1970-01-01 16 hours ago

It's very important to get the official source on this one. Husband was legally restricted and being monitored by the FBI, so he decided to go install a VM to bypass the monitoring. It's not so much bravery against authority as it is hubris that got him 3 years.

https://rockenhaus.com/wp-content/uploads/2025/09/U.S.-v.-Ro...

▲

MadnessASAP 15 hours ago | parent | next [-]

Yeah, that is a significantly more damning then what was given by his wife on Reddit. While SPICE is a normal means to interact with VMs, the defense couldn't offer any legitimate reason for him to be using one. They didn't even make an attempt to. They only established that the monitoring company couldn't say for certain that it was used explicitly to bypass the monitoring.

Also that it occurred right after the search mentioned on Page 28. It's a really bad look.

▲

NotMichaelBay 15 hours ago | parent | prev [-]

Since it seems to have been glossed over in the court transcript, can anyone explain how exactly a VM or client for remote VM could be used to bypass the monitoring?

Wouldn't the monitoring software capture any application's network activities, including a client for a Remote VM? I'm imagining something like Wireshark?

▲

nusl 15 hours ago | parent | next [-]

A VM would bypass monitoring software installed on devices the person uses. A VPN would obscure their traffic such that it is encrypted and not easily monitored. Even something like SSH is encrypted and not straight-forward to monitor, so a VPN isn't required to do this anyway.

A remote VM would combine both of these things, where the device/computer is in a location that isn't monitored and accessed by means aimed at bypassing controls in place. Activities carried out from the remote VM are then not monitored.

User + Devices -> VPN/other -> Remote VM -> Unmonitored Activities / Network Access

^ Monitoring is here, but may not capture the rest of the chain

Law enforcement would need to monitor the VM itself to monitor those activities, or I guess request logs from the provider if at all possible.

There's a limit to how much you can monitor someone and I assume there's a degree of good faith in cooperation with these controls. Failure to comply, seemingly, has severe consequences.

	▲	rnhmjoj 14 hours ago \| parent \| next [-]
		> A VM would bypass monitoring software installed on devices the person uses. Not really, no: a VM is just another userspace application and a monitoring software should be able to capture its traffic just fine. If he was also using a VPN, tor or conneting to a remote machine that's another story, but only saying he was using a VM doesn't really mean much.
	▲	NotMichaelBay 14 hours ago \| parent \| prev [-]
		Okay, that makes sense. But the monitoring software should capture the connection request to the VPN or Remote VM?

▲

Almondsetat 15 hours ago | parent | prev [-]

Monitoring software installed at the OS level can monitor both traffic and what applications generate it. But if the traffic is coming from a VM, it can only do the former.