Slashdot Mirror

← Back to Stories (view on slashdot.org)

FBI Files Brief on Scarfo Keylogger

Posted by michael on from the only-as-secure-as-the-weakest-link dept.

Firewort writes: "In an affidavit (warning, it's a PDF) filed with a federal court in New Jersey, the FBI has disclosed some of the details of a controversial "key logger system" used to obtain the encryption password of a criminal suspect. They go into great detail describing PGP and the different methods they might have used to keystroke-log Scarfo to get his encryption key." Interesting, and more technically sophisticated than the basic keyloggers which grab keystrokes indiscriminately.

5 of 249 comments (clear)

  1. Doesn't it seem strange by Lawmeister · · Score: 3, Informative

    that the FBI was so concerned about not capturing anything but the passphrase for the PGP key? Call me a sceptic but I'd say that the affidavit merely states this to either make it seem like they really know what they are doing, or to appease whatever restrictions the warrant for their entry to the premises and 'bugging' of the computer allowed.

    I would seriously doubt that if this 'device' was capable to record every keystroke as they claim, that if they had the opportunity to sift through Scarfo's (outgoing) email/online banking/Adult-Check/etc. they wouldn't.

  2. Re:A simple keystroke logger can be elegant, too by billnapier · · Score: 4, Informative

    I was under the impression that part of the reason that it didn't log everything was to keep from possibly recording communications (Which would need a different kind of court order, along the lines of a phone tap).

  3. Scarfo Used Windows by macsforever2001 · · Score: 5, Informative

    The affidavit says that Scarfo used a Windows OS.

    Coupled with the DOJ ruling, it just goes to prove that M$ Windows is an operating system written for criminals by criminals.

  4. Re:More keyboard logging by gweihir · · Score: 4, Informative

    Brute forcing depends on key length. If you are willing to spend, say, 1 billion on it, a PGP special purpose RSA breaker (or ElGamal breaker), that takes, say a day to break a 512bit key, could be feasible (the numbers are just a very rough guess, but I think not so unrealistic).

    I doubt very much that they can break 2048 bit at the moment and I think 4096 bit is secure until some serious mathematical breakthroughs (which cannot be predicted).

    The NSA could have such a device for emergency purposes.

    Cheaper would be an attack on the passphrase. Most people don't have so much entrophy in their passphrase. E.g. I have only about 65 bits. Of course for this you need the secret keyring, a ciphertext sample will not be enough.

    --
    Most ACs are not even worth the keystrokes to insult them. Be generically insulted and ignored otherwise.
  5. Re:A simple keystroke logger can be elegant, too by mmontour · · Score: 4, Informative

    Perhaps what's needed is a USB dongle, with an external switch that fries the flash RAM inside, rendering it unusable, and unreadable even to people trained in data recovery.

    Well, there's the Dallas Semiconductor iButton. It includes tamper-resistant features that will zero its RAM under certain conditions (e.g. over-temperature), although it doesn't have an actual "erase" switch.