On 3/25/19 7:53 AM, Mirimir wrote:

On 03/24/2019 01:03 PM, Ryan Carboni wrote:

...

https://mchap.io/that-time-the-city-of-seattle-accidentally-gave-me-32m-emai...

...

Somewhere towards the end of the call, I asked them if it was okay to keep the emails. Why not at least ask, right?

...

Funny enough, in the middle of that question, my internet died and interrupted the call for the first time in the six months I lived in that house. Odd. It came back ten minutes later, and I dialed back into the conference line, but the mood of the call pretty much 180’d. They told me:

...

1. All files were to be deleted.

...

2. Seattle would hire [Kroll](https://www.kroll.com/en-us/default.aspx) to scan my hard drives to prove deletion

...

3. Agreeing to #1 and #2 would give me full legal indemnification.

...

This isn't something I'm even remotely cool with, so we ended the call a couple minutes later, and agreed to have our lawyers speak going forward.

Sudden DDOS attack after attempt to stall for time?

...

I tried writing an email about this before, but my Linux machine suddenly froze. Tempting to claim that naive implementations of IP stacks should be used for home users and authentication servers (with the rest using standard implementations). Journalists certainly should use a VPN, NAT isn’t a firewall, but it is pretty close.

Sent from ProtonMail Mobile

FYI: https://news.ycombinator.com/item?id=18257867

It's a little odd that someone mucking about with ~iffy FOIA requests doesn't have a decent firewall, and isn't using at least a VPN.

But at least he had a lawyer on retainer.

It's a little hard to imagine that the City of Seattle IT folks would try to pwn his computer. Or even have his ISP disconnect him. At least, in the time frame of a few minutes.

Even harder to imagine, considering that the City of Seattle's IT folks would include the ones who accidentally sent tons of /obviously/ sensitive and privileged information out in response to an FOIA request. I find it more than easy to imagine that the NSA 'noticed' a giant exfiltration of stored government-related communications crossing the networks from their proper home to a residential IP, and flagged it for immediate human attention. That's kind of their job. If so, they would have placed both sender recipient under heel to toe electronic surveillance, likely including implants in the firmware of relevant phones and computers. Collect now, ask questions later. Given that possibility, I also find it easy to imagine that "people" listened in on the phone call about the accidental exposure with great interest - via a toolkit that gave them entire control of the call's infrastructure from end to end. When the question of the receiver keeping all the excess data came up, I can picture somebody pulling the plug on his connection, vs. breaking into the call and saying "oh no you don't" or some such, both to prevent things from getting "way worse" and to buy time for remedial action. Ten minutes sounds about right for the NSA guise to explain their presence on the line to the Seattle guise, scare the living shit out of them, tell them what to say when contact was restored, and turn things back on. In this context, a "Linux machine" freezing while the user was writing an e-mail about this stuff sounds like a shot across the bow, telling the writer that Big Brother Is In Ur Box Watching U Type. Maybe not, but in common experience GNU/Linux rarely freezes except under loads that exceed the capacity of the hardware. Maybe the above mentioned malware malfunctioned when the user's typing kept tripping filters telling it to start copying keystrokes and phone them home "now instead of later". :o)