Hacker News new | threads | past | comments | ask | show | jobs | submit DanielBMarkham (43797) | logout
Email from FBI Looks Odd (reddit.com)
474 points by jacksoncloud 3 days ago | flag | hide | past | favorite | 162 comments

  We have been made aware of "scary" emails sent in the last few hours that purport to come from the FBI/DHS. While the emails are indeed being sent from infrastructure that is owned by the FBI/DHS (the LEEP portal), our research shows that these emails *are* fake.

I continue to see Twitter as an invaluable real time news source. It often seems to have more direct information on breaking topics than other mediums. I often discover news on Twitter well before seeing it on other platforms.

Agree, but also keeps feeding me extreme bias and straight up nonsense. Let’s not forget its destructive aspects as well.

You can mitigate this, at least partially, if you go into your account settings and deselect “show me personalized content and ads”; this paired with ublock origin can do wonders.

Last summer Twitter alerted me to wild fire evacuations for my area (in Western Washington) hours before traditional channels reached me.

Why did they feel the need to emphasize are?

I'd like to think this is a valid question

I think this is a quirk of spoken English that's made its way onto the page as part of the "yes, but" construction. The latter part is emphasized to highlight the contrast to the first clause.

Yes, these emails are coming from the FBI's infrastructure, but they are not legitimate.

The email domain where the messages originate is from some sort of federated identity management system that was created in 2010 (here is a proposal deck [0] with technical details). Found this program simply by searching Google for the sending domain.

Based on the guide for using this system [1] (see step 15) looks like this specific email address is the one that sends automated confirmation emails upon registration. Perhaps someone was able to inject a message instead of the regular canned text through some sort of reflection attack? This explains why replies to the message result in a canned response. The system also now appears to be temporarily down. So it’s getting some sort of attention (internally taken down (most likely) or maybe denial of service from the abuse).

The Reddit thread suggests the recipients’ emails are likely ARIN IP range contacts. Those are very available from tools like this [2] so nothing interesting with that, but the real question is WHY someone would do this at all? This was clearly given some thought (on who to send this to who would actually take the time to verify the headers) but given the sloppiness of everything else, is this just a script kiddie flex? Whoever it is pissed off the FBI and gained absolutely nothing.

[0] https://bja.ojp.gov/sites/g/files/xyckuh186/files/media/docu...

[1] https://www.justice.gov/tribal/page/file/1260671/download

[2] http://itools.com/tool/arin-whois-domain-search

Awesome. A guide written in 2019 from the FBI that suggests Internet Explorer.

I would assume they're recommending Edge now. We switched from IE to Edge around that time; and our company is very security conscious because of our clients.

I would assume you're wrong. I don't think you appreciate how many government websites run ancient software sold to them by a politician's cousin, who thinks even having a developer on staff is a waste of money.

They also run ancient shit that was promoted internally. Not to mention how many sites/tools are outsourced to vendors who then outsource development to foreign development vendors.

To clarify, this is concerning from a security standpoint and is not out of xenophobic bigotry.

"Life is too short to depend on unstable software"


Yep, as late as earlier this year there's a ton of stuff inside the DHS that still requires IE and flash.

What’s wrong with internet explorer? It’s still in active support.

It's actively supported by a company who themselves recommend against it and described its use as technical debt (in 2019)


They didn’t say not to use IE, just to restrict IE’s use to specific applications where it’s needed. The FBI has technical debt too!

I think the problem is that you have to clarify it's still in active support

So you’re against LTS releases I suppose?

2001 called - either you're with us or you're against us.

Depends which one you use, how many years out of security updates is your openssh package...?

What site is this?, wow

You must be trolling
bogwog 3 days ago [flagged] [dead] | | | | [–]

Where have you been for the past 20 years? Amish country? Because there weren’t many other places to take shelter from the horrors of IE.

"Enter your official business email address...Do not use hyphens or dashes in the social security number (SSN#) and Date of Birth fields....Enter your employer’s information in the “Employer” fields"

Oh, fun. Connected to a treasure trove of LEO personal info.

> The Reddit thread suggests the recipients’ emails are likely ARIN IP range contacts.

It's likely multiple different sources. I just noticed I got it as well on my personal email (which has custom domain) and I don't own any IP ranges.

Yeah, I got it to two accounts I use with ARIN, as well as another that is confusing me.

That one is not very old, I know I have the entire outbound history for it, and have not used it for ARIN or anything similar.

The twitter link[0] posted in another thread appears to show a copy of the attacker's email. It looks like the attacker sent the email in a bid to lay down psychological cover fire in order to get sysadmins to work with an attacker who would identify themselves as "TheDarkOverlord".

[0] https://twitter.com/spamhaus/status/1459452609979371520/phot...

It could be the Russians trying to make the FBI look incompetent and make people trust the government less.

The Russians would likely try to exploit such an e-mail to gain something more tangible or if their goal was to make the FBI look inept they would send the message to a much wider audience.

Done and done.
macinjosh 3 days ago [flagged] [dead] | | | | [–]

Oh no! Best check under the bed and in the closet for those dang ruskies /s

What's the point of comments like this? Do you honestly not believe that Russia enlists hackers to poke at the seams in the US?

Not the OP, but, well, just as it could've been Russians, it could be North Koreans, Chinese, or anyone else. As a Russian, the comment just seemed unnecessary, though I'm obviously biased.

>Do you honestly not believe that Russia enlists hackers to poke at the seams in the US?

No, but I believe you should have some evidence before you start accusing them. Otherwise it is very much the "blame Russia" type comment that poster was mocking.

The point is to show how absurd the left has become with their xenophobia towards Russians.

It's not xenophobia when their legal system incentivizes hacking foreigners and hacks just happen to keep popping up from Russia. Nor is pointing out blatantly obvious trends "left".

Lots of people commenting that the text of the email seems amateurish. Perhaps it’s exactly as it should be, but you don’t understand its purpose. Maybe they wanted this to be discussed on netsec forums everywhere, so that Google searches for “Vinny Troia” always lead back to discussion about this email, framing him as a cyber criminal and outranking legitimate posts about or by him - an online identity assassination. They needed the email to set off some alarm bells so that it would pique enough interest to be widely discussed. They appear to have widely targeted the email addresses of system admins. I’m fairly certain this was their intention.

Also, does it strike anyone else as odd that the account that posted this to HN was created hours ago, for the sole purpose of starting this thread?

> does it strike anyone else as odd that the account that posted this to HN was created hours ago, for the sole purpose of starting this thread?

That is not odd. I also use throwaways to post potentially sensitive information, or information that might rub powerful institutions the wrong way.

The rest of your post is within the realms of reason.

If you look at Vinny Troia’s YouTube channel, he gave a media interview regarding members of “TheDarkOrder” being arrested for ransomware.

One potential explanation is that this is retaliation for same.

It's gotta be retaliation. See these reports about TheDarkOverlord that Vinny Troia has released:



Don't know of Vinny, but if he's a security guy, maybe one of his colleagues is pranking him? My college buddies did this kind of stuff to one another. They would die laughing at finding a way to legit send spam through the fbi.

Love to commit high profile cyber crime that could land me in prison, as a prank.

The max headroom TV signal hijack guy was never found... and THAT was a high profile prank.

Hadn’t heard of this, what a strange read

If this is (as it appears it might be) simply a reflection attack of some sort, I'm not sure what crime could've been committed. Or at least what computer crime could've been committed. Impersonating a federal official is about the only thing I can think of.

Like it or not, this seems like a pretty easy CFAA case. Sending email through a server you're not permitted to access sounds like it would constitute a CFAA violation.

I want to live in the techno-libertarian Utopia you think this is

This would get the book thrown at you in any court of law. Hacking FBI email servers is what happened. The IP and subdomain are FBI.

This Newsweek article has a pretty good breakdown:

"The Federal Bureau of Investigation (FBI) email system had reportedly suffered a hack on Saturday morning amid several reports of messages sent from the agency's email infrastructure purporting to be a warning from the Department of Homeland Security (DHS) about a cyberattack." [1]

"The Spamhaus Project, an international nonprofit organization based in Andorra and Switzerland that tracks spam, reported on Twitter that its analysis had shown the unusual emails are being sent from accounts "scraped" from the American Registry for Internet Numbers (ARIN) database." [1]

"Our telemetry indicates that there were two 'spam' waves, one shortly before 5 AM (UTC) [12.am. E.T.] and another one shortly after 7 AM (UTC) [2a.m. E.T.]. The FBI has been getting many calls about it. We are therefore refraining from further actions against the sending IP addresses." [1]

[1] https://www.newsweek.com/fbi-email-system-reportedly-hacked-...

I received this at 1:07 AM PST to my work sysadmin account. It passed Barracuda and Office 365 spam filters.

Initially I felt a surging panic when I realized the source IP was indeed FBI, especially considering one of our close partners recently buckled under a ransomware attack they refused to pay, and thus had to rebuild from backups over a period of two weeks.

Smells mostly bogus now with no links to a status page and so many others reporting the exact same sloppy email, but how did they know to email me and other sysadmins, and how did they send from an FBI IP address?

Edit: typo

Did the "one of our close partners [who] recently buckled under a ransomware attack" have contact details for "[you] and other sysadmins", to target the emails?

Are you listed on any contacts or WHOIS? One of my friends got it to every single possible ARIN POC - abuse, noc, any named users for their IP space, and any emails that could be found for their domain.

No, actually. All domains use an alias but this was sent directly to my primary, but not sent to any of our historic or present domain WHOIS contacts.

If it wasn't whois then another common tactic is to use LinkedIn and guess addresses from the names.

I find it fascinating that one can be intelligent enough to be able to do something like this but they just couldn’t put together a coherent enough email to actually fool you, especially because they seem to have a decent enough command of English. The tone is waaaaaay off though.

Perhaps the human effort needed to see their goals through requires that they filter for only the targets that would fall for such a poorly constructed effort.

The big unanswered question there is: Why go through the effort of making the headers real, if you want to intentionally filter out the kind of people who would look at them?

We're talking in hypotheticals of course, but the effort to make headers real isn't just to fool people who would inspect, but also to fool corporate spam filters and email clients that would display big bold warnings over such an email.

This could work if recipients were CEOs/CISOs, not actually technical people (ARIN IP range contacts = NOC? as someone above me found out)

Just because you are intelligent in one field doesn’t necessarily mean you are intelligent in others. I personally need to rewrite text 4-5 times for RFC/Proposal PRs. I would assume English isn’t their native language, but’s on line between good and correct.

If you can send email from the FBI then you also have a get out of jail free card for any crime. Seems like a bad use of this access.

I don't see how sending an email from the FBI gives you a get out of jail free card.

Probably not a literal get out of jail free card, but it gives you a lot of options to impede the investigation.

From what I can tell, investigations are comprised of a large network of loosely connected groups that need to coordinate to win.

The game is to use it to interrupt communications between loosely affiliated parties in the investigation. You're not going to convince the director of the FBI to drop it, but you probably could wreak havoc on the investigation by sending emails allegedly from the FBI to the labs, local law enforcement, etc. Don't tell them to drop it, just redirect them to something less useful. "Oh, we don't need those reports right now, prioritize analyzing <something you know isn't helpful>". Try to get local PD to go knocking on doors or something that won't help, but isn't too obviously unhelpful.

You could also try to make the various groups mad at each other to reduce cohesion.

It's probably not going to keep you out of jail, but it buys you some time.

Send an email under the guise of the FBI to the president, asking for immunity for yourself?

President: "Hey FBI dudes -- is this email legit?"


Probably not.

Maybe this if how dubious characters have received presidential pardons over the years?

If the FBI offers you immunity in exchange for implicating yourself in a crime, then they can't retroactively retract that offer after you've already confessed. This is true even in cases where the defendant was improperly offered immunity. And emails from an organization's domain name are generally legally binding.

(Obviously this isn't legal advice.)

The FBI doesn’t offer immunity. The DOJ does. There’s also usually a signed document called a “proffer letter” or a “Queen for a Day” agreement that’s signed by an AUSA. I’m not sure an email would pass muster. Maybe it would, but it would certainly be a very big departure from the norm.

> The FBI doesn’t offer immunity. The DOJ does.

Fair. But if the FBI gave someone a cryptographically signed offer of immunity and the person then confessed, you don't think the case would get thrown out?

“Your faith in the legal system is appalling.”


Those types of papers get filed with the court. They don't simply shake hands (or exchange emails) before accepting a plea agreement.

The author is probably still in school, and has no idea how bureaucracy talks.

Seems like some people are happy to use their intelligence to troll Vinny Troia. To each their own, I say.

First reaction - if $Legit_and_Competent_Group believes that a bunch of my infrastructure is compromised, then why the h*ll would they alert me via e-mail? Especially an e-mail full of sensitive details, which has a fair chance of being read by the attackers first.

The email address seems to point to EIMS (Enterprise Identification and Management Service according to https://bja.ojp.gov/sites/g/files/xyckuh186/files/media/docu...). The email address is also listed at some guide at https://www.justice.gov/tribal/page/file/1260671/download.

My guess would be that there is some integration point somewhere to EIMS that allows requesting/granting some access & takes the email template from submitted form.

I still don't quite understand hackers: doing such high-profile hacking and writing lame texts even wihout much fact checking (about agency divisions in this case). Being written in more professional way, this attack could be way more effective. Also, is it a thing among "hackers" to write with tons of mistakes? A part of culture maybe? Or to scare the bricks out of people? )

According to the phishing training I was mandated to take at work if you are stupid enough to overlook the mistakes you are the right target. According to them the misspellings filter out the smart enough people they don’t want talking to. But that could also be nonsense.

Ignoring this specific case where it seems especially unlikely, that's always seemed like someone worked backwards and overthought it to me, "the spelling mistakes, they have to mean something".

I don't think there is a binary smart population and dumb population to optimise around, for every step down, some people who are otherwise convinced become hesitant and waste time, and some of that group become totally unconvinced.

In this podcast episode with the founder of conversational AI, he describes the need to make spelling mistakes (and correct them) in order to help establish that the bot is actually a human.


I think making sublte spelling mistakes is a much clearer sign that someone is human. The imperfection without correction makes it more believable. I still think the hackers could stand to take a creative writing workshop.

The argument is that the hacker’s operational costs are massively dominated by the manual work of social engineering, so they have a huge incentive to filter out people who are less responsive to social engineering.

If you accept that some people are more credulous than others, it becomes the best strategy to optimize for only talking to people who believe you.

Yeah, I buy this theory in general, but I'm not sure that's the highest-leverage way to use this access.

I think higher level ways get dangerous. Contacting the FBI directly to try and get money might make it easier to find you. Trying to sell it or other information to a foreign entity is also risky because you can't be sure they won't turn you over.

Spelling errors like that are how real people write in enterprise, imagine Trump writing email

I’ve worked in government and contracted for Fortune 500 companies. Never have I seen an email that was written like Trump’s Tweets. I’m sure it happens, but I don’t think it’s common.

Or the purpose is to make the FBI look publicly incompetent, not to successfully carry out a secret operation.

For the lulz, I would be happy to see that culture come back, well somewhat

I'm guessing they are either testing their approach or doing it just for fun without a real objective.

>Also, is it a thing among "hackers" to write with tons of mistakes?

Most phishing content isn't made by native English speakers. A lot of it has incorrect grammar/spelling or was just generated by Google Translate.

I'd have guessed that it should be possible to get a reasonable amount of $ for selling access to FBI email servers but maybe the person(s) behind the attack don't care much about money.

Along with the weeding described by others, this could also be a public proof of concept, with a much more sophisticated back-door left for whenever the clean up is done.

I wonder if, similar to automatically choosing alternate synonyms, small spelling errors throw off naive spam detectors while remaining perfectly readable?

The email text to me looks like it was written by some 15-year-old zoomer kid with no clue what they’re really doing.

I can think of one very good purpose for this message:

To publicly demonstrate that an FBI expert witness's "proof" of an email's authenticity at a criminal trial may not be all that reliable.

From the Reddit thread: "got it too. i called the FBI helpdesk and they are getting flooded with calls..."

I mean as a spammer (or whateveer) do you REALLY want to piss off the FBI like that?

Misdirection? Loud noise here - actual attack somewhere else?

or shake the machine and see what falls out - watch the access logs to find what individuals have the power to respond, target them for further spearfishing

If you're in a former USSR state there's nothing they can do to you.

What are they gonna do in response, bankroll somebody to say they have a tape of Russian hookers peeing on you? The FBI is famously inept at anything beyond questionably legal political games, so much so that the Secret Service was in charge of enforcing telecommunications related law for the longest time.


We received and forwarded to various groups at FBI and DHS at the onset. The running theory here is IPv6 to iPv4 routing is the problem with this incident. Generic and trusted config as where any ipv6 arbitrarily “just works” to a trusted IPv4 block with existing rules. Most IPv6 implementations do not have the detail scrutiny in firewall rules to prevent or filter, and IDS this type of thing from happening.

> Most IPv6 implementations do not have the detail scrutiny in firewall rules to prevent or filter, and IDS this type of thing from happening.

This sentence is nonsensical. Any firewall that will pass IPv6 can understand IPv6 enough to block it. And no firewall will default open for IPv6.

The same goes for any IDS made in the last 15 years. But regardless, IDS doesn't block anything, it only detects (and likely wouldn't trigger solely on sending an email).

Lack of full body and some headers mentioned in the DKIM-Signature headers makes it impossible to verify DKIM authenticity. Would (reddit) OP not cut out their Authentication-Results headers, we we would know how their MTA's anti-forgery mechanisms saw this alleged message.

But, assuming that what's on reddit is true, this is interesting. It looks like FBI attempting to discredit a researcher (which I doubt because this would be one of dumbest ways to do so) or maybe someone gained enough access to FBI's infra to at least bounce a message by their systems without it looking so (but earlier Received headers do not suggest that the message originated from outside the network).

EDIT: Another idea is that OP's systems may be so compromised already that someone simply created FBI-looking message on their system and it never touched network.

The FBI don't provide information like this in an email and will speak to you first.

This is bogus, delete it.

The dkim header signature is correct. It means it really is from an FBI server.

But still... the FBI don't speak to you like this and wouldn't overprovide information like this.

The only time I've seen the FBI talk like this is when they already have a trusted relationship with you and an open channel and they're off the record.

Just because a server is coerced into sending an email that is signed, it does not mean it is from the FBI.

The point here isn't whether this is real or fake. The news is that someone is able to impersonate an email as coming from the FBI with all of the correct email headers with dkim signing. I'm speculating here, but this probably means they might have control of one of the FBI subdomains

How can you tell without all the headers mentioned in DKIM-Signature?

"email from FBI", and the Nigerian FBI office at that ... Reminded - a professor of a Moscow University couple months ago received a call from Russian Central Bank advising him that his account in some bank is being actively targeted by scammers/hackers, and that he needs to temporarily transfer the money to the special holding account the Central Bank rep provided, so the professor did. Some time later the scammers started to target the professor's condo - the police agent called him informing about it and asking for help to catch the scammers - when the scammers come with the prepared documents for the condo sale, professor would need to play the part as if he doesn't know what it is a scam and to sign the documents, receive the money and after that to give the money as evidence to the special agents in the car near the condo building. And professor did as he was told. So far - no money, no condo, no bank account with the significant sum of money...

Or as our corporate anti-phishing/etc. training - which was forced again upon us last month - instructs "Got a call from John from company A ? Hang up and call the public phone number of the company A and ask for the John."

> Hang up and call the public phone number of the company A and ask for the John

Some time ago a HN user was approached by the CIA/FBI like this (they wanted help with a software he wrote). They told him to look up the public number for the agency and ask for agent whatever.

What happened to the scammers?

So far nothing. The victim reported it to police only 3 weeks ago. https://www.google.com/amp/s/m.gazeta.ru/amp/social/news/202...

From what I'm reading in that news article and the explanation you wrote above, this seems like a fairly complicated and comprehensive scam.

It's interesting to note how, when someone gets caught up in a scam, they don't step back and think "Woah, this doesn't make sense". Giving documents to a police officer? Special agents in another building?

This always seems to happen, too. I watch scambaiters on YouTube with refund scams, and you end up with an old lady drawing figures upwards of £10,000 out of the bank, then putting it into a box, mailing it to them... Mind you, they tend to prefer the older people because they're more gullible.

Fixed the link: https://www.gazeta.ru/social/news/2021/10/20/n_16721839.shtm...

For some reason the one you sent redirects me to Google Fonts CSS.

Would the FBI not establish first contact by mail, in person or at least on the phone? What kind of common sense thinks this is legit.

The news here is the headers look good.

The hackers have the ability to originate legit emails from ic.fbi.gov and they blow it on a spammy phishing campaign with broken English? what a waste..

Sounds about right. A blue chip I work with had a successful phish against them - the attacker ended up with access to the email inbox of an HR person.

So they tried basic, stupid 419 type scams, with broken English.

They could have pried the entire org wide open - she had masses of private data in her inbox, enough to impersonate or social engineer your way to anywhere.

But instead, they blew it - and blew it so badly the client spent days investigating what this could have been a distraction for, as they pretty much couldn’t believe their luck at the minimal severity of the attack.

It’s like breaking into the federal reserve, thinking it’s a 7/11, and then stealing the ballpoint pens from the cashiers desks.

Either way, it was a helpful experience for them - a vaccination against further stupidity, and they all of a sudden started engaging on their ISMS with gusto and panache.

The other episode that springs to mind is the hackers who managed to compromise the Twitter accounts of the likes of Obama and Elon Musk, but used it to promote a shitty Bitcoin gifting scam, which netted them an easily traced $100k and a prison sentence. Probably the scammers promoting the same sort of scheme in the comments with legal fake accounts make more money

i’ve heard it said, “if criminals were any smarter they wouldn’t be criminals” - but of course its a selection bias because smart criminals don’t get caught, you only hear about the dumb ones

If you work with police, you'll hear no end of dumb criminal stories. My favorite was the guy who coated his fingers with glue so he wouldn't leave fingerprints at the scene - then peeled off the glue and dropped the peelings in the trash on his way out. Leaving perfect fingerprints.

It doesn't even seem like phishing; there's no contact info and the sender bounces in a way that seems like it doesn't go to the one who sent it.

Is it general FUD (eroding FBI legitimacy) or a smear campaign against Vinny Troia..?

EDIT: Or it's a diversion of attention; there's something else going on somewhere else that they want to go unnoticed.

vinny troia himself washing out the google results for his name?

never heard of him before, but after a few minutes digging, I tend to agree.

Except that the OP did not post all the information to verify.

The IP address does belong to the fbi.gov (both forward and reverse DNS lookups check out).

The DKIM public key does exist at the given selector [0], but without the complete raw message, it is not possible to verify the signature. He also excluded the authentication-result header from his post.

[0] https://www.mailhardener.com/tools/dkim-validator?domain=cji...

> Except that the OP did not post all the information to verify.

A few other people on that thread got the same mail and did verify it. Either they're all sockpuppets or it verifies.

I hate to say it, but if I were to get an email from "fbi.gov", I would assume it belongs in the same pile as the great offers from that Nigerian prince. Even if I look at the headers, I wouldn't be convinced.

Perhaps we should try harder to create a public key infrastructure for email.

The fact that we can trust government communication about as much as messages from a Nigerian prince gets us a step closer to the kind of society that produces them.

There is this line from Michael Clayton movie that I basically assume every time I see something like this ‘client:(phone rings) That’s the police isn’t it? MC: No, they don’t call.’ Or in this case, they don’t email.

Not this holds up, in this case they would most likely call you and either tell you over the phone, or setup the meeting over the phone.

They probably want you to send them money with a gift card, watch out! Real thugs use Bitcoin.

the only vaguely reliable item in an email header is the last ip in the square bracket inserted bt your mailserver saying where it thinks it "Received from"

note that in this case it is: Received: from dap00040.str0.eims.cjis (dap00040.str0.eims.cjis [])

and that 10.X.X.X is an un-routable address (unless you are part of the originating network)

Since I'm not part of the FBI I would strongly suspect some one was misrepresenting their address to my mailserver.

adding that I really don't know jack about this. sec is not an interest of mine so please, experts, straighten out any misconceptions I am propagating

There's a paste from another recipient's headers:


I believe the very top line is inserted by the victim mailserver and points to an FBI IP in a way that can be considered accurate.

The one inserted by my mailserver is Received: from mx-east.fbi.gov (mx-east-ic.fbi.gov [])

The 10.* ones were inserted by theirs.

Yeah, I would ignore an email like that. If it's so important to the (legitimate) FBI, they can make a house call.

They know where I live, right?

Seems like an attempt to embarrass the FBI?

FBI e-mail infrastructure got hacked.

Hoax Email Blast Abused Poor Coding in FBI Website


> While the emails are indeed being sent from infrastructure that is owned by the FBI/DHS

Well, that’s reassuring

Tangentially related, but the FBI needs to be disbanded. At least the DC offices, which are simply a political police force at this point. This is just another example of incompetence on their part.

So what would you suggest to replace it? Obviously there needs to be some federal law enforcement agency...

And as much as their past has portions that are super fucked up, wasn't that also a reflection of American society at the time?

I just think that for as much harm as the FBI historically caused, they've also busted enormous criminal rings and done a lot to reduce organized crime. I genuinely think Americans would be worse of without them, even with my bias as a leftist that typically loathes alphabet soup surviellance agencies.

"Eschew flamebait. Avoid unrelated controversies and generic tangents."


Im just going to let you figure out this one for yourself.

Please don't take HN threads further into flamewar. We're trying to avoid that here.


There was no reform after COINTELPRO.

The FBI has known about nearly every mass shooter for the past 20 years, they've leaked numerous investigations and raids to the press for political reasons, they sit on evidence for political reasons, they target domestic journalists for political reasons, they lied to FISA courts for political reasons, and they've been sitting on exculpatory evidence for political reasons, they've been sicced on parents at school boards for political reasons.

I'll let you figure this one out for yourself.

No idea what the other commenter was alluding to...

I am guessing "Anyone who gets seriously close to threatening the FBI's existence will get extrajudicially prevented from doing so"?

For a lawmaker, you don't even have to do anything legally or (particularly) morally questionable like killing them - just entrap them and have them lose their jobs. https://en.wikipedia.org/wiki/Abscam

If you do catch them and it's too public to go after you for retribution, they'll sell a federal judiciary seat to someone willing to erase it.

One of Trump's 2017 judicial appointments in the ND of Texas dismissed the civil suit against the FBI, DOJ, and Comey by name for organizing the "ISIS" mass shooting in Garland, TX in 2015. We know they organized it because local cops caught an undercover in the parking lot who was waiting on the shooters to arrive. [1] He had to identify himself as undercover to stop the local cops from shooting him. [2] A security guard who was shot in the incident brought the civil suit against the feds, discovery produced text messages showing the same undercover FBI agent giving the shooters instructions. The FBI also had to remove flags from databases so the shooters could pass background checks for gun purchases.

And before anyone falls for the knee-jerk tendency of thinking one political party is different from the other, the judge who dismissed the case on her first day was a stalled Obama appointment to the same seat before she was a Trump appointment confirmed for that seat. And the person who blew the whistle on the FBI paying people to recruit and train domestic "terrorists" said they began doing so when Obama took office in 2009.

1. https://www.azcentral.com/story/news/local/phoenix/2017/02/1...

2. https://www.cbsnews.com/news/terrorism-in-garland-texas-what...

Extraordinary claims require extraordinary evidence, and most of what you've stated are not supported by your links.

They're not extraordinary claims, they're well established and part of a pattern. Unless you haven't paid attention to their scandals over the past ~40 years you should be well aware that the FBI's primary means of moving along politically hot-button cases is to cause a politically hot-button crime to occur. [1]

> ... FBI agent texted one of the shooters before the event, "tear up Texas." [2]

> In an affidavit filed in another case the government disclosed that the FBI undercover agent had actually "traveled to Garland, Texas, and was present... at the event." [3]

> Last month (article from August 2018), the stately Belo Mansion in downtown Dallas was home to an event many have been anticipating for over a decade: the investiture of Judge Karen Gren Scholer as a federal judge for the Northern District of Texas. It was one of those rare occasions in today’s hyperpartisan environment when local jurists, elected officials and ordinary citizens from both sides of the aisle had cause for celebration — the March 7 swearing-in of a highly respected jurist who is the first Asian-American U.S. district judge in Texas." [4]

Note the date here, that judge was sworn in on March 7, 2018. What did she do on March 8, 2018? Send a message not to sue the FBI, that's what... [5]. It should be noted that the Dallas Morning News is not a left leaning publication, to the contrary it's chock full of neocons, hence the hagiography written for this judge appointed to put in a fix for a 3 letter agency. No one outside of one DC blog seemed to notice that on her first day in the ND of Texas a brand new judge, sworn in the day before, took over a 3 year old case involving the FBI orchestration of terrorist activity in at least two states. [6] Cases in which the DOJ (stupidly) prosecuting one case admitted to instigating the so-called terrorists in another case halfway across the country.

1. https://www.nytimes.com/2012/04/29/opinion/sunday/terrorist-... and https://www.theguardian.com/world/2014/jul/21/government-age...

2. https://theintercept.com/2016/08/09/fbi-agent-goaded-garland...

3. https://reason.com/2017/03/29/that-time-an-undercover-fbi-ag...

4. https://www.dallasnews.com/opinion/editorials/2018/08/01/sea...

5. https://i.imgur.com/ivGq1In.png

6. https://freebeacon.com/wp-content/uploads/2019/01/Motion-to-...

They did allegedly just raid a politically opposed journalistic outlet and leak confidential reporter's notes to NYT, which is sort of illegal. Can anyone explain why Biden's daughter's stolen diary, which PV obtained and gave back, is grounds for an FBI search warrant?


calling that guy a journalist is hilariously disingenuous. the guy that has been caught doctoring and falsely editing literally everything that he has produced?

He's catering to an audience of hateful people that can't even eat breakfast without it being in bad faith. He is weeks away from an expose telling you that actually the confederacy landed on the moon first.

Being a contrarian fool that argues blindly without accepting or understanding reality and context is de rigueur on this website, it's disgusting

and telling as to why the industry is so self-serving and fraud-ridden

> the guy that has been caught doctoring and falsely editing literally everything that he has produced?

I don't know what to tell you, that's a lie. Even if he had published misleading or false statements in the past, that does not imply that everything out of PV is false, as convenient as such a belief may be for supporters of the establishment.

>He's catering to an audience of hateful people that can't even eat breakfast without it being in bad faith. He is weeks away from an expose telling you that actually the confederacy landed on the moon first.

Dissent is not hateful. Leaning right is not hateful. You are stereotyping, writing off everyone on the other side based on the beliefs of an extreme minority. The same logic could be applied to the left at large and it would be just as dishonest.

>Being a contrarian fool that argues blindly without accepting or understanding reality and context is de rigueur on this website, it's disgusting

As opposed to blindly following groupthink because your "authoritative sources" have unquestioningly quoted experts with blatant political and financial conflicts of interest? Please. Tell me, where are the journalists looking into e.g. ties between pfizer and the FDA? Regulatory capture is no secret. The partisan hate that PV gets is totally unwarranted, its a cheap, straw grasping dismissal of opposition.

This leaked diary is an excellent example, by the way. Though PV did not leak the contents, someone else did, and there are images of pages detailing Ashley's potential molestation by her father. If our media had a semblance of objectivity that would be a huge story - and apparently if the FBI is raiding PV over the diary (for which there is absolutely no justification, beyond party politics), the diary must be authentic. Hunter Biden's laptop was another example of mass collusion by partisan media - regardless of how you feel about the situation, images of a presidential candidate's son smoking crack with prostitutes is huge news. PV was one of the few outlets willing to touch it.

In any case, that you may think O'Keefe is biased does not imply that he is not in fact a journalist; unless you are willing to be consistent and acknowledge that the blatant activism that has replaced journalism in mainstream media also disqualifies them from identifying as journalists. This is what dissent looks like.

Never heard of the boy who cried wolf, then?

The serial liar is probably lying. If he had anything of substance then he should pass it to someone with credibility.

Or, more likely, this is Hunter Biden's laptop, which disappeared once there was literally no substance.

The boy who cried wolf alludes to a heuristic, not carte blanche to disregard media outlets you don't like.

And I would argue that dozens of images of the son of a presidential candidate partying with prostitutes and a crack pipe is indeed substance - regardless, the coordinated refusal to report negative information regarding their preferred party should make you at least as concerned about selective reporting as you are about PV. It is blatant evidence of partisanship, propaganda, and the same sort of election influencing collusion that trump and russia were accused of. Conveniently off of a false report as has recently come out - is that enough for you to start disregarding MSM outlets now? Clearly there wasn't even an attempt to investigate the steele dossier on the part of the propagandists you so blindly trust. Crying wolf indeed.

> He's catering to an audience of hateful people that can't even eat breakfast without it being in bad faith.

This sounds like a parody of an accusation of bad faith. If some people can't even eat breakfast without being accused of acting in bad faith, that says more about the people making the accusation.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact