FBI docs out home-brewed spyware probes The FBI for at least seven years has relied on a home-brewed package of spyware to infiltrate the computers of criminals and secretly send a wide range of information to servers controlled by the bureau, according to an investigation by Wired.com. The software, dubbed CIPAV, or computer and internet protocol address verifier, …
i'm dubious of this. HAving looked at the more comprehensive article on Wired the FBI are being typically vague. I'd suggest that they infact infected all 33 pages from the myspace group, and by process of elimination found their man.
I doubt very much if thats a constitionally valid course of action.
She knows a dubious course of action when she sees one.
"gathers and reports a computer's IP address; MAC address; open ports; a list of running programs; the operating system type, version and serial number; preferred internet browser and version; the computer's registered owner and registered company name; the current logged-in user name and the last visited URL."
Browser & OS
http://sqa.fyicenter.com/Online_Test_Tools/__Show_Web_Browser_Information.php
Ip address can get got from Javascript.
http://whatismyipaddress.com/
Open ports
http://www.canyouseeme.org/
Mac address:
http://www.devarticles.com/c/a/JavaScript/Advanced-JavaScript-with-Internet-Explorer-Retrieving-Networking-Configuration-Information/1/
It makes no difference if you are behind an anonymizer because Javascript is running on your PC.
So it's a javascript thing.
Overuse isn't just bad from a civil liberties / legal standpoint. It also increases the odds that someone will figure out how it works. This has come up before, but it seems obvious that no antivirus vendor worth their salt could leave the door open for this spyware, government sanctioned or not. So they need to keep it low enough profile that it doesn't get noticed by security vendors.
If they install even accidentally this spy ware on a machine not in there country? As they only have jurisdiction on American soil any infiltration of foreign machines is testament to spying or a breach of that countries data protection or computer infiltration laws.
Just because there a law enforcement agency in one country does not give them the right both ethical or lawfully to use this software on foreign machines.
And another thing if they catch someone with this software and they plead not guilty how can they keep the details of this software secret when it goes to trial? saying o well the vital evidence was collected but its classified to tell you anything more.
Wont that get thrown out as all evidence and there methods of collecting have to be revealed in court.
But in this current world situation when has something that is unethical or unlawful ever mattered to those in charge they have found out that they can get away with what ever they want simply by doing it and letting the public's apathy take over.
I will credit the FBI with having the train of thought that forces them to keep thinking about their use of surveillance technology and limiting it as needed. I also credit them with only using it once approved by the courts (as it should be done).
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
