FBI's Secret Spyware

| 1 Comment

Just in case you didn't think the FBI wasn't capable of gathering information about you, your habits, your computer passwords, what blogs you visit, and more, they can, and they do.

FBI's Secret Spyware Tracks Down Teen Who Made Bomb Threats :
Sanders wrote that the spyware program gathers a wide range of information, including the computer's IP address; MAC address; open ports; a list of running programs; the operating system type, version and serial number; preferred internet browser and version; the computer's registered owner and registered company name; the current logged-in user name and the last-visited URL.
The CIPAV then settles into a silent “pen register” mode, in which it lurks on the target computer and monitors its internet use, logging the IP address of every computer to which the machine connects for up to 60 days.
Under a ruling this month by the 9th U.S. Circuit Court of Appeals, such surveillance -- which does not capture the content of the communications -- can be conducted without a wiretap warrant, because internet users have no “reasonable expectation of privacy” in the data when using the internet.


and even though the court filings don't explicitly say keystrokes are captured as well, one would imagine they are. Why not, if you are already collecting everything else?

No cases have been publicly linked to such a capability until now, says David Sobel, a Washington, D.C., attorney with the Electronic Frontier Foundation. “It might just be that the defense lawyers are not sufficiently sophisticated to have their ears perk up when this methodology is revealed in a prosecution,” says Sobel. “I think it's safe to say the use of such a technique raises novel and unresolved legal issues.”

The June affidavit doesn't reveal whether the CIPAV can be configured to monitor keystrokes [why wouldn't it?], or to allow the FBI real-time access to the computer's hard drive, like typical Trojan malware used by computer criminals. It notes that the “commands, processes, capabilities and ... configuration” of the CIPAV is “classified as a law enforcement sensitive investigative technique, the disclosure of which would likely jeopardize other ongoing investigations and/or future use of the technique.”

The document is also silent as to how the spyware infiltrates the target's computer. In the Washington case, the FBI delivered the program through MySpace's messaging system, which allows HTML and embedded images. The FBI might have simply tricked the suspect into downloading and opening an executable file, says Roger Thompson, CTO of security vendor Exploit Prevention Labs. But the bureau could also have exploited one of the legion of web browser vulnerabilities discovered by computer-security researchers and cybercrooks -- or even used one of its own.

“It's quite possible the FBI knows about vulnerabilities that have not been disclosed to the rest of the world,” says Thompson. “If they had discovered one, they would not have disclosed it, and that would be a great way to get stuff on people's computer. Then I guess they can bug whoever they want.”

The FBI's 2008 budget request hints at the bureau's efforts in the hacking arena, including $220,000 sought to “purchase highly specialized equipment and technical tools used for covert (and) overt search and seizure forensic operations.… This funding will allow the technology challenges (sic) including bypass, defeat or compromise of computer systems.”

Read more here. The little punk who made threats (Glazebrook) is no hero, but the incident bring up the question: how often has the FBI installed spyware on other folks' computers who are careless enough to use a Windows computer?

Especially in light of the revelations of a 'rogue' FBI office, under criminal investigation.

Technorati Tags: , ,

1 Comment

Gee-whiz Louise, what society are we living in if not 1984? Next the government will be able to tell what smell emanates from my sh* although you know it don't stink.

This is scary. But then again, MySpace is so invasive, and you're right. Msoft sux!

About this Entry

This page contains a single entry by Seth A. published on July 19, 2007 4:41 PM.

Murdoch’s Arrival Scares Journalists was the previous entry in this blog.

links for 2007-07-20 is the next entry in this blog.

Find recent content on the main index or look in the archives to find all content.


Powered by Movable Type 4.37