Keyloggers Now Classified Technology

general_re writes: "The New York Times (free reg required blah blah blah) is reporting that the Department of Justice is still refusing to turn over details of how the keystroke loggers used against Nicky Scarfo worked, claiming that revealing how it works "would render it useless in future investigations" as well as claiming that it is classified information. Nevermind that this also prevents his lawyers from evaluating or attacking the credibility or accuracy of the evidence arrayed against him. One interesting question raised is whether it's always been classified, or if they're retroactively classifying it in order to avoid revealing how they work."

Enlighten me

[Modus+Nonsens]

What does your constitution say about this? What are they allowed to do to you in this sense?

Furthermore I think they *must* release their technology that they used, to give him a fair chance. Or am I wrong here?

Re:Enlighten me

[bnenning]

You're assuming that what the Constitution says has any relevance toward what the government does, which has not been the case for many decades. The Constitution clearly requires that an accused person be able to confront his accusers, which means that no secret evidence is permitted. It also prevents abridging freedom of speech or punishing people who have not been charged or convicted of a crime, but that didn't stop them from passing the CDA, DMCA, and asset forfeiture. The government no longer recognizes any limit on its power, and the voters have let them get away with it.

Wiretapping Function?

[lysurgon]

The innaresting thing to me is that the defense is trying to play the "keylogger = wiretap" card, and therefore invalidate the evidence because it wasn't acquired under the corrent warrent.

Now, why would the Feds not want to disclose the mechanism of their keylogger? Either it's typical spook selfishness OR they think that doing so would strengthen the defense's argument. I havn't looked at the actual details of the argument the defense is making, so it's hard to tell if this is part of the motivation for the "it's classified" song and dance.

On the one hand, perhaphs they just don't want people knowing how the FBI keylogger works as opposed to all the others. Maybe because, shame shame, it's the same as the market variety.

But maybe it interfaces automagically with some external snooping device. That would be both something they'd rather not let people know about AND something that would give the defense the winning argument in the court case.

(start carnivore paranoia ranting... now)

Was there a keylogger?

[zyklone]

Was there a keylogger to begin with?
Perhaps they just handed over the encrypted data to the NSA who promptly cracked it. Now, how do you use this in court without revealing that it was NSAs monster cracker that did all the work.

You invent a keylogger!

Welcome to the brand new UStasi.

[NReitzel]

It appears that the United States Government has taken to hiring all those former East-Germans who worked for the Stasi, the bureau of state security. World over, they were known as the very epitome of state surveillance of their own citizenry. It now seems as though the FBI has decided to usurp that lofty position, and become the preeminant repository of every sneak, thief, spy, and eavesdropper that they can find.

In the words of Gore Vidal (not usually one of my favorite people), "Now that the Great Red Menace is gone, the government can now turn its attention to the real enemy, which is now, and always has been, the people."

Welcome, UStasi.

Constitutional issues aren't clear here

[billstewart]

• The Constitution doesn't give the FBI any authority to create "Classified Information". That doesn't mean they haven't found some weasel words to authorize themselves to do so anyway, but there's nothing specific.
  
• Most of the issues here are with rules of evidence, due process, and right to challenge your accuser in court; the Constitution isn't very detailed on these, particularly about issues of high technology.
  
• The Exclusionary Rule, from the 1960s, says that evidence obtained illegally is inadmissable in court. The year before it was promulgated, the New York City police department didn't bother getting any search warrants - they'd just search, and if they did so illegally, too bad, they got the evidence anyway. The year after that, they got warrants (well, most of the time...)
  
• The big interesting Constitutional issue here is that the Feds had a search warrant, which could fetch them a bunch of encrypted bits, but not a wiretap warrant, and what they did sounds extremely like wiretapping to me. Wiretap warrants require much more procedure than simple search warrants, and are mainly a creation of telephone regulatory law that's not clearly applicable here, since the Consitutional justification for telephone wiretaps is that the phone company is outside your house.
  
• The accused computer had PGP, and the interesting messages or disk sections were encrypted with PGP. That means that if you have the keyring file (which usually lives on the disk) and passphrase (the important secret part), you can verify that the encrypted bits correspond to the decrypted bits. The usual rules of evidence for computer searches (which are rapidly evolving) apply here - were the files really written by the accused, or were they planted, or was there another person using the machine, etc.
  
• If they'd found the passphrase on a yellow sticky note by the computer, there'd be no issue here. If they'd paid a snitch to give it to them, there'd be no issue either. If they'd tortured the accused without his lawyer present, there'd also be no issue - the decrypted material would pretty clearly be inadmissible. If they'd had a wiretap warrant, it would have been potentially interesting Constitutionally, but the police would almost certainly win. Instead, they found the somewhat interesting midpoint, because they pretty clearly cheated, but didn't cheat really badly.
  
• In the UK, this evidence would probably be admissible, or at least the Home Office would try extremely hard to make it so.

remote keystroke logging

[chongo]

A few years back, while playing around with a highly directional receiver (phase-shift antenna array) we were able to clearly ``hear'' the radio emissions from one of our keyboards at a distance of about 1/4 mile. Each key presented a unique waveform on an oscilloscope.

If I were going to log keystrokes, I would be tempted to use the parked van approach. I'm sure with a reasonable budget and access to better technology, reading keystrokes would be easy at moderate distances.

chongo () /\__/\

Assumed trust that's being overlooked

[ka9dgx]

Everyone assumes that there was some actual bug recording keystrokes. I don't make that assumption.

<ConspiracyTheory>
I choose instead to believe that some FBI agent talked to a buddy with the NSA, and they picked the PGP key for him, with the understanding that the "keyboard logger" cover story would be used.

Now that things have gone in the dumpster, there IS NO KEYBOARD LOGGER to disclosed the details of.
</ConspiracyTheory>

Besides, anyone with a DigiKey catalog and some time could build a VERY sweet keyboard logger, with remote dump via radio, etc. We should have a contest to see how few PIC chips it takes.

--Mike--