if your unpatched server is being used as a command&control server in an active offensive campaign, you can be liable for damages your server caused.
I hope that in the future there will be some fine for Server Neglect (leaving internet facing server unpatched and hosting web shells for 5 days after patch publication by vendor) and you will lose your server and all your data for such misdemeanor.
> I hope that in the future there will be some fine for Server Neglect (leaving internet facing server unpatched and hosting web shells for 5 days after patch publication by vendor) and you will lose your server and all your data for such misdemeanor.
I can see it now: "Government stole decades of family photos and videos because my Linux/Plex server was available online."
There is a constitutional basis for a warrant being permitted, upon probable cause, to execute specifically and exclusively a search.
This isn't a search, it isn't a warrant, and there's no constitutional amendment that outlines the situations in which the feds are allowed to break into my computers.
Did you read the article or just the headline? A judge issued a warrant. You can argue over where they should have issued one, but “it isn’t a warrant” is just wrong...
Here's the constitutional language: "no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized." They got a warrant, specifically describing the specific places (web servers) to be searched and the particular things to be seized. Probable cause is easy, these servers were actively attacking government computers.
This is a search. Specifically, the web shells are (1) evidence of a crime, (2) contraband, fruits of crime, or other items illegally possessed, and (3) property designed for use, intended for use, or used in committing a crime. Any one of these three would be a valid basis for a search warrant.
https://news.ycombinator.com/item?id=26802130