Tuesday,

J uly 7 , 2 015 at 6 :24:27 PM Pacic Daylight Time

Subject:
Date:
From:
To:
CC:

Re: DOJ Seeks Removal Of Restric5ons On Computer Search Warrants

Friday, February 6, 2015 at 5:21:51 PM Pacic Standard Time
Daniele Milan
fredd0104
kernel, Eric Rabe

Hi Fred,
instead of throMling back I would say enhance: in fact we'd add more exibility to it, and that would be a plus
also for other clients.
As soon as we'll have the US oce properly staed, I would like to resume the San Bernardino project with
your help. That could help us understanding further any evolu5onary step we need to take.
Daniele
--
Daniele Milan
Opera5ons Manager
Sent from my mobile.

From: Fred D'Alessio [mailto:fredd0104@aol.com]

Sent: Saturday, February 07, 2015 12:00 AM
To: Daniele Milan
Cc: kernel; Eric Rabe
Subject: Re: DOJ Seeks Removal Of Restrictions On Computer Search Warrants

Daniele

Thanks for the update. I do think we will need to throMle back our product's capabili5es for these guys so they can
get through the legal hurdles.
Fred
Sent from my iPhone
On Feb 6, 2015, at 10:00 AM, Daniele Milan <d.milan@hackingteam.com> wrote:
Dear all,

Page 1 of 2

yesterday we demoed RCS to the NY district aMorney (DANY). They had starry eyes and gave very
posi5ve feedback on the technology, although they raised some concerns about the way the law
regulates the use of government hacking solu5ons (note that DAs fall under the DoJ and they dont
have the freedom the FBI and other federal/central agencies have).
Looking for more informa5on, I found the following:
hMp://www.mintpressnews.com/doj-seeks-removal-restric5ons-computer-search-warrants/190535/
One typical type of a zero-day a4ack is an infected email that could aect a large number of
innocent people if the target used a public computer to access his email. The FBI planned to install a
Remote AdministraDon Tool, or RAT, which would distribute such emails in a parDally-targeted spam
mail distribuDon. Last year, Federal Magistrate Judge Stephen Smith of the Houston Division of the
Southern District of Texas ruled that this was a gross overreach of invesDgatory intrusion, blocking the
plan temporarily.
A warrant to search every account acDve on a computer would be acDvely bypassing the [Electronic
CommunicaDons Privacy] acts numerous safeguards.
It seems it won't be simple to consistently tap from the pool of 94 district aMorneys, a poten5al 45M$
market if we count an average 500k$ sale each.
Some changes in the sokware may be needed to accomodate the fact that most of the warrants are
currently given on a specic applica5on (e.g. WhatsApp), hence prohibi5ng the collec5on of anything
else.
Lets keep an eye on this, as we move more aggressively into the US market we denitely want to nd
an answer and set a plan to unlock this market. We need to nd a guinea pig to test and understand
how we need to move.
As a side note, for those of you who want to go a liMle deeper in the US Surveillance Law, there is a
course on Coursera given by the Stanford University that gives a good overview of the topic. It briey
covers also Government Hacking.
Find it here: hMps://class.coursera.org/surveillance-001
Stay tuned fore more.
Daniele
--
Daniele Milan
Opera5ons Manager
HackingTeam
Milan Singapore WashingtonDC
www.hackingteam.com
email: d.milan@hackingteam.com
mobile: + 39 334 6221194
phone: +39 02 29060603

Page 2 of 2