Slashdot Mirror

← Back to Stories (view on slashdot.org)

Judge Upholds FBI Keyboard Sniffing

Posted by michael on from the black-bag-job dept.

mshiltonj writes: "Wired is reporting that keyboard sniffing can be used to catch "mobsters." I feel safer already. You can read the ruling. Here's a snippet: "This case presents an interesting issue of first impression dealing with the ever-present tension between individual privacy and liberty rights and law enforcement's use of new and advanced technology to vigorously investigate criminal activity. It appears that no district court in the country has addressed a similar issue. Of course, the matter takes on added importance in light of recent events and potential national security implications." Translation: Don't deny us this tool or you'll be blamed for us not catching terrorists." See also an Infoworld article. We have several previous stories on the Scarfo case.

13 of 285 comments (clear)

  1. how do we protect ourselves? by Sebastopol · · Score: 3, Interesting

    so we know they can now break in and install a device as well as slip in a trojan.

    what solutions are there? as for software, i've seen one site about free-ware antivirus, but it was linux only (like linux needs av software!). it would be nice if there was open-source AV for windows. any pointers?

    as for hardware, other than having intimate knowledge of your own hardware (always checking your keyboard cable connection and keeping your chassis open for inspection), i can only think of sealed, tamper proof computer chassis.

    --
    https://www.accountkiller.com/removal-requested
    1. Re:how do we protect ourselves? by dasunt · · Score: 3, Interesting

      Have a program that puts the keyboard on the screen when you type in your letters, with the keys arranged randomly. By using either the mouse or the keyboard then, you can "type" in your password immune to the keylogger. (Although, they still have password length - so remember, long, secure passwords, people).

      Now we've caused the need for video loggers. :) Well, at least the memory required for video logging is a lot greater then the memory required for keyboard logging.

  2. Installation by syrupMatt · · Score: 5, Interesting

    I'm sure others will notice this, but how exactly does the installation of the sniffer take place? Since there is no warrant, and only a court order, do the authorities have the legal backing to "break and enter" a computer to install the sniffer? Is a computer awarded the same rights as a physical place (i.e. apt, home, etc...)?.

    Also, if the sniffer is sent as a trojan'd email or program, could this lead to entrapment defenses based on the enticement used in the delivery method?

    --
    "Moving through the masses like a fish through water." syrup
    1. Re:Installation by syrupMatt · · Score: 3, Interesting

      Why don't we clean up our authorities before we give them broad new powers? Simple answer.

      The fact is that perfect authorities who are "untouchable" and never err will never exist in the world due to the fact that they are products of an imperfect society. Do we expect all people everywhere to be never wrong in their judgement of others? Then how can we expect the few that we give power to to be any better than the collective world that they come from?

      Of course, this could be seen as the beginnings of an anarchistic rant, but just understand, the key is in oversight and accountability, not constant cleansing of the people we entrust with the application of our rights.

      --
      "Moving through the masses like a fish through water." syrup
    2. Re:Installation by RobertGraham · · Score: 3, Interesting
      In the Scarfo case, the FBI entered in a "black-bag" operation (breaking-and-entering the building) and found the encrypted file when they physically accessed the computer. They broke in a second time to install the keylogger. They had valid warrants under current U.S. law in order to do this.

      In the Magic Lantern system, they propose either hacking into the machine from the Internet, or more likely, install a transparent proxy at the ISP that attaches a trojan to any .exe the user downloads from the Internet.

  3. Watch for an increase of sales in by kawlyn · · Score: 2, Interesting

    Smart card readers (for your key), and voice dictation software. A keyboard logger can't work, if you don't user the keyboard.

    --

    When someone yells "Stop" or goes limp, or taps out, the fight is over.
  4. Re:Am I missing something? by Chris+Burke · · Score: 4, Interesting

    The FBI's argument was that because the device only intercepted intra-computer communication (i.e. from the keyboard to the CPU) and not computer to computer communications, those communications are not protected by the Wiretap statute (18 USC 2518 [cornell.edu]).

    Which is kinda like saying they can put a bug directly in your phone, because then it's only recording what's going from your mouth to the microphone, not phone to phone, and thus not a wiretap.

    Granted, in a computer not all keystrokes are going to be transfered over the network, but how can you, the observing FBI agent, know which are which until you look at all of them? I can't see how you could possibly avoid looking at information (like a typed email) that should be require a wiretap order.

    But then again, I'm too jaded and cynical to work up much anger when the FBI makes a grab for a little more power. One day my children will wake up and find themselves in a police state where you are born free until an officer of the law says otherwise, and no one will be able to understand how it happened because they won't notice that it has.

    --

    The enemies of Democracy are
  5. Do they really think...? by KC7GR · · Score: 2, Interesting

    ...that this will be at all effective? Think about this:

    First off, how many people are NOT running Lookout Distress or similar Gatesian Bloatware for their E-mail? Those who fall into this category WILL see the 'Magic Lantern' worm as an unexecuted file attachment, one that is likely to be quickly deleted.

    Second: How long is it going to take the computing community "At Large" to dissect how ML or any other keyboard logger works, and come up with a very effective countermeasure?

    Third: How long will it take seasoned criminals to grab said countermeasure? The ones that are computer-savvy can download and install just as well as any techie.

    This whole exercise seems to be little more than useless window dressing to me. It almost looks like a (somewhat desperate) attempt by the FBI to fool the public into thinking they're effectively fighting terrorists when they may not have the slightest hint of a clue.

    I don't pretend to have all the answers, but I really don't see what good monitoring Lord only knows how many computer keyboards will do. And how is a typical consumer, who can barely find their system's power switch, going to know if they're being monitored?

    --

    Bruce Lane, KC7GR,

    Blue Feather Technologies

  6. Re:Important point by Erasmus+Darwin · · Score: 3, Interesting
    "I don't see anything wrong with the police searching, or spying on, someone if they first get a warrant."

    That's all nice and good, but just to clarify, you quoted text about the FBI being armed with a "court order" as opposed to a "search warrant". It's my understanding that a search warrant has a higher standard of justification that must be met before a judge may issue it.

  7. Quantum Keyboards by argoff · · Score: 3, Interesting

    There is a theoretical solution to this, using quantum diodes and open source software it is possible to create an untapable system. The quantum diodes would be part of an optical based keyboard. When any photons are prematurely observed, the whole thing errors out.

    The nature of open source software would make it difficult to add flaws that couldn't be detected if wanted. In fact, the encription program could do MD5 sums on the kernel and all parts of the OS that grap keystrokes making that impossible too.

    Other ways like a video grab of the keyboard, or biometrics on the individual typing could be done too. But I think the simplest way would be with a smart card that had a mini ATM keyboard on it. The user would keep it in his wallet at all times, and key in a pin before using it - too many guesses would permanently disable it.

  8. Re:Proper procedures were followed by markmoss · · Score: 3, Interesting

    they actually bent over backwards to make sure the KLS did not record any of his online keystrokes.

    Wiretap warrants require more probable cause, because they will capture _everything_, not just the particular conversation the cops are after. So, instead of getting a wiretap warrant, they got a warrant to go after the encryption key and configured the KLS to discard keystrokes when the modem was active, therefore it didn't catch any keystrokes that were being _directly_ transmitted.

    That's highly Jesuitical reasoning. Quite obviously if Scarpo typed e-mail off-line, then dialed in to send it, the KLS would capture that. Sounds like a wiretap to me. More to the principle of the laws, KLS captures everything typed in whenever the modem is off, not just the item specified in the warrant.

    Note that although the FBI insisted and finally convinced the judge that the KLS system was "secret" and so the court and Scarfo's lawyers could only see an edited version of the specs, they did let out how to beat it. Keep that modem running! (Wouldn't an ethernet connection also do this? It's continually active on an external cable, and so under their definition of "wiretapping" KLS would have to stay off.)

    To me, it looks like the courts are going nuts over tiny technical details, which they hardly understand, while missing the big picture. The FBI has lied and concealed evidence about Waco, protected one of their agents who turned out to be spying for many years (Hansen), and at least one field office (Boston organized crime task force) has become difficult to distinguish from the mobsters. And it's pretty clear by now that if anyone is ever disciplined for Waco, it will be a letter of reprimand sent to their retirement home, and I have no reason to expect any significant firings over the other misdeeds, let alone agents going to jail. Yet, the judge will take the FBI's word for it that the KLS has to be secret and the sanitized description released is sufficiently accurate.

    If I could trust the cops to obey the laws and their procedures, I wouldn't worry much about technicalities...

  9. Re:Am I missing something? by Weaselmancer · · Score: 2, Interesting

    Finally an excuse to use my old Amiga!

    The amiga keyboard uses a 6502 processor to communicate to the main cpu - a 68000.

    That's computer-to-computer communication, and therefore protected by the Wiretap statute. Right? ;^)

    --
    Weaselmancer
    rediculous.
  10. Re:Am I missing something? by agentZ · · Score: 3, Interesting

    Ah, the key difference.

    Active communications (e.g. e-mail in transit) are protected by 18 USC 2518. Stored communications that you're talking about, such as e-mails you've received, chat logs, and the like, are protected under 18 USC 2703. The rules regarding these protections, also sometimes called the Electronic Communications Privacy Act (ECPA) are rather complicated and depend greatly on the type of information, how old it is, and where it's being stored.

    The differences active and stored communications can be summed up this way: To intercept an active communication, the government must show probable cause that the interception will yield evidence of a crime. If a federal judge agrees, he will grant a wiretap order, or authority. To obtain stored communications (e.g. connection logs, billing records, stored e-mail, etc.), the government must present probable cause to a judge, who can grant either a search warrant or a court order (also called a 2703 order). The type of records being obtained determines whether a court order or search warrant is issued.