Off-shore server legal vulnerability

[Quietguy]

Gil, I thought this might be of interest to you because of where the hosting service for this forum is located.  A week or so ago there was an article on Brian Krebs' blog about inconsistencies in court documents filed in the Silk Road drug bazaar case.  The FBI claimed it identified the server location because of a Captcha screen leaking the true IP of the server, bypassing the Tor hidden services the main site used.  Lawyers for the Silk Road defendant, as well as some security experts, threw the BS flag on that claim.  Krebs explained the background in this post:
http://krebsonsecurity.com/2014/10/silk-road-lawyers-poke-holes-in-fbis-story/

Today the Naked Security blog from Sophos had information on the government's response to the legal challenge.  Among other things, they said:

The server was located offshore in a data center in Reykjavik, Iceland. Once the FBI figured out its location, it was Reykjavik police who accessed and secretly copied the data on it.

There is a lot more, but the bottom line is the Feds are claiming 4th Amendment protections don't apply for several reasons - including the server being located in Iceland, so the lack of a search warrant didn't matter.

Here's the full article:
https://nakedsecurity.sophos.com/2014/10/10/fbis-warrantless-hack-of-silk-road-was-legal-prosecutors-claim/

Of course, the Silk Road was an extremely high value target for prosecution, but I thought the logic behind the FBI's thinking might be of interest to people interested in security topics.

Wally