The Secret History of the FBI's Classified Spyware

An anonymous reader writes "A sophisticated FBI-produced spyware program has played a crucial behind-the-scenes role in federal investigations into extortion plots, terrorist threats and hacker attacks in cases stretching back at least seven years, according to newly declassified documents obtained by Wired.com. The so-called 'computer and internet protocol address verifier,' or CIPAV, is delivered through links to websites controlled by the FBI, and it silently reports back to a government server in Virginia. Among other cases, the FBI used it to track a Swedish hacker responsible for cracking thousands of computers at national labs and NASA's JPL in 2005."

Does it work with dumb browsers?

[davidwr]

Does it work with browsers that are too dumb to run scripts or active content?
Does it work with browsers that have scripting and active content disabled?

What useful information does it provide if someone is using a proxy-router-boot-cd environment, besides other web sites visited during that session and perhaps traceroute-type information?

What useful information does it provide if someone is using a boot-cd environment behind a router that connects to the proxy? Traceroute-type information won't be helpful there.

Using dumb/old browsers, disabling active content, using proxy boot cds, and using boot cds behind routers are all things an unsophisticated user can do using turnkey solutions. The only skill required is "download and install software" for the first two, "download and burn a CD image and boot with it" for the third, assuming of course your computer BIOS boots to CD by default as most do. For the 4th, add the step of "go buy a computer and have them install a second network card, and download and burn 2 CDs, one for each computer." Not hard. I don't know if there is a turnkey set of CDs for #4 out yet but I wouldn't be surprised if there is. If there is not today, there may be one tomorrow.

All sounds very Windows like

[AHuxley]

But as you read down, some interesting details.
"The software's primary utility appears to be in tracking down suspects that use proxy servers or anonymizing websites to cover their tracks."
The feds note your interests as you type, not your proxy for the day 1/2 around the world.
What was once a hardware logger install is now your clicking on a link.
"alarmed when the hacker he was chasing didn't get infected with the spyware after visiting the CIPAV-loaded website."
Seems like someone was using a Mac or Linux/other OS?
What do people think? A deep dark federal/MS approved/AV hidden effort?
Or in house/turned/tame spyware author ?
Would Tripwire save you :) ???
The MAC address part reminds me of hints about the anti p2p software called "Operation Fairplay"
http://news.cnet.com/8301-10784_3-9920665-7.html

Re:RIAA software

[WCMI92]

I don't think you are paranoid and I don't trust them one damn bit not to abuse this neat little toy that the FBI has. My point was meant to respond to all the people who are claiming that the FBI shouldn't even have this toy -- would it really bother if you it was used in conjunction with a warrant to monitor a Tony Soprano?

I'm not saying they shouldn't have it and that it shouldn't be used WHEN proper authorization is obtained in accordance with the Constitution, WITH proper supervision, and LIMITED, as the 4th Amendment requires, to "particularly describing the place to be searched, and the persons or things to be seized". It sounds to me from the article that the FBI is capturing ALL activity with this, even that which is unrelated to their authorized investigation. There is no way that is within the letter or spirit of the 4th Amendment.

The "right wing extremists" report was extremely troubling. It was a whole bunch of "coulds" with no specific information and a warning to watch out for returning veterans and firearm owners. WTF?

Well, the current administration has grabbed more power in 3 months than the government has in 30 years. Clearly, they are afraid that opposition to that (and future planned power grabs) is going to do nothing but grow, and that it's naturally going to come from the people who would be classified as being "from the right" and the people they will naturally have to FEAR (and government fear of the people as an incentive to obey the Constitution's restrictions on their power IS the actual purpose of the 2nd Amendment) are people who own firearms.

I know it sounds crazy, and hopefully is, but when you combine the "perfect storm" of a major economic crisis, single party control of government, and a desire to impose more central control (healthcare, industry, etc) with the patriot act which gives that single party the actual AUTHORITY to investigate and even arrest their opposition on a whim we very well might be the closest we've ever been to a Hugo Chavez type authoritarian coup.

And watching the major media drool over "Dear Leader" to the extent that they do is disgusting. What happened to the skepticism and criticism of the government? Is there not just as much a need for journalists to investigate Obama as they did Bush, especially when he's asking for unprecedented power and control? Or does it matter only when the agenda doesn't suit the personal beliefs of the media?

catch it in the wild

[cenc]

It seems strange that no one has managed to catch this in the wild yet, if it has been in use for that long. Would indicate they are using it in a fairly limited scope (perhaps), if for no other reason to keep from defeating their own tool.