Slashdot Mirror

← Back to Stories (view on slashdot.org)

Keyloggers Now Classified Technology

Posted by michael on from the trust-us-we're-the-government dept.

general_re writes: "The New York Times (free reg required blah blah blah) is reporting that the Department of Justice is still refusing to turn over details of how the keystroke loggers used against Nicky Scarfo worked, claiming that revealing how it works "would render it useless in future investigations" as well as claiming that it is classified information. Nevermind that this also prevents his lawyers from evaluating or attacking the credibility or accuracy of the evidence arrayed against him. One interesting question raised is whether it's always been classified, or if they're retroactively classifying it in order to avoid revealing how they work."

17 of 212 comments (clear)

  1. Abuse of power by sourcehunter · · Score: 5, Insightful
    I'm sorry, I don't care WHAT kind of technology you use against a criminal to gather evidence, it should be open to scrutiny.

    I believe the same to be true of the Carnivore system, even though I readily defend its use as legitimate.

    What if they classified the tape and tape recorder they used to tape a conversation - no one would be able to check the tape to see if it was or could have been altered!

    --

    quis custodiet ipsos custodes - Juvenal
    1. Re:Abuse of power by JCCyC · · Score: 4, Insightful

      Bingo. If this sticks, nobody is safe. Imagine: they can type any kind of fake e-mail, and then say it was keylogged thru their "classified technology".

      "Who'll be today's suckers, Mr. Director?"
      "Let's make Ralph Nader a pedophile, Noam Chomsky a crack dealer and David Touretzky... lessee... a terrorist from Hamas. No, better, Tim McVeigh's secret accomplice!"

  2. To future NYT link posters... by brunes69 · · Score: 5, Informative


    Just replace the "www" in the link with "archive".

    For this link, it is
    http://archive.nytimes.com/2001/08/25/technology /2 5CODE.html.

    It
    a) Saves all the "No reg link" posts, and
    b) Saves all the "Anonymous login" posts, and
    c) just makes the world a better place in general.

    Thanks!

    1. Re:To future NYT link posters... by general_re · · Score: 3, Funny

      It's not that hard to believe - I submitted the story and just used the straight nytimes.com link.

      Yes, I know about the partners.nytimes.com and archive.nytimes.com links. Yes, it occurred to me to use them about 30 seconds after submitting the story. Yes, I am a moron.

      Thank you.

      --
      ABSURDITY, n.: A statement or belief manifestly inconsistent with one's own opinion.
  3. Wiretapping Function? by lysurgon · · Score: 3, Interesting

    The innaresting thing to me is that the defense is trying to play the "keylogger = wiretap" card, and therefore invalidate the evidence because it wasn't acquired under the corrent warrent.

    Now, why would the Feds not want to disclose the mechanism of their keylogger? Either it's typical spook selfishness OR they think that doing so would strengthen the defense's argument. I havn't looked at the actual details of the argument the defense is making, so it's hard to tell if this is part of the motivation for the "it's classified" song and dance.

    On the one hand, perhaphs they just don't want people knowing how the FBI keylogger works as opposed to all the others. Maybe because, shame shame, it's the same as the market variety.

    But maybe it interfaces automagically with some external snooping device. That would be both something they'd rather not let people know about AND something that would give the defense the winning argument in the court case.

    (start carnivore paranoia ranting... now)

    --


    Howard Dean for president
  4. Double Secret Prosecution by YIAAL · · Score: 3, Insightful

    In Animal House it was a joke. For the feds it's becoming a habit. This is an outrage -- but I don't think it will hold up in court. When you present evidence like this, you have to establish its reliability. And "Trust US' isn't good enough.

    --

    InstaPundit! Ahead of the Curve Since 30 Minutes Ago
  5. Evidence would not be admissable in UK courts by new500 · · Score: 5, Insightful

    . . .

    Must make this short (as there's a god long debate behind what follows) but this would make inadmissable any collected evidence in a UK court.

    This would be because there is then no person or other body of evidence available to question regards veracity.

    Evidence rules here very tough, and the case would be almost immediately thrown out.

    This is tantamount to claiming the Ivisible Man as witness and the prosecutor or plaintiff claiming they cannot bring him for cross examination because they cannot find him.

    The anaology is the same, if something cannot be shown to court, it may not bear witness.

    This is the first basic rule of civilisation and law over hearsay, rumour and superstition.

  6. Was there a keylogger? by zyklone · · Score: 4, Interesting

    Was there a keylogger to begin with?
    Perhaps they just handed over the encrypted data to the NSA who promptly cracked it. Now, how do you use this in court without revealing that it was NSAs monster cracker that did all the work.

    You invent a keylogger!

  7. Kyllo v. United States? by Jeremy+Erwin · · Score: 5, Informative
    I have a feeling that the Supreme Court may not look upon this too favorably. In Kyllo v. US, the court ruled that use of a thermal imaging device to detect IR radiation (evidence of indoor marijuana cultivation) leaking from an apartment constituted a search, and thus required a warrant.

    The standard the court promulgated is as follows: Where, as here, the Government uses a device that is not in general public use, to explore details of the home that would previously have been unknowable without physical intrusion, the surveillance is a "search" and is presump-tively unreasonable without a warrant.

    The slip opinion (99-8508) is available in pdf format

    Although the government did have a warrent to search thus supects home in this case, they did not have permission to wiretap. Since the bug could concievably be used to wiretap, the government has the responsibility to provide evidence that the device did not go beyond the scope of the existing warrant.

    Kyllo suggests that, since the device's capabilities are secret, such a device is presumptively not in public use, and requires the most expansive of warrents for legal use. Since the feds did not have a wiretap warrent, and such a device could be used for such activity, the placement of the device is illegal. (IANAL)

  8. Re:Enlighten me by bnenning · · Score: 4, Interesting

    You're assuming that what the Constitution says has any relevance toward what the government does, which has not been the case for many decades. The Constitution clearly requires that an accused person be able to confront his accusers, which means that no secret evidence is permitted. It also prevents abridging freedom of speech or punishing people who have not been charged or convicted of a crime, but that didn't stop them from passing the CDA, DMCA, and asset forfeiture. The government no longer recognizes any limit on its power, and the voters have let them get away with it.

    --
    How to solve most of our problems: 1.Lots of nuclear plants. 2.Cure aging.
  9. Re:Whats wrong with that? by camusflage · · Score: 4, Insightful

    If refusing is helping catching bad guys, I'm all for it.

    "Those who would trade their essential Liberty for a perceived temporary Security deserve neither Liberty nor Security" --Ben Franklin

    If refusing is lopping the legs off the constitution, I'm against it. Right now, without answering questions, we can only assume that they're hiding something. If they thought it would stand on its own merit, they should've applied for the wiretap order. Of course, the judge would ask if they'd see him register for access to NY Times articles, or a Slashdot registration, or even a flame email that was typed but subsequently cancelled and thus never sent. My guess is that since the answer would be "Yes" to all those questions, they knew a wiretap order wouldn't be signed, as the information gathered would be beyond the boundaries of the order.

    What they SHOULD have done was take the PGP source, write in a routine to either store or forward the passphrase, compile it, and tote that to the federal judge, and apply for the wiretap with THAT rather than something they bought from a spam mail about tracking your kid online. I would expect that they could get a judge to buy in on that since it would (and could) only intercept the information they were seeking.

    Also, you're presupposing that all people they "catch" are "bad guys". Sadly, such is not the case, but we won't even begin to get into that.

    --
    The truth about Scientology, Xenu, and you: Operation Clambake
  10. Re:welcome by NonSequor · · Score: 3, Funny
    Big Brother is watching.


    No, you have it backwards. People are watching Big Brother.

    --
    My only political goal is to see to it that no political party achieves its goals.
  11. Recent Supreme Court Decision? by Glowing+Fish · · Score: 3, Insightful

    Recently, the supreme court decided that infared surveyance, and other "high technology" surveyance of someones's house was unconstitutional, since they involve an unreasonable invasion of privacy without a warrant. In other words, that to look in someone's house, you need a warrant, even if you aren't physically entering.


    So how does this apply to a keystroke monitor? Isn't that an unresonable invading of privacy, using a technology to circumvent "searches of persons and papers"?


    Does the FBI need a warrant to install one of these? Or if the computer is used for "business" (even illegal business) does the constituional prohibition against unreasonable search not apply.


    And more important, if we don't know how this works on a technical level, how will we ever find out whether or not it is constitutional?

    --
    Hopefully I didn't put any [] around my words.
  12. Constitutional issues aren't clear here by billstewart · · Score: 3, Interesting
    • The Constitution doesn't give the FBI any authority to create "Classified Information". That doesn't mean they haven't found some weasel words to authorize themselves to do so anyway, but there's nothing specific.
    • Most of the issues here are with rules of evidence, due process, and right to challenge your accuser in court; the Constitution isn't very detailed on these, particularly about issues of high technology.
    • The Exclusionary Rule, from the 1960s, says that evidence obtained illegally is inadmissable in court. The year before it was promulgated, the New York City police department didn't bother getting any search warrants - they'd just search, and if they did so illegally, too bad, they got the evidence anyway. The year after that, they got warrants (well, most of the time...)
    • The big interesting Constitutional issue here is that the Feds had a search warrant, which could fetch them a bunch of encrypted bits, but not a wiretap warrant, and what they did sounds extremely like wiretapping to me. Wiretap warrants require much more procedure than simple search warrants, and are mainly a creation of telephone regulatory law that's not clearly applicable here, since the Consitutional justification for telephone wiretaps is that the phone company is outside your house.
    • The accused computer had PGP, and the interesting messages or disk sections were encrypted with PGP. That means that if you have the keyring file (which usually lives on the disk) and passphrase (the important secret part), you can verify that the encrypted bits correspond to the decrypted bits. The usual rules of evidence for computer searches (which are rapidly evolving) apply here - were the files really written by the accused, or were they planted, or was there another person using the machine, etc.
    • If they'd found the passphrase on a yellow sticky note by the computer, there'd be no issue here. If they'd paid a snitch to give it to them, there'd be no issue either. If they'd tortured the accused without his lawyer present, there'd also be no issue - the decrypted material would pretty clearly be inadmissible. If they'd had a wiretap warrant, it would have been potentially interesting Constitutionally, but the police would almost certainly win. Instead, they found the somewhat interesting midpoint, because they pretty clearly cheated, but didn't cheat really badly.
    • In the UK, this evidence would probably be admissible, or at least the Home Office would try extremely hard to make it so.
    --

    Bill Stewart
    New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
  13. We have Secret Evidence by Alien54 · · Score: 3, Insightful
    Talkl about Soviet Russia!

    "We have this secret evidence against, and you must trust us to tell you that you are guilty of crimes that violate these secret laws. If you knew what these laws were, we would have to shoot you.

    [snort]

    "The liberty of a democracy is not safe if the people tolerate the growth of private power to a point it becomes stronger than their democratic state itself. That, in its essence, is Fascism - ownership of government by an individual, by a group or by any controlling private power." -FDR

    Sounds like we made it.

    We won the war against fascism, and communism, (WWII, Cold War, etc) only to be left with a communistic fascism called a corporate democracy. It is a communism of fascistic corporate interests.

    Time to blow the planet while there is still a chance.

    - - -
    Radio Free Nation
    is a news site based on Slash Code
    "If You have a Story, We have a Soap Box"
    - - -

    --
    "It is a greater offense to steal men's labor, than their clothes"
  14. Re:Evidence would not be admissable in UK courts by rgmoore · · Score: 3, Informative

    OTOH in the UK they wouldn't have needed a keylogger to get the key. They can demand your PGP passphrase (the computer was seized legally, so that's not the issue) and throw you in jail if you don't divulge it. It's up to the accused to prove that he doesn't know or has forgotten it, and if he can't prove that then he can be imprisoned for failing to cooperate.

    --

    There's no point in questioning authority if you aren't going to listen to the answers.

  15. Assumed trust that's being overlooked by ka9dgx · · Score: 3, Interesting
    Everyone assumes that there was some actual bug recording keystrokes. I don't make that assumption.

    <ConspiracyTheory>
    I choose instead to believe that some FBI agent talked to a buddy with the NSA, and they picked the PGP key for him, with the understanding that the "keyboard logger" cover story would be used.

    Now that things have gone in the dumpster, there IS NO KEYBOARD LOGGER to disclosed the details of.
    </ConspiracyTheory>

    Besides, anyone with a DigiKey catalog and some time could build a VERY sweet keyboard logger, with remote dump via radio, etc. We should have a contest to see how few PIC chips it takes.

    --Mike--