GMail is that they get the metadata (i.e. who he is sending/receiving email from) and saw that he used his email to sign up for a VPN.
> You can even render the default network namespace barren such that any accidentally launched software has no network of any kind.
This sounds extremely appealing. Do you have any quick-start resources for this, or do we just have to read the complete documentation for Linux namespaces?
Looks like [0] is the judge's order that SBF stop using VPN services until after Feb 24 and [1] seems to be some kind of appeal from SBF's counsel for a time extension "to make additional submissions to the Court" until Feb. 17 (apologies as I'm not familiar with what such a document would technically be called).
I'd personally argue, considering the title, that the judge's order is more relevant since I figure it would probably not exist unless SBF actually used a VPN.
> Maybe his strategy is to be such a fucking idiot that he can pretend there is no way he could mastermind such a big scam.
It's the strategy SBF's father is using too. The current FTX CEO, the one in charge of the bankruptcy, said in front of congress that one house worth $16m was bought in the Bahamas in SBF's parents' name.
SBF's father is specialized in tax laws. And he's on video record saying: "I'm helping FTX with legal matters".
And what does SBF's father have to say about the real estate bought in its name in the Bahamas?
"We weren't aware we had real estate in our names in the Bahamas" (paraphrasing, I don't remember the exact sentence their spokeperson used)
I mean... Once it's recorded, in front of congress, that there's real estate bought with stolen money in your name in the Bahamas, there's not that much you can do...
Besides playing the complete, total and utter idiot.
It's remarkable to me the consequences of people telling you you're a mega-genius without you realizing they're telling you for their own benefit.
It makes perfect sense why everyone, sincere and fraudster alike, would want to promote SBF as a boy genius. It's a great marketing tool, it helps convince people who don't understand crypto to have faith in the product, and you also get someone who believes the spotlight should be on them, which is particularly useful for any fraudsters who would prefer to remain in the shadows.
Clearly SBF never questioned that praise (who would at the time?), and still is operating as though he were smarter and more special than everyone around him. The sad irony is it reveals that he's markedly less clever than most of the people he associates with. Caroline Ellison, at least from what I've seen, seems to have realized quite quickly that the smartest choice was to quickly realize she wasn't a brilliant as she had been told.
That hypothesis comes up repeatedly, but I imagine it would hinge on whether or not judges would say to themselves, "he's too stupid to jail". IANAL, but I believe judgement is based on whether or not you did "it", whatever "it" might be. Then at sentencing a judge could use "stupid" as a mitigating factor. For example, "normally you'd get 20 years, but because you're stupid..."
But I can not emphasize enough that IANAL, and this is just (as with most folks, I would guess) something I pulled out of my butt. Based on what little interaction I've had with the U. S. justice system, man, I sure wouldn't let the outcome rest on the judge's view of my intelligence, though.
At this point I'm convinced the only reason he's allowed out on bail is so that the prosecutors can run up the score on how many crimes he'll ultimately be charged with
Revoke his bail! He has always been a major flight risk due to the possibility that he has squirreled away many millions via crypto. 250m of surety has not been provided and now due to the use of a VPN we cannot be assured he has not already made arrangements to flee and or tampered with witnesses.
> Fifth, a VPN is a more
secure and covert method of accessing the dark web.
This is not accurate, unless they are considering Tor a VPN too?
I guess using a VPN before accessing Tor could make it so your local router and ISP not know but its super insecure to give a VPN all your Tor traffic, and Tor Bridges also do that.
Using a VPN is not a crime. Not only that, it's not unethical. In fact, to do many ethical things in this country, such as download scientific papers, one must often use a VPN.
I don't get what the issue is, do the bail terms prohibit one from using a VPN? if so it's a done deal but if it doesn't there's absolutely nothing wrong with him using it.
Agreed. Using a VPN is often the most ethical behavior (SciHub, for instance).
It seems to me that using customer deposits that should have been safe guarded was wrong and a crime, but it's not clear that's what happened, and there's an obvious smear campaign against him just throwing mud against the wall to see what sticks.
The state is playing whack-a-mole on somebody who's allowed internet access. It's a losing proposition, he will always find another way to technically not break the rules.
This dude just cannot tell the truth even for a second.
Obviously nobody needs a VPN to watch something on a national broadcast and he's clearly up to SOMETHING that he shouldn't be under the guise of accessing his NFL game pass account.
This is continual sociopath behavior from someone who can't possibly believe that they could ever do anything wrong, and they are simply misunderstood.
[+] [-] pphysch|3 years ago|reply
https://en.wikipedia.org/wiki/Pen_register
[+] [-] Animats|3 years ago|reply
The pen register shown in that Wikipedia article is mine. To use it, you need physical access to a phone line, probably at the central office. You put in a blank spool of paper tape, add stamp pad ink to the ink roller, and wind it up with a big brass key. When it detects a dial pulse, the clockwork mechanism starts the tape moving, and each dial pulse produces a dash on the tape. There's a mechanical idle timer which stops tape movement after a few seconds of idle time. I built a box with a phone dial to run that brass device as a demo.
That's what law enforcement had to use in the days of electromagnetic central offices. Only long distance calls were logged. Local calls were, at most, counted. That's why the Supreme Court decision refers to a pen register as an "extremely limited" device.
[+] [-] unknown|3 years ago|reply
[deleted]
[+] [-] alwayslikethis|3 years ago|reply
[+] [-] sschueller|3 years ago|reply
[+] [-] gzer0|3 years ago|reply
The DEA has warrantless access to with no judicial oversight under "administrative subpoenas" originated by the DEA. The DEA pays AT&T to maintain employees throughout the country devoted to investigating call records through this database for the DEA. The database grows by 4 billion records per day, and presumably covers all traffic that crosses AT&T's network. Internal directives instructed participants never to reveal the project publicly.
Information that is legally collectible according to 2014 pen trap laws includes:
Phone
Email Internet The last one is particularly damning. Interesting that no warrant is needed for any of this.[1] https://www.nytimes.com/2013/09/02/us/drug-agents-use-vast-p...
[2] https://archive.nytimes.com/www.nytimes.com/interactive/2013...
---
Crucially, they said, the phone data is stored by AT&T, and not by the government as in the N.S.A. program. It is queried for phone numbers of interest mainly using what are called “administrative subpoenas,” those issued not by a grand jury or a judge but by a federal agency, in this case the D.E.A.
Administrative subpoena authorities allow executive branch agencies to issue a compulsory request for documents or testimony without prior approval from a grand jury, court, or other judicial entity.
---
Planting AT&T employees and deeply embedding them within the government like that, utilizing "administrative subpoena's" that require no grand jury OR judge (just the DEA themselves) is, in my personal opinion, a breach of my 4th amendment right.
[+] [-] londons_explore|3 years ago|reply
Shouldn't the terms of bail be set before bail is granted?
[+] [-] JumpCrisscross|3 years ago|reply
My understanding is his bail terms didn’t mention a VPN. The government is petitioning the court to alter the bail terms to now prohibit the use of a VPN.
[+] [-] anigbrowl|3 years ago|reply
This is how wealthy defendants operate: argue every little thing to death, then plant stories in the media like 'prosecutors have spent amazing high $/% of budgeted taxpayer monies on trying to prosecute one guy'.
[+] [-] londons_explore|3 years ago|reply
Those defence lawyers then presumably consulted their client before agreeing to it...
So... SBF used a VPN, and was then asked "Heya, we're considering banning you from using VPN's because we can't track what you do on them, what do ya think??". And only later did a ban come into force... Giving plenty of time to use a VPN for whatever deeds he doesn't want the court to know about...
[+] [-] unknown|3 years ago|reply
[deleted]
[+] [-] rogers18445|3 years ago|reply
You can even render the default network namespace barren such that any accidentally launched software has no network of any kind.
[+] [-] cmeacham98|3 years ago|reply
[+] [-] throw10920|3 years ago|reply
This sounds extremely appealing. Do you have any quick-start resources for this, or do we just have to read the complete documentation for Linux namespaces?
[+] [-] panki27|3 years ago|reply
[+] [-] notch898a|3 years ago|reply
[+] [-] dang|3 years ago|reply
(I'm running out the door but will try to check this later)
[+] [-] lcnPylGDnU4H9OF|3 years ago|reply
I'd personally argue, considering the title, that the judge's order is more relevant since I figure it would probably not exist unless SBF actually used a VPN.
[0] https://ia801508.us.archive.org/25/items/gov.uscourts.nysd.5...
[1] https://ia801508.us.archive.org/25/items/gov.uscourts.nysd.5...
[+] [-] hesdeadjim|3 years ago|reply
[+] [-] TacticalCoder|3 years ago|reply
It's the strategy SBF's father is using too. The current FTX CEO, the one in charge of the bankruptcy, said in front of congress that one house worth $16m was bought in the Bahamas in SBF's parents' name.
SBF's father is specialized in tax laws. And he's on video record saying: "I'm helping FTX with legal matters".
And what does SBF's father have to say about the real estate bought in its name in the Bahamas?
"We weren't aware we had real estate in our names in the Bahamas" (paraphrasing, I don't remember the exact sentence their spokeperson used)
I mean... Once it's recorded, in front of congress, that there's real estate bought with stolen money in your name in the Bahamas, there's not that much you can do...
Besides playing the complete, total and utter idiot.
[+] [-] time_to_smile|3 years ago|reply
It makes perfect sense why everyone, sincere and fraudster alike, would want to promote SBF as a boy genius. It's a great marketing tool, it helps convince people who don't understand crypto to have faith in the product, and you also get someone who believes the spotlight should be on them, which is particularly useful for any fraudsters who would prefer to remain in the shadows.
Clearly SBF never questioned that praise (who would at the time?), and still is operating as though he were smarter and more special than everyone around him. The sad irony is it reveals that he's markedly less clever than most of the people he associates with. Caroline Ellison, at least from what I've seen, seems to have realized quite quickly that the smartest choice was to quickly realize she wasn't a brilliant as she had been told.
[+] [-] mikestew|3 years ago|reply
But I can not emphasize enough that IANAL, and this is just (as with most folks, I would guess) something I pulled out of my butt. Based on what little interaction I've had with the U. S. justice system, man, I sure wouldn't let the outcome rest on the judge's view of my intelligence, though.
[+] [-] sumeno|3 years ago|reply
[+] [-] NotYourLawyer|3 years ago|reply
[+] [-] corbulo|3 years ago|reply
[+] [-] eastbound|3 years ago|reply
[+] [-] dbuder|3 years ago|reply
[+] [-] yieldcrv|3 years ago|reply
This is not accurate, unless they are considering Tor a VPN too?
I guess using a VPN before accessing Tor could make it so your local router and ISP not know but its super insecure to give a VPN all your Tor traffic, and Tor Bridges also do that.
[+] [-] breck|3 years ago|reply
[+] [-] philippejara|3 years ago|reply
[+] [-] breck|3 years ago|reply
It seems to me that using customer deposits that should have been safe guarded was wrong and a crime, but it's not clear that's what happened, and there's an obvious smear campaign against him just throwing mud against the wall to see what sticks.
I'm still undecided on this one.
[+] [-] notch898a|3 years ago|reply
[+] [-] mblevin|3 years ago|reply
Obviously nobody needs a VPN to watch something on a national broadcast and he's clearly up to SOMETHING that he shouldn't be under the guise of accessing his NFL game pass account.
This is continual sociopath behavior from someone who can't possibly believe that they could ever do anything wrong, and they are simply misunderstood.
It's utterly maddening.
[+] [-] jdkee|3 years ago|reply
[+] [-] 99112000|3 years ago|reply
[+] [-] wombatpm|3 years ago|reply
[deleted]
[+] [-] unknown|3 years ago|reply
[deleted]