Judge Demands Details Of FBI's Keylogger

wb8foz writes: "EPIC is reporting that Judge Politan has told the FBI to come up with details on the keystroke logger they used against Scarfo. Previously, the FBI claimed the technology was so Zuper-seKret that telling anyone how it worked would threaten 'national security'..."

super secret keylogger indeed

[punkrider]

Scarfo: "Shit, what's this little icon in the corner...I've never seen that before."

FBI #1: "Damnit, he's onto us! Pull the plug!"

FBI #2: "No! It's okay. We embedded it into the Virtual Vixen (tm?) EXE. He'll play with it all day and never figure it out."

Scarfo: "Oh wow, when did I get this? This is great!"

FBI #1 and #2 simultaneously: "MUA HA HA HA"

Speculation time. How does it work?

[meldroc]

The way I see it, the keylogger could either be a software or hardware device. It may require that an agent break into the Bad Guy's premises to install the bug. Then again it may not...

If it was a software device, it would probably be some sort of virus or trojan horse that would sit silently & log keystrokes, and transmit them to the FBI at periodic intervals. There are the issues of compatibility - there are over a dozen different varieties of Windows in general use, as well as Linux, BeOS, BSD, etc. That would require multiple versions of the software, all carefully crafted to hide itself from anyone from a casual luser to an experienced computer security expert (what the FBI likes to refer to as a "hacker".) Somewhere along the line it would probably be detected and deactivated.

The hardware approach has the advantage of being OS neutral, and there are only a few varieties of keyboard interfaces that need to be handled. The device could be hidden inside the keyboard, which would require the agent to physically disassemble the keyboard to install the device. This would take a lot of time, and have several risks: The agent could be caught in the act, which is made more likely by the extra time taking the keyboard apart. Also, the agent could break the keyboard, which would make the Bad Guys aware that something suspicious was happening.

Putting the device inside the computer would be easier - most computers are designed to be opened & serviced with little more than a screwdriver. However, the agent still has to spend time disassembling & reassembling equipment, with risk of breaking the computer or being caught and subject to Great Unpleasantness. Putting the bug outside of the computer (glued to the underside of the desk or attached to a cable) would be too easy to detect, especially when dealing with Evil Russian Hackerz(TM).

The best way would be to use a bakery van full of TEMPEST gear to listen to the stray signals coming from the computer. The gear would be able to listen to keystrokes, as well as record everything that is displayed on the computer's screen. I suspect the feds don't want this revealed because then the Bad Guys could send thugs to kill the agents in the van, then they would be able to play with all the neat toys inside and come up with countermeasures.

It's right here somewhere...

[Paintthemoon]

"Certainly, your honor, that information is right here on my laptop...somewhere...hey, anybody seen..."