Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Privacy

The FBI Has a Trojan To Watch You 372

Posted by CmdrTaco
from the who-watches-the-watchers dept.
G_of_the_J writes "A man who had cut 18 cables affecting Verizon and Comcast was blackmailing them. He had demanded bank accounts be set up and information be provided on web sites that he specified. Although he used anonymous access to get to the web sites, the FBI had planted a trojan which was downloaded to his computer. The trojan then sent his IP address and other information to the FBI."
This discussion has been archived. No new comments can be posted.

The FBI Has a Trojan To Watch You

Comments Filter:
  • Magic Lantern (Score:2, Interesting)

    by telchine (719345) *

    Is this Magic Lantern, or something new?

      • Re:CIPAV (Score:5, Informative)

        by ausekilis (1513635) on Monday April 20, 2009 @10:42AM (#27646793)
        Some more info and other applications can be found here [wired.com]. Linked in that article are 150 pages of documents involving CIPAV, just take a look here [wired.com]. Kinda makes you wonder exactly how some of these things happen, perhaps some cross-site scripting with the company requesting FBI help. It's worth noting that in order to use CIPAV, the FBI has to get court approval after explaining how the software can help stop a crime.
        • Re: (Score:3, Insightful)

          by Spazztastic (814296)

          It's worth noting that in order to use CIPAV, the FBI has to get court approval after explaining how the software can help stop a crime.

          Like that stopped them from wiretapping without a warrant.

          • Re:CIPAV (Score:5, Informative)

            by DittoBox (978894) on Monday April 20, 2009 @11:03AM (#27647139) Homepage

            I know you're just whoring for karma but I thought I'd point out that it was the NSA that was doing the wiretapping. In addition, we should be applauding the fact that this needs court approval and that they seek that out prior to use.

            I know it's fashionable to hate on Federal law enforcement-and believe me I have plenty of grievances with the way things are done too-but I think you and lot of other folks have the same reactionary emotional response to the Feds that those who think they can do no wrong do, just in reverse.

            • Re:CIPAV (Score:5, Informative)

              by datapharmer (1099455) on Monday April 20, 2009 @11:12AM (#27647287) Homepage
              I mentioned this in another post, but the court approval is often for pen-registers which is not the same as a warrant. See here: http://www4.law.cornell.edu/uscode/uscode50/usc_sup_01_50_10_36_20_III.html [cornell.edu] Essentially it is ok to do without seeking a warrant because they are just recording the passage of information, not the contents. To use a house analogy - they are allowed to sit outside and record every person that comes and goes without a warrant, but if they want to know what was said by those people when they are inside they need a warrant.
            • Re: (Score:3, Insightful)

              by Spazztastic (814296)
              My Karma is already excellent, I'm not afraid to burn it just to make a point as well. I was simply taking a shot at Federal Government and making a point they (as in all of the three-letter-agencies) have done shady business in the past and just because they were court-approved in their dealings for THIS situation, what makes you think they've done it for every other?
          • Re:CIPAV (Score:5, Insightful)

            by Binty (1411197) on Monday April 20, 2009 @11:07AM (#27647197)

            Flamebait, seriously? We had a whole debate about this last summer, and some members of Congress actually argued that the President has a Constitutional prerogative to use whatever intelligence gathering methods he wants as long as he has a plausible argument that we're "at war."

            Note, that it doesn't particularly matter that the President argued he had Constitutional prerogative, presidents always assert that they have more power than they actually have. But Congress is supposed to be a branch of government competing with the President for power, they have incentives to check him instead of enable him.

            So it isn't flamebait at all to note that warrants are questionable protection when it comes to surveillance activities.

            • Re:CIPAV (Score:5, Insightful)

              by dcollins117 (1267462) on Monday April 20, 2009 @11:30AM (#27647589)

              We had a whole debate about this last summer, and some members of Congress actually argued that the President has a Constitutional prerogative to use whatever intelligence gathering methods he wants as long as he has a plausible argument that we're "at war."

              The problem is that as far as the government is concerned, they are always at "war". Presently you can count the wars in Iraq and Afghanistan, as well as all the wars against US citizens, including, but not limited to, the global war on terror, and the war on drugs, and apparently, the war on privacy.

              • Re:CIPAV (Score:5, Insightful)

                by GMFTatsujin (239569) on Monday April 20, 2009 @11:51AM (#27647997) Homepage

                Okay, so if the government wages "the war on privacy" by using invasive techniques, and is justified in doing so by saying "we're at war," then there's obviously no privacy, right?

                So can we say they've won the war on privacy, declare the war over, and thereby rescind the powers it used to wage such a war?

                Whoa. Headspins. Gotta sit down.

              • Re: (Score:3, Interesting)

                by wpiman (739077)
                Don't forget the war on poverty....
                • Re: (Score:3, Interesting)

                  by jc42 (318812)

                  Don't forget the war on poverty....

                  That was my favorite. Especially the part where it ended quickly, as poor people all over the US started asking where they could go to surrender.

                  Now if we could figure out an equally clever response to all the other bogus "wars" on abstract concepts.

        • Re:CIPAV (Score:4, Funny)

          by oneTheory (1194569) on Monday April 20, 2009 @11:00AM (#27647085)

          It's worth noting that in order to use CIPAV, the FBI has to get court approval after explaining how the software can help stop a crime.

          +1 funny

        • Re: (Score:3, Informative)

          by datapharmer (1099455)
          The "court approval" isn't a warrant though... pen-registers are "court approved" and this has been used in circumstances where that is all what they needed (they weren't tapping information they were just recording coming and going... or in this case the IP address of the person they were after)
        • Re: (Score:3, Interesting)

          by PitaBred (632671)
          Are you sure they need a warrant? Last I heard, both the current and previous administrations have held that they just need to think about thinking you're a "terrist" and they can do whatever they want.
      • by Phizzle (1109923)
        Hey my computer is acting FUNNY since I checked that wiki site about CIPAV.
        • Re: (Score:3, Funny)

          by Fred_A (10934)

          Hey my computer is acting FUNNY since I checked that wiki site about CIPAV.

          Zippy ? Is that you ?

      • The article indicates that warrants were requested and issued each time they used this. It would be rather useless for the trojan to inject other malware onto a system that the FBI was likely to seize said equipment shortly after the trojan was planted.

        This doesn't concern me in the slightest as long as they continue to follow the law and request a warrant to plant this trojan. If your a law abiding citizen, then you should never show up on their radar and I see this as no different than a blackmail case
        • by cayenne8 (626475) on Monday April 20, 2009 @12:18PM (#27648445) Homepage Journal
          "That's not to say they don't use this elsewhere, but any person on the internet should consider their activities traceable no matter what hoops they go through. Especially when the telecoms willingly rolled over when requested by the government and most folks get their internet access via said telcoms."

          Well, there are ways to be about 99.99% anonymous on the internet. One way is to set up a nym [iusmentis.com] account, that bounces through serveral remailers like Mixmaster [wikipedia.org]...and basically have the final hop on those to be one of the anon groups on USENET. That way, they don't know who it is reading one of thousands of pgp encrypted emails out there.

          However, when it comes time for the internet to intersect 'meatspace', like when you want to get money. Well, now that part is gonna be a little tougher to do...much easier to track the money.

          • Re: (Score:3, Insightful)

            by MooseTick (895855)

            It would be easier to connect to the site form an free wireless connection. Where I live, some McDonalds, coffee shops, Duncan Donuts, and other places offer free wifi. Just goto one of those, connect with a VM of whatever you like and do your business. When done, revert to your snapshot of how it looked before and whatever virus or trojan they pushed on you should be eradicated.

  • by Anonymous Coward on Monday April 20, 2009 @10:04AM (#27646183)

    Crap. Too bad that website was the top rank on a google search for comcast verizon cut cable blackmail.
    I suppose posting anonymously won't help now.

  • by Shakrai (717556) on Monday April 20, 2009 @10:06AM (#27646209) Journal

    ... if he was stupid enough to visit the "private" website they created for him with such a lax security setup that his computer willingly installed the FBI's trojan.

  • Missing from summary (Score:5, Informative)

    by Loadmaster (720754) on Monday April 20, 2009 @10:07AM (#27646221) Homepage

    There is one important aspect missing from the summary. The FBI got a warrant first. It's not an extension of illegal wiretapping.

    • by ISurfTooMuch (1010305) on Monday April 20, 2009 @10:13AM (#27646341)

      Indeed. As long as a warrant was lawfully obtained, and as long as only the suspect was being targeted, I don't see a problem. From the article, it looks as if the software was passed to him through the private site that he demanded be set up, so it's extremely unlikely, possibly impossible if it was password-protected, that any random person could have stumbled upon it.

    • While I like the fact a warrant was obtained, I'm slightly surprised a warrant was required for this.
      • by idontgno (624372)

        I'm slightly surprised a warrant was required for this.

        Well, IANAL, but since I'm sure this is leading to a criminal prosecution, I can't imagine otherwise. Arguably, the GWOT has encouraged procedural end-runs on Constitutional protections, but such plays have apparently always foreclosed any legal pursuit after the fact. Unless you imagine the cable-cutting 'tards winding up in whatever replaces Gitmo, the warrant would be a dead-on necessity. Even the most feeble and overtaxed public defender would be

    • Sign of the times (Score:5, Insightful)

      by iYk6 (1425255) on Monday April 20, 2009 @10:28AM (#27646581)

      Something is seriously wrong when you have to explicitly state, "The FBI did not commit any crimes in this story." When I read the summary, I felt that the warrant was implied, but with everything that has happened, I also feel that you are completely justified to think that that info was missing.

  • by Anonymous Coward on Monday April 20, 2009 @10:08AM (#27646231)

    He can spoof ips yet he can't install software to detect unwanted outbound traffic?

    Idiot.

    • by Shakrai (717556) on Monday April 20, 2009 @10:17AM (#27646413) Journal

      He can spoof ips yet he can't install software to detect unwanted outbound traffic?

      Detecting it would seem to be a phyrric victory. What good is knowing ahead of time that the FBI has discovered who you are and will be along to arrest you within hours, depending on how bad traffic is?

      A wiser course of action would have been to run off a live-cd with firewall rules configured that only allowed outbound traffic to his anonymizer/tor/botnet/whatever he was using. Combine that with a security policy that wouldn't allow software to be installed and you could probably negate threats like these. "Borrowing" someone's unsecured wi-fi network and making sure that you used a throwaway wireless card (or at least changed the MAC) would also be advised. Preferably from a location really far away from where you live.

      Of course an even wiser course of action would be to not engage in criminal activity to begin with, but apparently this guy decided that wasn't right for him ;)

    • Just goes to show that you shouldn't try your hand at being a career criminal, armed with nothing more than a MSP [www.microsoft.com] credential.
    • by QuantumRiff (120817) on Monday April 20, 2009 @10:55AM (#27646987)

      Your own computer can not be trusted anymore. Look at some of the new stuff being included by default in many computers. You can get a computrace chip installed on the motherboard, you can also have an Intel vPro chipset, that can work outside the OS, without the OS knowing what it is doing. Or, any kind of Hyper visor that is installed, or Rootkit. You can not trust any tool on your computer to tell you if your computer is compromised. You need something like a monitoring tool on your router, or in another machine.

  • All he had to do was be more careful, and possibly boot from CD.

    • by Professor_UNIX (867045) on Monday April 20, 2009 @10:36AM (#27646713)

      Don't you watch the movies? They would've backtraced his IP address through their firewall with a Visual Basic program within seconds. You need to bounce around the world through at LEAST 15 anonymizing proxies for that to work and give you a minute or two of time to taunt them before you disconnect at the last minute just as the blue blipping blob on their VB.Net trace program is about to pinpoint your location in North America as the program starts zooming in on your location with Google Maps.

      Click! All they know is you're in the northeast, but you told them that already right before you disconnected when you said you were calling them from a payphone across the street. When they rush out of their building all they find is an empty payphone with an acoustic coupler attached to the handset and interfaced to some kind of prepaid cell phone. You put down your binoculars that you've been using to watch the situation from the 5th floor of your hotel down the street and press a button on your computer which detonates the C4 conveniently hidden behind the payphone. Did they really think a silly god damn Windows spyware program was going to take you down so easily?

      • Re: (Score:3, Funny)

        by jollyreaper (513215)

        Don't you watch the movies? They would've backtraced his IP address through their firewall with a Visual Basic program within seconds. You need to bounce around the world through at LEAST 15 anonymizing proxies for that to work and give you a minute or two of time to taunt them before you disconnect at the last minute just as the blue blipping blob on their VB.Net trace program is about to pinpoint your location in North America as the program starts zooming in on your location with Google Maps.

        Click! All they know is you're in the northeast, but you told them that already right before you disconnected when you said you were calling them from a payphone across the street. When they rush out of their building all they find is an empty payphone with an acoustic coupler attached to the handset and interfaced to some kind of prepaid cell phone. You put down your binoculars that you've been using to watch the situation from the 5th floor of your hotel down the street and press a button on your computer which detonates the C4 conveniently hidden behind the payphone. Did they really think a silly god damn Windows spyware program was going to take you down so easily?

        And you were getting a blowjob from Halle Berry the whole time! Add in some more titty and I think we have a blockbuster.

  • by Anonymous Coward on Monday April 20, 2009 @10:10AM (#27646267)

    About the party responsible for infiltrating government and military computers.

    In case you've been living in Richard B. Cheney's spider-hole, this F.B.I. system is called Ghostnet [slashdot.org].

    Yours Seditiously,
    Kilgore Trout

    • "About the party responsible for infiltrating government and military computers. In case you've been living in Richard B. Cheney's spider-hole, this F.B.I. system is called Ghostnet"

      I guess the FBI will have to start investigating itself then :)

  • Not to watch you* (Score:2, Insightful)

    by Nitage (1010087)
    *unless you tried to blackmail someone over the internet and they call in the FBI, who then - with the authority of a warrant - use a Trojan to find out where you are. Seriously, how stupid is this guy?
  • by noundi (1044080) on Monday April 20, 2009 @10:12AM (#27646317)
    "This website requires additional ActiveX components to be installed."

    Hmm...

    *click*

    ...

    Oops.
  • by 140Mandak262Jamuna (970587) on Monday April 20, 2009 @10:14AM (#27646353) Journal
    First read Slashdot and understand all the technical details needed to hide your identity. Then go ahead cut the cable and demand ransom.
    • Re: (Score:2, Interesting)

      by Anonymous Coward

      or you could just submit a Ask Slashdot and get all the answers to your future crime.

  • by Lilith's Heart-shape (1224784) on Monday April 20, 2009 @10:14AM (#27646361) Homepage
    If this guy had had half a brain, he would have wiped the computer's hard drive clean by overwriting it with zeroes, and then done everything by using a Linux distribution on a bootable CD that could run entirely in RAM. Instead, he ran Windows and got nailed by a Trojan. Somewhere in the afterlife, J. Edgar Hoover is laughing his panty-clad ass off.
  • by cortesoft (1150075) on Monday April 20, 2009 @10:15AM (#27646369)

    Always use noscript when doing nefarious shit....

  • Good (Score:5, Insightful)

    by SirGarlon (845873) on Monday April 20, 2009 @10:18AM (#27646427)
    TFA says the FBI had a warrant. When that is the case, I *want* them to be able to own a suspect's machine.
    • Re: (Score:3, Insightful)

      by Cajun Hell (725246)

      TFA says the FBI had a warrant. When that is the case, I *want* them to be able to own a suspect's machine.

      I agree that when the good guys act like good guys, I want them to win.

      Your computer never knows who the good guys are, though. And even if everyone signed their attacks (e.g. this spyware is signed by the FBI), it would never know when there's a warrant and when there isn't. (Just as a DRM scheme never knows whether you're trying to violate copyright vs do something innocent.)

      When you receive a

  • by RobotRunAmok (595286) on Monday April 20, 2009 @10:19AM (#27646449)

    Dude was a bad guy. FBI's job is to catch bad guys. FBI uses technology to catch bad guy. I'm not feeling the outrage here...

    In a related story, local law enforcement shot a criminal who tried to hold up a 7-11 when he resisted arrest and brandished a knife. Reports say police used their "gun" technology to do this.

    Point being, we know the FBI has the tech to do this stuff. It's only really a rights issue when they use it against non-criminals, or suspected criminals.

    • by King_TJ (85913) on Monday April 20, 2009 @10:29AM (#27646599) Journal

      I think it's an interesting story, but sure ... if a warrant was obtained first, the FBI actually did this the RIGHT way, and that makes me happy.

      That's how law enforcement is supposed to work. Sometimes it seems like we completely forget that, these days, with all the stories of "the law" just doing whatever they please, secretly.

    • by SirGarlon (845873) on Monday April 20, 2009 @10:31AM (#27646629)

      Actually, the FBI can't tell the difference between a criminal and a suspected criminal. In the U.S., it takes a jury (or a guilty plea) to do that.

      I think your point though is that it's not a violation of someone's rights if the FBI has reasonable evidence *before* they install the Trojan, and it appears they did in this case (because they had a warrant).

      • Re: (Score:3, Funny)

        by sootman (158191)

        Actually, the FBI can't tell the difference between a criminal and a suspected criminal. In the U.S., it takes a jury (or a guilty plea) to do that.

        I was watching some show that had a car chase filmed from a helicopter. Guy had a semi and was wreaking havoc, driving through roadblocks, ramming police cars, going so far as to use his truck to push other cars out of the way when he hit some stopped traffic on the freeway. Finally he's off the road, surrounded by police cars, gets out of his truck, starts figh

  • by Gothmolly (148874) on Monday April 20, 2009 @10:35AM (#27646705)

    That's MY IP address too! Is the FBI hacking my computer as well?

    Remember kids, only criminals use proxies. And only criminals use "an alternate operating system, with a black screen and white characters".

  • They could do it without a trojan, if they had the right signing key. I forget which worm it was, but a few years back there was a major vulnerability that Microsoft patched, which triggered the automatic reboot. The issue was the patch went ahead and updated the machine even if you had the system set to "download, but notify" rather than automagically patch. Similar deal here [zdnet.com] where an update did something it should not have.

    Were I the FBI, I'd make Microsoft 'digitally sign' such a beasty, and then send it via an unannounced update.

    Always helps to have stupid criminals, however.

  • by billcopc (196330) <vrillco@yahoo.com> on Monday April 20, 2009 @11:42AM (#27647807) Homepage

    Is it just me, or does it seem rather contrived that the FBI would (successfully) use a trojan to catch a criminal who is at least someone technically proficient ? Presumably the con would be surfing through a proxy at the very least, and is probably not the kind of user who runs unsolicited downloads from public web sites.

    Call me crazy, but I'd say this smells like a piece of theatre. Now I'm not saying the FBI hired the con, but sometimes I wonder... In an increasingly complex tech world, maybe they feel the need to put on a show, to make people believe the FBI still has things under control.

  • Comodo anyone? (Score:3, Informative)

    by GPLDAN (732269) on Monday April 20, 2009 @11:50AM (#27647969)
    I have mixed feelings about Comodo:

    http://personalfirewall.comodo.com/ [comodo.com]

    On one hand, in Proactive security mode, it will tell you anytime a process it doesn't know does anything. Accessess a registry key, tries to open a socket, tries to piggyback outbound placing a HTTP connection via the IE object, what .dll is getting linked for anything it doesn't know. It's miles ahead of Zonealarm, and it's free.

    On the other hand, if CIPAV has an exception deep in the executable, then it's pointless.

    I wish Comodo was distributed open source and you could compile it yourself using Visual Studio.
  • As long as (Score:3, Insightful)

    by Orion Blastar (457579) <orionblastar&gmail,com> on Monday April 20, 2009 @01:20PM (#27649525) Homepage Journal

    #1 There was a warrant for the wiretapping.
    #2 The guy really did something wrong and against the law.
    #3 He was stupid enough to click on whatever installed the trojan.
    #4 He was stupid enough to cut Internet cables and demand blackmail and ransom from the ISPS.

    We'll just call it an Own Goal for this guy whomever he is.

    As long as the majority of the population who don't do these things aren't domestically spied on, it should be alright.

    If the FBI wants to see what my Traveller RPG group is doing, we could use another Game Master and a few more players as our Game Master is working a job that requires him to travel and cannot GM any more and a few players had quit. No need to plant a trojan on our computers and read our email.

Those who can, do; those who can't, write. Those who can't write work for the Bell Labs Record.

Working...