« New Signs of Bush Monarchy | Main | The Consequences of Quitting Iraq »

FBI Installing Spyware

from Slashdot:

"There have been rumors for years about the FBI remotely installing spyware via e-mail or by exploiting an operating system vulnerability from afar -- and now there's confirmation. Last month, the FBI obtained a federal court order to remotely install spyware called CIPAV (Computer and Internet Protocol Address Verifier) to find out who was behind a MySpace account linked to bomb threats sent to a high school near Olympia, Wash. News.com has posted a PDF of the FBI affidavit, which makes for interesting reading, and a summary of the CIPAV results that the FBI submitted to a magistrate judge. It seems as though CIPAV was installed via e-mail, as an article back in 2004 hinted was the case. In addition to reporting the computer's IP address, MAC address, and registry information, it also gave the FBI updates on which IP addresses the user(s) visited. But how did the FBI get the spyware activated and past anti-virus defenses? Two obvious ways are for the Feds to find and exploit their own operating system backdoors, or to compromise security vendors..."


Note: Wizbang Blue is now closed and our authors have moved on. Paul Hooson can now be found at Wizbang Pop!. Please come see him there!

  • Currently 2.6/5
  • 1
  • 2
  • 3
  • 4
  • 5
Rating: 2.6/5 (5 votes cast)


Comments (5)

kim:

Breaking news, the internet has been crashed.
============================

U.P. Man:

So you are saying it is bad that the FBI got a warrant to make use of current technology?

kim:

Hah, UP; ably hoist on their own dangerous petards.
=================================

Paul Hamilton:

The key questions in the article are the ones in the last two sentences. Something like that should be detected and removed, but apparently it wasn't. So does that mean that this guy was lax about his security or does it mean that the government has some unknown sort of spyware, or in the worst possibility of all, does it mean that the companies who provide security for our computers are deliberately not including protection from intrusions from the government.

U.P. Man:

First, I expect the government to attempt to break all security measures. It's a byproduct of them making sure government computers are safe.

Second, Not all security vendors reside in the US.

And again I ask, do you think they should not use the most current knowledge and technology that they can? The FBI did get a warrant to do this right?


Advertisments

Categories

Archives

Technorati



Add to Technorati Favorites

Credits

Publisher: Kevin Aylward

Editors: Lee Ward, Larkin, Paul S Hooson, and Steve Crickmore

All original content copyright © 2007 by Wizbang®, LLC. All rights reserved. Wizbang® is a registered service mark. Wizbang Blue™ is a trademark of Wizbang®, LLC.

Powered by Movable Type 3.35

Hosting by ServInt

Ratings on this site are powered by the Ajax Ratings Pro plugin for Movable Type.

Search on this site is powered by the FastSearch plugin for Movable Type.

Blogrolls on this site are powered by the MT-Blogroll.

Temporary site design is based on Cutline and Cutline for MT. Graphics by Apothegm Designs.