FBI Spyware Used to Gain Access to Suspects' Computers
A recent Wired.com story reports that the FBI has been using a proprietary spyware program to snoop on alleged ne'er-do-wells since at least 2004. According to heavily redacted documents that Wired obtained by invoking the Freedom of Information Act, the FBI has developed a sophisticated program it calls 'computer and Internet protocol address verifier,' or CIPAV, that can infiltrate target computers and report information back to an FBI server in Virginia. The software has been crucial in the investigations of many cases that include extortion schemes, terrorist threats, illegal hacking, bomb threats, and electronic bank robbing.
The documents describe how the software is delivered to the target user -- via MySpace Chat messages containing links to an FBI-run Web site loaded with CIPAV. Apparently, the software gains access via the user's system vulnerabilities and runs 'silently' in the background. After logging the computer's IP Address, MAC address, open ports, a list of running programs, the operating system, internet browser and version, and the last-visited Web address, CIPAV sends the information back to the FBI database and switches to a stealth "pen register" mode, with which CIPAV can continually monitor the computer's Internet use.
The software first came to the attention of the media in 2007, when the Bureau engaged it to track down a 15-year-old student who had e-mailed bomb threats to a Washington, D.C. area high school. Of course, the FBI must obtain court authorization to deploy CIPAV, and, according to a Justice Department lawyer's memo, were possibly employing the technology a little too liberally. says a recommendation from the Justice Department's Computer Crime and Intellectual Property Section: "While the technique is of indisputable value in certain kinds of cases, we are seeing indications that it is being used needlessly by some agencies, unnecessarily raising difficult legal questions (and a risk of suppression) without any countervailing benefit,"
We guess the real FBI is trying to keep up with the version depicted in '24.' Only with an infinitely more believable computer 'expert' than Janeane Garofalo's Janis Gold deploying the CIPAV. [From: Wired.com]
_thumbnail.jpg "Vintage Keyboards")
Reader Comments (Page 1 of 1)
steve said 2:40PM on 4-22-2009
This is one reason why you should reinstall your OS a couple times a year. That will kill the intrusion right away. Always use programs to control incoming and outgoing data transfers. I you see a program sending data that you have never heard off, kill it off. Never click on links to sites you don't know. This is how they will eventually start tracking everything you do. We are becoming worse than China. At least the Chinese government admits to spying on its citizen's.
Reply
Millerson said 2:30AM on 10-15-2009
Give it another ten years, and everything you do online - every search you make, every email you send, every blog you post, will ALL be under automated surveillance by the US government looking for key words. Anything that comes up will automatically have "sufficient evidence" for a warrant to be issued, at which point you will find yourself in a jail cell trying to prove you didn't do anything wrong. Of course it won't happen to everyone - that's not how the iron fist of a totalitarian government works. America is just on the cusp of learning the hard lesson of what it means to have an authoritarian government. You think you are free? You seriously don't know the meaning of the word.
Reply