Sneak And Peak?

An interesting thought just occurred to me.  Under the “sneak and peak” rules created by FISA in 1994, the FBI is allowed to get a FISA warrant under which it has the authority to enter your house, photograph your papers, duplicate your computer hard drive, and never let you know it’s been there.

I wonder how they would accomplish the task of duplicating my hard drives?  My computer systems are a) always powered on, b) protected by screen lock passwords when not in use, c) protected by power-on passwords, and d) require a valid id and password to log on.  Further, the system that stores most of my important data is a Linux system using a RAID-5 array.  I will notice if that system is powered off and tampered with.  Not only would they have to take the system down, they’d have to root it and remove all traces of the shutdown and restart, and then somehow restore my desktop to its original state (which might vary based on whatever I was doing last before I locked it).  At least they’d have to do that if they wanted an exact duplicate of the hard drives.  If they just wanted the data, perhaps they could root it and plug in a USB device (and then remove the evidence from the logs, since Linux logs these connections). 

If I really wanted to be paranoid I suppose I could hook up motion sensitive cameras to my computer and have it upload the pictures to an offsite server somewhere everytime it noticed movement as well as storing them in encrypted form in several hidden locations on several hard drives (just in case they got smart and posed as Verizon techs and disabled my internet connection and phone, which takes out the alarm system as well). 

This makes for an entertaining thought exercise.  Trying to come up with a foolproof way to determine someone with lots of technical knowledge, power, and resources has secretly entered your house.  The cards are stacked against you.

2 Comments

  1. Cinomed says:

    Yep, honestly, the FBI would have to REALLY be prepared to copy most geeks harddrives without us noticing.

  2. I suppose in that case they’d just use their standard bust-in and take everything tactic, using a regular warrant.  Still, I’d bet they’ve got some geeks hidden away in an office somewhere who’ve thought about the problem.  No matter how secure the kernel or the firewall, if you can get to the physical machine it’s usually just a matter of time before it can be rooted or otherwise compromised.