Slashdot Mirror
FBI Sought Approval To Use Spyware Through FISC
An anonymous reader writes "Wired is reporting that the FBI sought approval to use its custom spyware program, CIPAV, from the secretive Foreign Intelligence Surveillance Court in terrorism or spying investigations. Affidavits prepared for the court are among 3,000 pages of documents gathered, but not yet released, in response to a Freedom of Information Act request from Wired. The FBI hasn't answered any questions about its use of the CIPAV since the program's existence became widely known in July. The FISC is generally regarded as a rubber stamp; it approved over 4,000 surveillance requests in 2005 and 2006[PDF], rejecting none."
Reading up a bit: "The FISA Court did not reject a single warrant application from its beginning in 1979 through 2002. In 2003 it rejected four applications. In 2004, the number was again zero."
I thought it was a good idea
I would just like to know, what could the FBI do to make it's spy ware different from anything else out there in the wild? It would seem to me they would limited to the same techniques anyone can use on a computer, so really wouldn't it be just one more obnoxious program out there?
However I am sure there methods of getting it installed are probably a little more sophisticated than most users are used to dealing with...
But I'm sure they should be using this very lightly, as once the right person figured out it was on their computer and released details to the curious masses, how much good would it do then? As most criminals are well aware they are doing something illegal. All it would take is a little extra effort on the part of the person who fears they could be under surveillance to discover it with proper information/tool, etc..
I'm sick of following my dreams. I'm just going to ask where they're goin' and hook up with 'em later.
Sheesh, I mean, I know IT reporting has gone down teh tubes, but really... maybe if Wired wants to get info from the FBI, they should actually respond to the invite and submit questions -- maybe then they'd hear back.
/Sorry, deliberately obtuse tonight.
"Trolls they were, but filled with the evil will of their master: a fell race..." -- J.R.R. Tolkien on Olog-hai
And if they target Linux, I'll go to FreeBSD, and so on...
I would just like to know, what could the FBI do to make it's spy ware different from anything else out there in the wild?
Features
It's not really funny.
If you're going to wear the tinfoil hat, please make sure to leave enough ventilation for you brain to operate properly.
"Trolls they were, but filled with the evil will of their master: a fell race..." -- J.R.R. Tolkien on Olog-hai
$x='S24;r)>63/* h@<5+oZ)32"5cz';$me='phroggy'x$];
$x=~y+ -xz+\0-Tx+;print$_^chop$me for split'',$x;
According to the /. post from StonyandCher, CIPAV stands for 'Computer and Internet Protocol Address Verifier'.
Yup...it's a computer....yup it's an IP address. Ok, it'sverified, now what?
What it should be called is CIGS..."Completely Illegal Government Spyware".
Other than this text, there is no discernible information contained in this sig.
Of more concern is the question of what the intelligence agencies may be doing off-the-books. It's been claimed that the Bush government has been carrying out surveillance without submitting applications to the FISC, and it's been suggested that the resignation of James Robertson from the FISC is related to revelation of this unauthorised surveillance.
One of the reasons for FISC is to ensure that the surveillance excesses of Nixon and his predecessors - often for political gain - couldn't happen again and provide some oversight to the process of spying on people in the United States. I don't consider myself to be a card-carrying tinfoil-hat-wearing conspiracy theorist nutjob (in part because if we had cards it would make it easier for governments to crack our membership database and figure out who we are and decide to open our mail), but I don't for a minute believe that a single govenment since Nixon completely gave up ALL secret surveillance of US citizens on US soil. Governments are made up of people, and people are secretive beasts who often do things they're officially told not to for reasons of their own and who share information with other like-minded people they come across if they believe it will be to their benefit. The FISC was created for good and noble reasons, and are probably doing the right thing most of the time - the trouble is, I don't believe they're necessarily being told about everything that's happening and may well be given fabricated evidence in support of applications. If Bush and his advisors and/or puppeteers have no problem lying about weapons of mass destruction to start a war, then why should they or their underlings have a problem cooking up believable applications to support their agenda?
"I want to know something, Henry... "
"What?"
"What was the name of the farm next to the Hill house?"
"I don't remember, Daniel... I remember the Hills. I remember their daughter Jenny. I remember Hill and his wife..."
"Do you think Rukia is cuter than Orihime?"
"Who?"
Rukia. Is she cuter than Orihime?"
"I can't remember right now."
"Who are you?"
> The FISC is generally regarded as a rubber stamp; it approved over 4,000 surveillance requests in
> 2005 and 2006[PDF], rejecting none.
This means nothing interesting, unless you can point to some requests that should have been rejected.
If you disagree with me on social issues, then it's pretty clear that you are a narrow-minded bigot.
Much better than picking random people from Afghanistan and throw them in some cuban jail.
This way they can actually get conclusive evidence on suspects without harming the innocent caught in the crossfire.
And just in case the FBI is monitoring this thread, I voted for Bush 3 times.
OSGGFG - Open Source Gamers Guide to Free Games
You think about it, I'll wait:
http://www.securityfocus.com/comments/articles/11372/33500#33500
If you think you have a chance or a clue as to how mature this stuff is, reconsider. Also if they're asking "permission", it's too late.
Hi Mom !
~hylas
'The FISC is generally regarded as a rubber stamp; it approved over 4,000 surveillance requests in 2005 and 2006[PDF], rejecting none.'
Maybe the people submitting the requests understand what is required and make sure they have it everytime so as to not waste the court's time and do not bother if there is any possibility it will be denied. It's this kind of naive view of the world which makes slashdot and related sites (digg, dailykos, etc) such tar pits of stupidity. Of course it's not certain that's what happens (referring to the possibility that they don't bother filing the request unless it obviously meets the standards for approval), but it's a possibility, yet everytime I see this topic mentioned on slashdot I see the same stupid "it's not even possible they make sure they meet the request's basic requirements first" attitude, yet none of you knows for sure, which is very typical of slashdot, et al.
It's nice to know that SOMEBODY is doing something to stop terrorists, instead of just sitting on their fat asses munching cheeze-its and posting bitching and moaning posts on Slashdot.
Thanks, Fibbies. More of us out here respect you than you know.
Given these things are fab'ed in Red China, which government would you be referring to?
I would just like to know if the antivirus vendors purposely cripple their products for Big Brother. If so, it's only a matter of time before some clever black hat exploits that fact, assuming of course, that it isn't already happening.
...and open your mail, and tap your phone, and monitor your internet traffic, because you have different views and aren't afraid to state them. All quite legally. And in many others, they'd probably do it anyway if they felt it was "right" to do so.
Parent raises a fair and intersting point, that Bush considers the FISC to be an impediment to those who are simply trying to protect the American People. If the FISC was merely rubber-stamping whatever the U.S. Government wanted to do, then how could its oversight prevent government from protecting the American People? How come this deserves the "Troll" mod it got?
They say those who don't understand history are doomed to repeat it. Seems to me like a lot of Americans need to bone up on things like the Church Committee.
This is not news. The US intelligence community, including the fbi, has been a known user of key loggers and spyware for about a decade. My link is from 2001, but I have knowledge of a federal investigation in 1998 that used key loggers to track suspects' use of certain services.
This is part of Bush/Cheney's "Spy on Everyone Except Themselves" Program!
I tip my hat at just the look of propriety! Makes me proud!
09 F9 11 02 9D 74 E3 5B - D8 41 56 C5 63 56 88 C0 45 5F E1 04 22 CA 29 C4 93 3F 95 05 2B 79 2A B2
How does one get infected with WWWFBISearchBar, or FBIDesktopBuddy? Does it get installed when your browsing shady government websites, or what?
Obligatory blog plug: http://www.caseybanner.ca/
I'm betting this is about the same time that people like Ted Kennedy were showing up on the No-Fly list.
They say it was a mistake, but I still doubt it. Might have saved his life though; I once maintained a list, on a now defunct site, that listed Senators killed in plane crashes. Oddest thing, almost all Democrats and the Republicans were pacifists or otherwise "left-leaning" (Paul Wellstone [D] and John Heinz [R] for example).
Sure, all just a coincidence, I'm sure of it. Well, pretty sure. Maybe we should be putting spyware on the FBI's machines?
Get your Unix fortune now!
Surely they have a mechanism to roll back code updates, it would be borderline insane if they didn't... so, you've got the code (wireshark, tcpdump), the key (embedded in CPU), and the mechanism (kernel support code) - are you implying that this isn't enough to reverse engineer any/or revert microcode changes? I don't know the first thing about it, but this should be reversible for the same reason that DRM doesn't work - they have to give you the ability and the key if they want to run it on your machine.
Please correct me if I'm wrong.
If I mod you up, it doesn't necessarily mean I agree with what you've said, sorry.
..does it run on Linux?
"What are you waiting for man? Open it!"
you fuckwads.
Just looking at Cheney is frightening enough, spying on him would just be futile. I know you can detect a black hole, but can you actually see anything when you look into one?
I'm not tense. I'm just terribly, terribly, alert.
I don't see anything wrong with the FISA court approving a wiretap, it's not a secret trial ala Rendition. It's going to a Judge and saying 'We think this person is bad and we want to investigate' regular Judges do this all the time. Rejection of wiretaps in the real world are much higher but that is because the subjects of those investigations are more varied in their supposed crimes.
If your a foreign national who came to they attention of the feds for whatever reason that reason will be told to the Judge who will decide if its enough. Granted thats Cold War thinking and thats endemic in the system. Spies are supposed to not be noticed so there is more latitude given to the investigation. And Spies are what they are supposed to be hunting.
Considering the current administration the rejected authorizations were likely Democratic Members of Congress.
Sorry about the writing. Robot fingers, you know? Cliff Steele in DOOM PATROL #23
Use of programs such as spybot, hijackthis, and their ilk has been criminalized
Echelon has been around for 35+ years why isn't it admissible in court? It would sure beat cops busting me for fake crimes in retaliation for stuff I did over 11 years ago as a student.
A deafening silence, more of a response to Michael Eisner than to this article.