A tip usually isn't enough for a search warrant. There's a spectrum of how much proof is required. A search requires less than an arrest, but there's still a significant threshold to pass.

...and that might be enough for a new search warrant to look for drug paraphernalia.

...which would require an arrest warrant, with an even higher burden of proof, and a prosecutor that thinks they can make a case on more than just a few pictures of you not even taken in your house.

That's not very Scottish, either.

Often, yes. You see, I actually understand the design of the US government. It's built to continually revise and improve, and it's been doing so for over 200 years. On the other hand, your opinions have been forming for less than a century, and since you're only a single person, you've undergone far fewer revision cycles, all of which have been from a very limited perspective.

For example:

Is that just, though? It may appeal to your sense of privacy, but would it appeal to your sense of justice to know that any criminal could effectively conceal evidence by simply putting it in a large enough box? How would your neighbors feel about it, knowing that you could be seen kidnapping their children, and the police could do nothing because they wouldn't know what room they're being held in?

Sure, the examples are hypothetical, but the underlying issue of deciding what is right predates your consideration by quite a long while. The best we have so far is a system where certain activities are absolutely permitted, and certain activities are absolutely forbidden, and deciding which category a given situation fits into falls to a judge whose primary interest is to bring the legal precedent closer to a state that everyone considers to be fair. It's not perfect, and likely will never be perfect, but it's closer than having Random Internet Guy simply decide that privacy trumps justice, because he says so.

I wonder how long it will be for a phone to take over the desktop role in a meaningful way (assuming a docking station). We have had some attempts at this, especially with the Motorola Atrix line (RIP) which were pretty good, although the best use (IMHO) was a Citrix receiver [1].

Already, we are seeing the tablet/desktop line blur, as Microsoft's Surface Pro [2] models get better. I wouldn't be surprised to see in a few years, a phone with 256-512 GB of SSD be usable in a docking station for basic desktop functionality, with USB 3.1 ports, maybe even Thunderbolt ports.

[1]: Would be nice to have a multiplatform F/OSS project comparable to Citrix Xen Desktop. No, VNC with its eight digit max password, does not count. X-windows over SSH is good, but doesn't play well with MS-Windows based items.

[2]: The Pro is the keyword... The plain old Surface is ARM based. The Pro is an X86-64 machine.

The investigation is for money laundering. It's not hard to imagine setting up a laundering channel months or years in advance, by conspiring with someone to accept a transfer of money and forward it on to some other conspirator.

Specific place to search: the email account (or the house, in my example). Specific items to be searched for: evidence of money laundering (or a murder weapon).

Could be. If several witnesses see an assailant bludgeon someone on the sidewalk with an obscured object, then run into a house, the police may not be able to ascertain exactly what the weapon is, but they'd certainly have enough evidence for a search, and they could keep a record of any potential weapons seen in the house in case forensics can later get them a better description of the weapon used. As in this case, they'd have to get as narrow a warrant as possible, specifying that they're searching for the weapon and not, say, evidence of tax fraud. Of course, if they found readily-visible evidence of such fraud during the course of the authorized search, they are not required to ignore it.

The police are that neutral third party. Clearly they are not you, and they are also not the people who accuse you (or the prosecutor representing the people).

A large part of our justice system is focused on keeping them neutral. The fact that the investigators did not erase their copy, but rather retained it, is why the appeals court in that case reversed the judgement.

No. The point of the fourth amendment is to prevent investigators from harassing people looking for reasons to prosecute and persecute.

What seems to be happening here is that there is already evidence enough to justify a search, but the details are not specific enough to be able to ask someone else to execute it. As a physical analogue, there's enough evidence to search a house for a murder weapon, but the investigators don't know it's taped to the bottom of the third dresser drawer. In the case of email, I'd expect the investigators don't know all aliases that might have been used, or in what timeframe the relevant emails might have been sent.

I wonder how many generations of ransomware we will see before backups come back into "style". It used to be in the '90s that people actively did some type of backups, and even PCs shipped with some form of tape drive. Then disks got cheap, and offsite storage become viable, so backups were not done, or if done, were just kicked to the cloud.

Any backup is better than none, but I wouldn't be surprised if the next generation of ransomware would either encrypt files slowly (but use a shim driver to decrypt stuff until it is done, and then completely zap all decryption keys and tell the user to pay up), or if it does notice a backup program being run, actively or passively corrupt it... or just erase the hard disk or the file share it is being backed up to. A simple TRIM command would make the data on a SSD unrecoverable. An overwrite of a directory synced with a cloud service will make that unrecoverable.

I wouldn't mind seeing tape come back, as it isn't slow, and it is relatively cheap (I've seen ads for LTO-6 tapes for $10 each.) The drives are pricy [1], but tapes are reliable [2], LTO4 and newer have AES-256 encryption in hardware (and very easy to turn on, be it by third party software, the tape silo's web page, or the backup utility.) A tape sitting on a shelf takes zero energy to store (other than HVAC), and if dropped, unless there is major physical damage, it is almost certain the media will be usable.

Will tape be 100% against malware? Nope. However, it keeps the data offline, so that a single "erase everything" command won't touch the data [3]. One can buy WORM tapes to protect against erasure/tampering as well, as well as flip a write protect tab.

In a ransomware scenario, WORM tapes would be very useful, especially if the malware decides to try to force an erase on all backups. The fact that tapes tend to be offline brings even more security since if the tape isn't physically in the drive, it can't be touched. Again, nothing is 100%, but the barrier for ransomware to destroy all backups goes a lot higher with offline media than with cloud storage or an external HDD.

I wouldn't mind seeing backups be done again, and done in a smart, time-tested way... done to local, archival grade media that is very inexpensive, but yet super reliable.

[1]: I think there is a market niche for USB3 tape drives at the consumer level. Newer drives have variable speeds to minimize/prevent "shoe-shining", and with all the space on a tape, if areal densities similar to HDD are present, it would store quite a lot of data, even with multiple layers of forward-ECC. LTO tape drives are even bootable so a bare metal restore can be done with just the tape in hand and the drive on the machine, no other media.

[2]: In the past decade at multiple IT shops, I've gone through thousands, possibly tens of thousands of LTO tapes. The total number of tapes that I introduced to the degausser were fewer than five, and all the errors thrown when read/written were all soft errors, so all data was recoverable. This is pure anecdotal evidence, but it has impressed me personally on the reliability of these drives. It is wise to have a backup process of rotating tapes and having some task just verify data when nothing else is going on, and goes without saying to use multiple media just in case hard read errors do happen.

[3]: One can tell a tape silo to zero out all tapes sitting in it, but that is going to take some time, and not be instant. It can be done... but if one has a basic offsite procedure in place (where all tapes leaving get the write protect tab sent), even this can be mitigated without much time and effort.

According to a more informative article, this won't be nearly as bad, then.

Ah, yes, I remember those days well. Those were the days when DoubleClick had tracking cookies on most of the major media sites, and the major sites that hadn't partnered with DoubleClick usually had their own advertising departments, so often their banners were placeholders advertising their advertising ability.

Of course, with decentralized management, all of those major players thought it was a new and innovative idea when X10 started their pop-under ad campaign using the new-fangled Flash thing, so it could be animated, too! Surely that would catch the eye, and they could finally make some steady income from those ads, right?

Then Google came along with its ad program. Simple text ads, tailored to the viewer, and all managed by an upstart company who seemed to be pretty good at managing such things. They didn't do pop-ups (or -unders), and they didn't do sound or video. They did volume. Sure, there are now ads everywhere, but they're not as bad as what we had before. I call it a net improvement.

Ah, yes, there was the content of the adolescent World Wide Web, hosted in large part by ad-supported GeoCities (and the like) and grant-supported universities, and consisting of low-bandwidth servers run as an afterthought to a business whose primary business wasn't dependent on having five-nines availability through DDoS attacks and peering disputes. I guess most of those "service unavailable" messages counted as some form of content.

...Like Slashdot, which offers a subscription that you don't appear to have?

Not quite. Ignorant people like me know that different companies are free to pick whatever business model they like, and I am free to use their service if and only if I agree with it. I find that Hulu Plus still offers me more value than they charge (including my time watching ads), so I'm inclined to subscribe to their service.

If only we were all as enlightened as you are, knowing that advertising is all Google's fault, and that all business must be conducted in the BitZtream-approved way.

Tripwire/AIDE is passive. It can tell me if a binary is changed, but won't actively block a dropped script.

SELinux is great for assigning roles and denying execution in directories. However, it doesn't sign executables, nor keep a manifest in place.

AppArmor is similar to SELinux.

All of these are quite useful, but what would be an addition which would stop this type of Trojan cold would be something that checks an executable to see if it is on a manifest, checks its signature, then allows/denies/logs access. One can use -noexec flags and ACEs in SELinux for similar effect, but having a feature overlap wouldn't hurt.

Sometimes I wonder if Linux should have functionality similar to AIX's trustchk.

This command on AIX can make a list (signed with an OpenSSL key), then either warn when something runs that isn't on that list, or block it entirely. Functionality can be turned on to watch libraries as well, so if a library was changed, execution stops or a syslog entry is generated. In fact, it can be locked down so a reboot into another OS instance would be required to modify the trustchk settings.

If someone has static scripts that don't change often, this functionality would come in handy and would nip something creating scripts or executables on the fly almost immediately.

Even better would be to combine trustchk with BSD's securelevel so that a signed list of executables can be created, then locked down until the machine reboots.

It might be that if one uses a VPN, and a limited number of IP addresses, maybe just block everything except for those ranges, and the VPN (preferably a less known, but reliable provider, maybe even a static IP on a linode box) would allow one access if one wasn't on that range.

Of course, the attacks I see coming are often compromised Windows boxes on DSL or cable modem IP ranges, so blocking Elbonia directly may not help much. The best bang for buck is maybe blocking the obvious hotspots, then rate limiting dynamic IP pools.

I've wondered, at an extreme, having a custom sshd that had a list of IPs in place, and if someone connected from a blacklisted IP, it would randomly just deny them, or perhaps give them a fake shell before closing the connection. Of course, tarpitting can't hurt either, but a botnet only connecting 2-3 times from an IP at a time, that won't help much.

Another idea would be to combine it with port knocking so that the sshd would give bogus reponses to anything that connects unless it previously knocked on another port. Of course, this would be in combination with blacklists.

I use fail2ban and RSA keys as my primary login mechanism... but I also use the RFC 6238 TOTP tokens (Google Authenticator code available from git, or just fetch it from EPEL if on RedHat or a downstream distro like CentOS. For an app, one can use RedHat's FreeOTP, Google's app, Amazon's, or a slew of others.)

This isn't 100%, but two factor authentication should be the minimum standard for Internet communication these days.

After that, what may or may not help is the push to run everything in containers (think domains in Solaris, or WPARs in AIX.) Docker seems to have a lot of enterprise support, and it is relatively new, and that would put another layer of security in place.

This isn't to say malware can misbehave in a container. In fact, malware running in the user context on Windows can do a lot of mayhem. However, containers provide better defense in depth, same with SELinux.