Apscitu masthead.
Apscitu Law motto.

Expert IT Law News Article tab.

Microsoft logo, Brad Smith photo, Satya Nadella photo, blindfolded clown lawyer photo, James Duff photo, blind leading blind justice off a cliff, hacker, federal seals, PACER logo, CM/ECF logo, HACKED.

Federal Judiciary Reacts To Hackers: Evidence Tampering OK, Exposing NSA Surveillance Not



By Duane Thresher, Ph.D.          March 17, 2021

As I showed in Hackers Own The Federal Legal System, the federal judicial system has been taken over by hackers and the federal judiciary has admitted to this and reacted. Their reaction were orders on Highly Sensitive Documents (HSDs) reworded from a directive by the same IT incompetent agency — the Administrative Office of the United States Courts (AO), particularly its director appointed by the Chief Justice of the Supreme Court — that allowed itself to be hacked in the first place and is responsible for taking care of all documents (evidence documents and court documents), now all electronic, in the federal judicial system. These orders completely ignore the document tampering — to change court decisions — that will now occur, which was the main focus of Hackers Own The Federal Legal System, and only try to keep confidential the documents, HSDs, they consider important. What the AO considers HSDs that they will really try to protect now and non-HSDs that they will leave to the hackers, since they have been hacked permanently and undetectably, is outrageously self-serving. How the AO plans to keep HSDs confidential, when they already have a procedure for sealed and confidential documents that was hacked, is dangerously IT incompetent.

The Doomsday Microsoft Government Email Data Breach started no later than early 2020 — including before the 2020 presidential elections — and probably much earlier, but was only discovered in December 2020. After the disclosure, the IT incompetent Cybersecurity and Infrastructure Security Agency (CISA), under the IT incompetent Department of Homeland Security (DHS, sometimes called the Homeland Security Department, HSD), warned the IT incompetent Administrative Office of the United States Courts that their Case Management/Electronic Case Files system (CM/ECF, which would also include PACER; see Hackers Own The Federal Legal System) had been hacked and worked with them to react to this. But the DHS, including CISA, was one of the many IT incompetent federal departments and agencies that could not protect themselves and had itself been hacked in The Doomsday Microsoft Government Email Data Breach and Doomsday II: The Massive Microsoft Email Data Breach Sequel. Thus, this is a case of the blind leading the blind (justice) ... off a cliff.

In January 2021 the Director of the Administrative Office of the United States Courts issued a directive on Highly Sensitive Documents. This was then reworded into orders by IT incompetent court clerks for use locally by each court in the federal judiciary — U.S. District Courts, U.S. Circuit Courts of Appeals, and the U.S. Supreme Court — although some courts couldn't even be bothered to do this (e.g. the U.S. Second Circuit Court of Appeals, which includes New York, and the Western District of Virginia U.S. District Court). I read through these orders for all the U.S. Circuit Courts of Appeals (Hackers Own The Federal Legal System used that for the Fourth Circuit Court of Appeals) and some U.S. District Courts (Eastern District of Virginia U.S. District Court for example; see Hackers Own The Federal Legal System).

The Director of the Administrative Office of the United States Courts (AO) is appointed by the Chief Justice of the U.S. Supreme Court (head of the
AO supervisory committee), which has been John Roberts since September 2005. The Director of the AO was, until after the disclosure of The Doomsday Microsoft Government Email Data Breach, James Duff , who was appointed in January 2015 by Chief Justice Roberts. Before that Duff was Director of the AO from July 2006 through September 2011, having been appointed then too by Roberts. From September 2011 to December 2014, Duff was CEO of the Newseum in Washington D.C., which was dedicated to promoting the First Amendment (freedom of the press, not any other of the rights in the First Amendment, like the right to peaceably assemble; see my Eastern District of Virginia U.S. District Court case 3:20cv307) and which failed completely a couple of years after Duff left, having been in decline while Duff was there. Duff has a law degree and before all the preceding had worked at a law firm that failed. On February 1, 2021, Roslynn Mauskopf , a New York U.S. District Court judge, was appointed by Chief Justice Roberts to be Director of the AO. James Duff was clearly responsible for letting the federal judicial system get hacked, but Roslynn Mauskopf promises to be just as bad or worse (if that's possible). A case of the blind following the blind (justice) ... off a cliff.

None of the orders on Highly Sensitive Documents even mentions tampering with documents, only keeping them confidential. But as was the main point of Hackers Own The Federal Legal System, tampering is by far the greatest danger from the federal legal system being hacked. By tampering with documents, hackers can decide legal cases, since documents consist of evidence, like forensic lab analyses, and court documents, like briefs, motions, orders, decisions, etc. The well-established concept of chain of custody of evidence as used by the police — for the feds, the FBI — is precisely to prevent tampering. Evidence tampering is a serious federal crime, punishable by up to 20 years in prison; see Title 18 of U.S. Code, § 1519.

Not only will no one in the federal legal system be looking for tampering — they will just assume it has not occurred — but even if they did, it would be hard to detect. For example, I created the image of
Mark Zuckerberg's passport in Insecure Facebook Demands Your Passport, Bank Statements, Medical Records, ... and it is quite convincing (and would be even more so if I wanted to take the time to add watermarks over Zuckerberg's passport photo). Just changing numbers on a forensic lab analyses report, DNA for example, would be trivial and undetectable.

So what does the federal judiciary consider Highly Sensitive Documents (HSDs), to really try to protect now? The federal judiciary already has a procedure for protecting sealed and confidential documents, but that was made moot when the AO's Case Management/Electronic Case Files system (CM/ECF) was hacked. But even most of those documents are not considered HSDs to really try to protect now.

Almost all documents in civil cases, which might expose sensitive information the average citizen would care about, since it could be used to hurt them — social security and tax ID numbers, birthdates, financial account numbers, medical records, names of minors, home addresses, etc. — are not considered HSDs.

As would be expected from the Department of Homeland Security getting into this, any documents involving national security are considered HSDs. For example, from the HSD order of the First Circuit Court of Appeals:
"Examples of HSDs include unclassified sealed documents involving national security, foreign sovereign interests, criminal activity related to cybersecurity or terrorism, investigation of public officials, and extremely sensitive commercial information likely to be of interest to foreign powers."
Warrants from the courts for electronic surveillance — e.g. reading emails — are considered HSDs. For example, from the HSD order of the Eighth Circuit Court of Appeals:
"For example, applications for search warrants and applications for electronic surveillance under 18 U.S.C. § 2518 are presumptively classified as Highly Sensitive Documents."
So the warrants from the courts for electronic surveillance by the National Security Agency (NSA) are doubly considered HSDs. These are exactly the warrants that the NSA goes to extreme effort to hide, since they show the NSA is spying on Americans, and that Edward Snowden hacked the NSA (and CIA) to make public. (The NSA too was hacked in The Doomsday Microsoft Government Email Data Breach.)

In short, the federal judiciary does not care about protecting the American people from hackers, only themselves (note too above that documents about "investigation of public officials", like judges, are considered HSDs).

And how is the federal judiciary going to really try to protect now what it considers Highly Sensitive Documents (HSDs)? They will stop using the Case Management/Electronic Case Files system (CM/ECF) and instead store HSDs as paper documents "in a secure paper file system" or still as electronic documents but "in a secure standalone computer that is not connected to the internet or to any other network". The paper option is workable; see Hackers Own The Federal Legal System. The electronic option is ludicrous given the proven IT incompetence of the federal judiciary.

The federal judiciary thinks to get standalone computers they are just going to unplug network cables or turn off the Wi-Fi of existing computers. But these computers have already been hacked, permanently and undetectably. All of these computers probably have Wi-Fi built in, whether it was used or not, and the hacked computers will just turn this on, undetectably, and connect to the hackers. When Edward Snowden was giving the documents he had just stolen from the NSA and CIA in their data breaches to IT incompetent expatriate reporter Glenn Greenwald, Snowden insisted that Greenwald buy and use an "air gapped" laptop, which is a special purchase computer that specifically in no way has Wi-Fi.

That "no way Wi-Fi" specification is critical because many computers sold inexpensively, ostensibly because they don't have Wi-Fi, actually do have Wi-Fi built into the motherboard, it's just turned off. It's cheaper for the manufacturer just to make one motherboard design and turn off features on the inexpensive models.

Even if the federal judiciary thinks it's going to buy new air gapped computers — and given the huge profits from PACER that should be easily affordable; see Hackers Own The Federal Legal System — what are they going to do about updating the computers' operating systems, which is an important security measure and for all practical purposes requires the use of the network? Further, as I explained in Doomsday II: The Massive Microsoft Email Data Breach Sequel, many enterprise computers have their operating system loaded each time via the network, so that the operating system of each computer doesn't have to be updated individually.

The HSD order of the Eleventh Circuit Court of Appeals, which covers Florida (see IT Incompetent Attorneys General v. Google), Georgia, and Alabama, says to mail in electronic HSDs on "an encrypted password-protected flash-drive secured by a minimum 8-character password consisting of a combination of uppercase, lowercase, numeric, and special characters" and then email the password to clerks_office@ca11.uscourts.gov.

Using Microsoft email was how the courts got hacked in the first place. The Eleventh Circuit Court of Appeals shouldn't even think about doing what they said unless they get Apscitu Mail, the "revolutionary ultra-secure custom email for VIPs".