Goverment Computer and Internet Spy Programs

[DNR]

A topic was brought up about Sweden's Government Internet database of all citizen's internet activities. So I did a side research to bring myself up to date with my own country's governmental surveillance programs.

The FBI has been known to use PC-spying technology since at least 1999, when a court ruled the bureau could break into reputed mobster Nicodemo Scarfo's office to plant a covert keystroke logger on his computer. But it wasn't until 2001 that the FBI's plans to use hacker-style computer-intrusion techniques emerged in a report by MSNBC.com. The report described an FBI program called "Magic Lantern" that uses deceptive e-mail attachments and operating-system vulnerabilities to infiltrate a target system.

FBI has a software called "computer and internet protocol address verifier," or CIPAV The full capabilities of the FBI's "computer and internet protocol address verifier" are secret, but some of the data the malware collects from a computer immediately after infiltrating it will be:

• IP address
• MAC address of ethernet cards
• A list of open TCP and UDP ports
• A list of running programs
• The operating system type, version and serial number
• The default internet browser and version
• The registered user of the operating system, and registered company name, if any
• The current logged-in user name
• The last visited URL

///Notice there is NO collection of the content of any type of communications. This is a tool strictly network level, certainly like a pen-register for telephone taps. The pen-register collects only the numbers you call or called you, but not recording any converstations. This is done for a specific reason - Judges are more likely to allow wiretaps that only collect data that would otherwise be collected by a utility company. It protects people's rights to privacy by not listening in to the actual converstations. But, enough evidence can be linked to help gather evidence on a criminal enterprise. This is also important to know because network level data can be stored on citizens of any government that wants to implent a database on internet use easily BUT storage capacity and database research just cannot handle the load of keeping record of converstations on chat, IM, VOIP or just email content. ///

The leakage on CIPAV implies the malware is sent to the suspect via a instant messaging service with a account created by the FBI. This assumes the FBI will try to plant this program via the normal routes of infections - email attachments, links to webhosts holding active script attacks/flash, IM invitations to "see my pictures". Just how the FBI installs CIPAV on a suspect’s computer can be only an educated guess. The FBI can convince security software makers to white-list the application so it could operate undetected. The FBI can exploit a 0day in Windows or whatever OS the suspect uses just like the rest of us. There is no magic wand, just covert assistance from ISPs, webhosts, software vendors, and even perhaps a basement full of hackers like you and me - all working together to break the same rules of TCP/IP.

The CIPAV sends all the data it collects to a FBI server running out of the bureau's technology laboratory at the FBI Academy in Quantico, Virginia.

How long it will spy on you will based on a warrant, and they have a time limit, some can be renewed. They might leave the malware on your computer and just deactivate its communication, perhaps to re-activate if needed.


=========
Magic Lantern

Magic Lantern is also rumored to be covertly installed remotely by the same way as the CIPAV, like common malware. ML has been described as a Trojan horse. Unlike CIPAV, it is suspected to be a RAT, being able to take over the complete computer, perhaps to listen via the microphone and webcamera. It is not known how the program might store or communicate the recorded keystrokes. McAfee security software maker and owner of PGP encryption software had rumors they were cooperating with the Feds for allowing ML to work undetected on their systems.

=========

News:- The FBI’s Carnivore Net surveillance tool has been all-but replaced by commercial software designed for online spying, says EPIC (Electronic Privacy Information Center).

One of the reasons for this is: ISPs are now plugged directly into the US government as information providers, obviating the need for Carnivore, EPIC states.

“Through the Freedom of Information Act, EPIC has obtained FBI reports to Congress stating that the agency did not use its DCS 1000 Internet monitoring system - formerly known as Carnivore - during fiscal years 2002 and 2003,” it says.

“According to the reports, the FBI used commercially available software to conduct court-ordered surveillance twelve times during the two-year period. ”

The reports suggest the FBI’s need for Carnivore-like Net spy tools is decreasing, probably, “because ISPs are providing Internet traffic information directly to the government”.

============

The National Security Agency has been secretly collecting the phone call records of tens of millions of Americans, using data provided by AT&T, Verizon and BellSouth. The agency's goal is "to create a database of every call ever made" within the nation's borders.

This program does not involve the NSA listening to or recording conversations. But the spy agency is using the data to analyze calling patterns in an effort to detect terrorist activity, sources said in separate interviews.

The agency's goal is "to create a database of every call ever made" within the nation's borders, this person added.

======

It does not take a stretch of imagination to see how any government will install spyware, it will likely be at the ISP level. This includes teleco companies both landline and cellular. The technology has to be capable of performing the magic of snooping, and the answers of how its done is obvious - the ISP and the telco companies have to work hand in hand with the goverment.
To imagine a database of every converstation I had via phone, IM, IRC, email, and web forums can be multiplied by billions of other people just like me. You would have to imagine Google's server farm and multiply it by 100. I just do not believe the gov has the resource to store an entire countries converstation, even for a small country like Sweden.

Any detailed investigation has to have a specific target - as protected by the Consitution of our country. The governments actions so far has been to use raw 'network level' data to profile users. The final invasion of our privacy will be with the cooperation of software vendors, ISPs, computer hardware makers, hackers and will include multi agencies, including the census beareu, hospitals, credit card companies, banks etc.

DNR


Reference ---------------------------------------------------------------------

A VERY nice network tutorial and story about FBI tracking highschool prank/email bomb threat
http://blog.wired.com/27bstroke6/files/ ... idavit.pdf
also here
http://www.politechbot.com/docs/fbi.cip ... 071607.pdf

'Lantern' Backdoor Flap Rages
http://www.wired.com/politics/law/news/2001/11/48648

http://rwor.org/a/v22/1070-79/1070/carnivore.htm

FBI drops spy tool
http://www.p2pnet.net/story/3571

NSA has massive database of Americans' phone calls
http://www.usatoday.com/news/washington ... -nsa_x.htm

[Elmeromero]

Hi DNR,

Iam doing a school projekt and looking for other "law enforcement computer viruses" then Magic lanter. Iam seching the net for it and its only ML that pops up, or viruses that pretends that it´s from a law enforcement site. Maybe iam serching it wrong. Do you now any more then ML?

//Elmeromero

[ayu]

Hi DNR,

Iam doing a school projekt and looking for other "law enforcement computer viruses" then Magic lanter. Iam seching the net for it and its only ML that pops up, or viruses that pretends that it´s from a law enforcement site. Maybe iam serching it wrong. Do you now any more then ML?

//Elmeromero

Check out Stuxnet

[bad_brain]

@Elmeromero
here you can find the trojan used by german authorities:
http://ccc.de/en/updates/2011/staatstrojaner" onclick="window.open(this.href);return false;

[Elmeromero]

Thx guys, exellent info

[Elmeromero]

Found another spyware used by law enforcement, its called FinFisher.

[joebox]

nothing new

[computathug]

nothing new

Is that all you had to say on the subject that was so valuable or is this just a way to spam your links across the site because i am finding it all a little bit lame. If you have nothing of value to say then please refrain from saying anything at all.

Any more you will find that your post has been deleted and you may find that i will take the time to remove the rest of your posts that follow the same pattern.

Over and Out

C-Thug

[joebox]

it's quite informative but as I said nothing new. Google is cooperating with all governments with supplying all your information. I made some topics about this previously. A lot of people are touching this subject which is a big concern for a lot of internet users. Facebook is using facial recognition technology. Top CIA official is being caught cheating on his wife through gmail. China has a military hacking team carrying out attacks on the united states. It's a good post but nothing new as in I already know. There's pedophiles in indonesia being caught with there pedophile media, there was this one guy teaching in a school who was caught. As for my signature it's freedom of speech online, a lot of governments are trying to take your freedom online even the usa was debating this topic but I'm happy to be an avid user here on suck-o where my freedom is protected in court by bb when these people come around talking non sense . Also, ISP's are blocking illegal downloads. Let me make some more topics before I get off subject.

[ayu]

it's quite informative but as I said nothing new. Google is cooperating with all governments with supplying all your information. I made some topics about this previously. A lot of people are touching this subject which is a big concern for a lot of internet users. Facebook is using facial recognition technology. Top CIA official is being caught cheating on his wife through gmail. China has a military hacking team carrying out attacks on the united states. It's a good post but nothing new as in I already know. There's pedophiles in indonesia being caught with there pedophile media, there was this one guy teaching in a school who was caught. As for my signature it's freedom of speech online, a lot of governments are trying to take your freedom online even the usa was debating this topic but I'm happy to be an avid user here on suck-o where my freedom is protected in court by bb when these people come around talking non sense . Also, ISP's are blocking illegal downloads. Let me make some more topics before I get off subject.

Well, everyone doesn't know about it ^^
Also, there's no proof that Google is cooperating with "all governments" to give out everyones info