02-05-2011, 04:00 AM
CIPAV: FBI Spyware
May 1st, 2011
Via: Electronic Frontier Foundation:
What is CIPAV and How Does It Work?
The documents discuss technology that, when installed on a target's computer, allows the FBI to collect the following information:
IP Address
Media Access Control (MAC) address
"Browser environment variables"
Open communication ports
List of the programs running
Operating system type, version, and serial number
Browser type and version
Language encoding
The URL that the target computer was previously connected to
Registered computer name
Registered company name
Currently logged in user name
Other information that would assist with "identifying computer users, computer software installed, [and] computer hardware installed"3
It's not clear from the documents how the FBI deploys the spyware, though Wired has reported that, in the Washington state case, the FBI may have sent a URL via MySpace's internal messaging, pointing to code that would install the spyware by exploiting a vulnerability in the user's browser. Although the documents discuss some problems with installing the tool in some cases, other documents note that the agency's Crypto Unit only needs 24-48 hours to prepare deployment.4
And once the tool is deployed, "it stay[s] persistent on the compromised computer and . . . every time the computer connects to the Internet, [FBI] will capture the information associated with the PRTT [Pen Register/Trap & Trace Order].5
Posted in Surveillance, Technology
http://cryptogon.com/?p=22088
May 1st, 2011
Via: Electronic Frontier Foundation:
What is CIPAV and How Does It Work?
The documents discuss technology that, when installed on a target's computer, allows the FBI to collect the following information:
IP Address
Media Access Control (MAC) address
"Browser environment variables"
Open communication ports
List of the programs running
Operating system type, version, and serial number
Browser type and version
Language encoding
The URL that the target computer was previously connected to
Registered computer name
Registered company name
Currently logged in user name
Other information that would assist with "identifying computer users, computer software installed, [and] computer hardware installed"3
It's not clear from the documents how the FBI deploys the spyware, though Wired has reported that, in the Washington state case, the FBI may have sent a URL via MySpace's internal messaging, pointing to code that would install the spyware by exploiting a vulnerability in the user's browser. Although the documents discuss some problems with installing the tool in some cases, other documents note that the agency's Crypto Unit only needs 24-48 hours to prepare deployment.4
And once the tool is deployed, "it stay[s] persistent on the compromised computer and . . . every time the computer connects to the Internet, [FBI] will capture the information associated with the PRTT [Pen Register/Trap & Trace Order].5
Posted in Surveillance, Technology
http://cryptogon.com/?p=22088
"Where is the intersection between the world's deep hunger and your deep gladness?"