The Secret History of the FBI's Classified Spyware

An anonymous reader writes "A sophisticated FBI-produced spyware program has played a crucial behind-the-scenes role in federal investigations into extortion plots, terrorist threats and hacker attacks in cases stretching back at least seven years, according to newly declassified documents obtained by Wired.com. The so-called 'computer and internet protocol address verifier,' or CIPAV, is delivered through links to websites controlled by the FBI, and it silently reports back to a government server in Virginia. Among other cases, the FBI used it to track a Swedish hacker responsible for cracking thousands of computers at national labs and NASA's JPL in 2005."

The Ends Don't Justify The Means

[QuantumG]

How is this not breaking the law?

Breaking the law to enforce the law.. way to piss on justice.

Re:The Ends Don't Justify The Means

[tygerstripes]

In the same way that police regularly assault, kidnap or otherwise harass citizens?

Look, I'm not saying I disagree with you, but you need to refine the ethics of your argument a bit if you want to make a useful point. Unless you were just hoping to bash out something that sounded relevant in order to FP...

Re:The Ends Don't Justify The Means

[WCMI92]

"How is this not breaking the law?

Breaking the law to enforce the law.. way to piss on justice."

I've always been skeptical about this and other tricks used by the FBI and other law enforcement. The Constitution is QUITE clear that a search of private property requires a warrant.

Another thing that has always bothered me is that law enforcement lying to citizens is routine and legal, but lying to law enforcement is a crime (even if you don't know the person you are talking to is law enforcement).

Seems to me that if the government wants us to respect the FAR too many laws on the books that it should start following them itself. And that starts with respecting the Constitution.

Re:The Ends Don't Justify The Means

[Shakrai]

So if they obtained court authorization to deploy Sarin gas that'd be ok too right?

Wow, hyperbole much? How is installing software on someones computer with court authorization to monitor their behavior any different from using the warrant to obtain a wiretap or using it to search their home and possessions?

Re:The Ends Don't Justify The Means

[vertinox]

How is installing software on someones computer with court authorization to monitor their behavior any different from using the warrant to obtain a wiretap or using it to search their home and possessions?

I think the problem is that they posted the monitoring tool to a website where anyone could come across and get infected and get monitored.

In those instances, there was no prior suspicions that is needed for a warrant. You cannot randomly search 100 people's houses hoping to find a criminal the same way you can't put software out there to find out whether or not these people are the criminal.

In fact... TFA says the FBI agent was disappointed when the person they hope to infect was not infected so I'm assuming others were who were not the target of the warrant.

Re:RIAA software

[WCMI92]

"FTA :

"After sending the information to the FBI, the CIPAV settles into a silent "pen register" mode, in which it lurks on the target computer and monitors its internet use, logging the IP address of every server to which the machine connects. "

Let's hope the RIAA doesn't get it's hands on this."

What I'd like to see is an open source antivirus/antispyware suite that WILL detect this. I own my computer, not the government, therefore I have a right to know what is running on it and to decide what is and isn't going to run on it.

I don't think it is any of the government's business what websites I go to, what blogs I post on, and for that matter, what porn I download.

Given some of the scary things coming out of the "O"ministration lately (such as the recent homeland security advisory painting people who support the right to own firearms and who object to the outrageous spending going on as "rightwing extremists" and "potential terrorists" I think I and others have a legitimate fear that we may be targeted for such spyware for political reasons.

That's why I opposed and still oppose the patriot act... Not because I am against going after the actual JIHADI terrorists who have and are attacking our country, but because government abuse of it and turning it on law abiding citizens was inevitable.

Note that Obama isn't doing anything to repeal the patriot act (which he used to object to). He wants that power just as much as Bush did.

Re:Linux version?

[srollyson]

This paragraph from TFA is telling:

In a separate February 2007 Cincinnati -based investigation of hackers who'd successfully targeted an unnamed bank, the documents indicate the FBI's efforts may have been detected. An FBI agent became alarmed when the hacker he was chasing didn't get infected with the spyware after visiting the CIPAV-loaded website. Instead, the hacker "proceeded to visit the site 29 more times," according to a summary of the incident. "In these instances, the CIPAV did not deliver its payload because of system incompatibility."

Seems like the FBI exploits browser vulnerabilities a la the Pwn2Own contest in order to deliver CIPAV, but CIPAV itself might not run in linux. I suspect that the FBI will have written a linux-compatible CIPAV after the quoted incident. Probably a bash or perl script so they don't have to worry about different architectures.

On a side note, there was probably some good porn on that page for the hacker to load it 30 times.