Welcome to P2PNET.net - The original daily p2p and digital news site. Always First!
Register | Login
RIAA News
Cool Stuff
MPAA News
Games / Consoles
News
Music
Movies
TV
Open Source
Mobiles
Advertising
Product News
P2P
Off Topic
Freedom
Politics
Interviews
Security
DRM
Links
p2pnet Digests
Search: 
Search
 
Web P2PNET   
   Search: 
Search
Torrent Site Tracker
MP3Rocket
 
Add real-time p2pnet headlines to YOUR site ! Click here to download our newsfeed code
p2pnet - rss feed: http://p2pnet.net/p2p.rss | p2pnet celebrities: http://p2pnet.net/celeb.rss | Mobile? http://p2pnet.net/index-wml.php

CIPAV: FBI spyware

p2pnet news | security:- Spyware is obnoxious, and often dangerous, software used by advertising bad guys, primarily, to ferret out information about you without your knowledge.

Correct? Not necessarily because it’s come to light the FBI has been using something called the Computer and Internet Protocol Address Verifier, CIPAV for short, secret surveillance software the agency, “used last month to help identify whoever was e-mailing bomb threats almost daily” to Timberline High School in Lacey, Washington, says PC World, going on:

Special Agent Norm Sanders, who swore out the affidavit, could be Efrem Zimbalist Jr.’s doppelganger for all we know, but he must have been more talkative than the close-lipped character from the late-1960s TV drama The FBI to win over a judge. Sanders had to spill some beans about CIPAV, the agency’s name for what the rest of us would call spyware - software the FBI wanted to plant on the PC used to e-mail the bomb threats in the hope of identifying its owner, and thus the sender.

What does it too, exactly? The answer to that may not be known for some time, and it may never be known, the story says, going on but according to the court filing, at the least CIPAV collects:

  • IP address
  • Media Access Control address for the network card
  • List of open TCP and UDP ports
  • List of running programs
  • Operating system’s type, version and serial number (in Windows, the serial number is the 25-digit alphanumeric product activation key)
  • Default browser and its version
  • Default language of the operating system
  • Currently logged-in user (username) and registered company name (The latter is optional in Windows.)
  • Last visited URL

Does it also CIPAV capture keystrokes? The FBI isn’t talking, says PC World.

And does the FBI have just one stock CIPAV model? Says the story:

The affidavit does seem to hint that the spyware comes in more flavors than just vanilla. It said, “Because the FBI cannot predict whether any particular formation of a CIPAV [emphasis ours] to be used will cause a person(s) controlling the activating computer to activate a CIPAV, I request that this Court authorize the FBI to continue using additional CIPAV’s in conjunction with the target MySpace account (for up to 10 days after this warrant is authorized), until a CIPAV has been activated by the activating computer.”

Was it successful in stopping the bomb threats?

Apparently, but, “With the exception of the affidavit filed by Sanders, however, authorities remained mum throughout as to the specific part that the CIPAV played. We don’t know, for instance, when the spyware was activated, whether it was activated after just one version of the CIPAV had been delivered, or what information it collected” actually led the police to the offender’s home.

SlashdotSlashdot it! Add to Technorati Favorites

Also See:
PC World - Insider Info on the FBI’s Spyware, July 30, 2007

Use free p2pnet newsfeeds for your site. It’s really easy!
Subscribe to p2pnet.net | | rss feed: http://p2pnet.net/p2p.rss | | Mobile - http://p2pnet.net/index-wml.php

Net access blocked by government restrictions? Use Psiphon from the Citizen Lab at the University of Toronto. Go here for details. Download here.

This entry was posted on Wednesday, August 1st, 2007 at 5:05 am and is filed under Security. You can follow any responses to this entry through the RSS 2.0 feed. You can skip to the end and leave a response. Pinging is currently not allowed.

HOME

Viewed 5301 times

« previous p2pnet podcasts: July 30 - 31, 2007
Open post to RIAA student victims next »

2 Responses to “CIPAV: FBI spyware”

  1. cyberscan Says:
    August 1st, 2007 at 7:59 am

    This is one of the reason why I specifically use Linux. Linux does not require people to provide the name of the owner when installing nor does it require any serial number or activation code that can be traced. It is still possible to plant spyware on a computer running Linux if the planting agent takes advantage of a browser flaw. However, with a bit of tweaking, one can defang the resulting spyware so that it is ineffective. All programs running on my computer that accesses the Internet has the SGID set to a group called Internet. IPTABLES is set so that only programs that run as root or belong to the Internet group can access the Internet. In addition, I have the firewall set to allow only programs with certain names to access the Internet (I also modified these programs so that they do not run unless a certain environmental variable is set to a certain value). I change the Agent name and forbid scripts on the browser I use via commonly available plug-ins.

    If one MUST run Winblows, I recommend the following software. ZoneAlarm (personal firewall), AVG Antivirus, (antivirus software) Lavasofts Ad-Aware (anti-spyware), FireFox (webbrowser with the no-script and adblocking programs), Thunderbird (email client), and aaalso, a hardware firewall. I also recommend one pays cash for computer hardware purposes and not buy from a store where one is known. If Windows asks for your name, I recommend using an alias that you are not known to have used, the same goes for your company. Yes, I can visit any site I want to without having to fear that I am going to be infected with somebody’s spyware.

  2. Reader's Write Says:
    August 5th, 2007 at 6:44 pm

    avast! antivirus is superior to AVG and all others.

Leave a Reply
    Advertisments
TekSavvy