FBI Sought Approval To Use Spyware Through FISC

An anonymous reader writes "Wired is reporting that the FBI sought approval to use its custom spyware program, CIPAV, from the secretive Foreign Intelligence Surveillance Court in terrorism or spying investigations. Affidavits prepared for the court are among 3,000 pages of documents gathered, but not yet released, in response to a Freedom of Information Act request from Wired. The FBI hasn't answered any questions about its use of the CIPAV since the program's existence became widely known in July. The FISC is generally regarded as a rubber stamp; it approved over 4,000 surveillance requests in 2005 and 2006[PDF], rejecting none."

Not surprising

[insanechemist]

Reading up a bit: "The FISA Court did not reject a single warrant application from its beginning in 1979 through 2002. In 2003 it rejected four applications. In 2004, the number was again zero."

Re:Not surprising

[garcia]

Reading up a bit: "The FISA Court did not reject a single warrant application from its beginning in 1979 through 2002. In 2003 it rejected four applications. In 2004, the number was again zero."

Why did it reject four in 2003 is what I want to know. Who was being investigated that it would decide to deny the application after 23 years?

Re:

[palegray.net]

Most likely someone with enough influence to get wind of the investigation attempt and pull the plug on it. That's probably a very short list of people and/or organizations.

2003?

[ImaLamer]

I'm betting this is about the same time that people like Ted Kennedy were showing up on the No-Fly list.

They say it was a mistake, but I still doubt it. Might have saved his life though; I once maintained a list, on a now defunct site, that listed Senators killed in plane crashes. Oddest thing, almost all Democrats and the Republicans were pacifists or otherwise "left-leaning" (Paul Wellstone [D] and John Heinz [R] for example).

Sure, all just a coincidence, I'm sure of it. Well, pretty sure. Maybe we should

Re:

[soupforare]

Somebody call Alex Jones!

Re:

[djasbestos]

It was back to zero in 2004 because Bush decided that intelligence agencies shouldn't bother submitting requests anymore. If it didn't reject ANY for 23 years, you gotta wonder..hmmm...are they maybe trying to get a frivolous warrant?

Re:Not surprising

[Anonymous Coward]

Reading up a bit: "The FISA Court did not reject a single warrant application from its beginning in 1979 through 2002. In 2003 it rejected four applications. In 2004, the number was again zero."

That's not necessarily a bad thing. It could be that the government only goes to the FISA court when they have solid evidence that supports a warrant. There isn't enough information available to determine what is going on with FISA.

By comparison, most people who are charged with a crime are actually guilty - that's also a good thing. It means that most of the time, the police charge people with a crime when they actually committed the crime.

Now, that doesn't mean that everyone charged with a crime is guilty; police do make mistakes, and certainly some police are corrupt. But most people charged with a crime are guilty. Would you rather live in a country where most people charged with a crime are innocent?

Re:

[Anonymous Coward]

"That's not necessarily a bad thing. It could be that the government only goes to the FISA court when they have solid evidence that supports a warrant. There isn't enough information available to determine what is going on with FISA." That's by design you idiot. It's a secret court! It is by its very nature a bad thing. This is not freedom. It is fear. It is opression.

Well, since the current administration was engaged in so much warrantless wiretapping, that does suggest the the FISA court was doing a dece

Re:

[cp.tar]

120,000 years? Is Dick Cheney that old? I think you need to dial down the paranoia a bit. Government hasn't been around that long - you're talking about times before metal was known.

So what? They were bashing their heads in with rocks, then.

Re:

[rtb61]

Most people charged with a crime are definitely not guilty, they are all innocent until proven guilty in a public court of law.

Some nasty misdirection going on in this anonymous post, yes most people charged with crimes end up admitting their guilt, that is to be expected with the typical traffic offence.

What would be interesting is how many of those invasions of privacy actually led to conviction, 10,000 odd over the last few years and as they are targeted at locations as well as people including all t

Not surprising, but not necessarily bad.

[Anonymous Coward]

Reading up a bit: "The FISA Court did not reject a single warrant application from its beginning in 1979 through 2002. In 2003 it rejected four applications. In 2004, the number was again zero."

What does this tell us? That the applicants are presenting material in manner that presents the court little choice but to approve the applications. The judges have guidelines regarding what they're supposed to do, and you'd expect the intelligence agencies to be able to put together applications that fit those gui

Re:

[afidel]

The question I have is WTF is the FBI doing talking to the FISC? The FBI is supposed to be tasked with DOMESTIC law enforcement, they are not to be doing international foreign intelligence investigations just as the CIA is not to be doing domestic spying. The only reason I can think of is they had an ongoing criminal investigation going and somehow determined that their target might be linked to terrorism and so they asked for the FISA warrant, but that's an awfully slippery slope if they try to use that wi

Re:

[sempernoctis]

I thought this was called Carnivore [wikipedia.org]... or Magic Lantern [wikipedia.org]... *sigh* so many FBI spy systems to keep track of. But my question is when did they start caring about getting permission?

Court order vs Conviction

[infonography]

I don't see anything wrong with the FISA court approving a wiretap, it's not a secret trial ala Rendition. It's going to a Judge and saying 'We think this person is bad and we want to investigate' regular Judges do this all the time. Rejection of wiretaps in the real world are much higher but that is because the subjects of those investigations are more varied in their supposed crimes.

If your a foreign national who came to they attention of the feds for whatever reason that reason will be told to the Judge

Government Spyware

[milsoRgen]

I would just like to know, what could the FBI do to make it's spy ware different from anything else out there in the wild? It would seem to me they would limited to the same techniques anyone can use on a computer, so really wouldn't it be just one more obnoxious program out there?

However I am sure there methods of getting it installed are probably a little more sophisticated than most users are used to dealing with...

But I'm sure they should be using this very lightly, as once the right person figured out it was on their computer and released details to the curious masses, how much good would it do then? As most criminals are well aware they are doing something illegal. All it would take is a little extra effort on the part of the person who fears they could be under surveillance to discover it with proper information/tool, etc..

Re:

[Anonymous Coward]

Everyone should know by now that AMD, Intel, TI, Arm, IBM, Motorola, etc. have all put secret back doors in their CPU's for just such an occaision. Big brother isn't just watching you, he's in your microcode.

Any proof of that?

[MacDork]

Given these things are fab'ed in Red China, which government would you be referring to?

Re:

[coward12345]

But the microcode is produced and distributed seprately. There will be microcode data in the chip when it is shipped, but a BIOS or operating system can overwrite it on-the-fly with an updated version from upstream. Microsoft even releases microcode updates from chip makers on occasion [microsoft.com], as do some Linux distros.

Intel never describes what they changed in their updates, and their microcode is encrypted with a key that is built into the chip (preventing it from being inspected). And we're talking about hund

This can't be a problem

[Gazzonyx]

Yeah, but I think in Linux all you have to do is pull the microcode update support from your kernel (during a 'make menuconfig') and Intel can't update your CPU. I don't think AMD even has the ability to update the microcode. That and it'll probably take a reboot to enable the new code (complete assumption on my part), couldn't you do something to the effect of running tripwire on /dev/cpu to be notified of changes?

Surely they have a mechanism to roll back code updates, it would be borderline insane if

Re:

[coward12345]

Yes in Linux you can remove the ability to update the microcode. I was only trying to point out that the microcode can be inserted anytime and isn't set in stone at the fab as the GGP suggested.

And a reboot is not required to update microcode, it takes effect immediately.

so, you've got the code (wireshark, tcpdump),

You don't even need that, you can download the code from Intel's site, or see what you have in /etc/firmware/microcode.dat.

the key (embedded in CPU),

As far as I know, nobody has extracted the key.

and the mechanism (kernel support code) - are you implying that this isn't enough to reverse engineer any/or revert microcode changes?

Without that key, the microcode can't be reverse engineered.

But to

FBI Spyware

[gnutoo]

I would just like to know, what could the FBI do to make it's spy ware different from anything else out there in the wild?

Features

• Plug in compatible with IRS 2.0
• Hides from CIA version, dumps state, local and foreign clients.
• Still works with punch cards left over from Operation Paperclip.
• Used by more libraries and newspapers than any other client.
• Unique money back promise.
• Will only cost you your liberty.

It's not really funny.

Re:

[kellyb9]

Still works with punch cards left over from Operation Paperclip

Based on this comment, I have to assume you have insider knowledge of how our government works. Who are you really gnutoo?

Re:

[gnutoo]

If you don't already know who I am, either I know your client better than you think I do or interdepartmental cooperation is as bad as it always was and will be.

Re:

[TheRealMindChild]

They would be smart to take their cue from WeatherBug. Jesus bloody christ, its the only spyware Ive ever seen where the users fight me to keep it.

Re:

[webmaster404]

Weatherbug? I have had users protest switching from IE because they liked the hijacked browser homepage because it had news and weather on it! However they let me replace it when I showed them customized Google.

Re:

[mjtg]

I would just like to know, what could the FBI do to make it's spy ware different from anything else out there in the wild? It would seem to me they would limited to the same techniques anyone can use on a computer, so really wouldn't it be just one more obnoxious program out there?

Well, they could "lean on" anti-spyware vendors and "request" that they not publish signatures that identify their CIPAV. Who's to know that they haven't done this ?

Or maybe Microsoft might provide them with some useful inform

Re:

[webmaster404]

Well chances are the US government has the source to Windows so I bet that they know all the back-doors (they would be foolish to use it without full source) and other governments have less copyright laws so with enough resources they can extract the source so I bet every government by now has easy access to Windows source.

Re:

[Ethanol-fueled]

> Well chances are the US government has the source to Windows so I bet that they know all the back-doors (they would be foolish to use it without full source)...

Well, chances are that the US government has been very foolish lately ;)

Re:Government Spyware

[BitterOak]

I would just like to know, what could the FBI do to make it's spy ware different from anything else out there in the wild? It would seem to me they would limited to the same techniques anyone can use on a computer, so really wouldn't it be just one more obnoxious program out there?

The difference is it is not viral and therefore doesn't escape "into the wild" and reproduce to the point where it eventually falls into the hands of the anti-virus software makers. As a result, their software won't detect it. This is a fundamental weakness with signature-based anti-virus systems. They work great on viruses, which spread indiscriminently, but are useless against a targeted attack by an adversary with the resources to create and deploy their own malware.

Re:

[KudyardRipling]

Would not the removal of such spyware constitute an admission of guilt like destroying a bug?

Re:

[poopdeville]

Destroying a bug is not an admission of guilt.

Re:

[poopdeville]

I am not a lawyer, and this is not legal advice. Talk to your lawyer (immediately!) if you ever find a bug in your vicinity. Especially if you suspect law enforcement is involved. The subject is murky, and you do not want to incriminate yourself. That said, there are a few reasons why destroying a bug is not an admission of guilt. First, you might not realize what you're destroying is a bug. Second, you might think someone other than law enforcement planted it. There are more.

On the other hand, the de

Do AV vendors 'overlook' this spyware?

[MacDork]

I would just like to know if the antivirus vendors purposely cripple their products for Big Brother. If so, it's only a matter of time before some clever black hat exploits that fact, assuming of course, that it isn't already happening.

Re:

[PopeRatzo]

I would just like to know, what could the FBI do to make it's spy ware different from anything else out there in the wild?

I have several answers:

1. Call it Microsoft Windows Vista SP3

2. Say it's special "protect the children" software.

3. Require hardware manufacturers to include it on motherboards (see "V-chip")

4. Give away ten free downloads from iTunes with it.

5. One word: "Steam".

6. Another word: "Silverlight".

7. Still another word: "World of Warcraft Exxtreme Edition"

8... Give me a little time. I'm

Re:

[MillionthMonkey]

...what could the FBI do to make it's spy ware different from anything else out there in the wild? It would seem to me they would limited to the same techniques anyone can use on a computer, so really wouldn't it be just one more obnoxious program out there?

If you travel, they are not restricted to attacks over networks- they can legally get physical access to your machine, [msn.com] which is not a technique just anyone can use.

Nabila Mango, a therapist and a U.S. citizen who has lived in the country since 1965, had

Re:

[(H)elix1]

I would just like to know, what could the FBI do to make it's spy ware different from anything else out there in the wild?

Were it me... I would have Microsoft sign it and push it to my target IP/MAC as a silent Windows update. Even if you say 'let me manually download them', the updater has an API that will automagically download and install a patch. (noticed that a couple years back when one of the big bugs hit) You would have to have Microsoft's cooperation... but, you know, I'm sure they would be willi

Re:

[mikael]

Mystery of Microsoft's automatic updates [zdnet.co.uk]

Re:

[The Angry Mick]

I would just like to know, what could the FBI do to make it's spy ware different from anything else out there in the wild?

Make it pass the Windows Genuine Advantage test?

Meh, IT reporting these days...

[Red Flayer]

FTA:

An FBI spokeswoman then invited Wired to submit a list of questions about the technology, but hasn't gotten back to us.

Well, what should Wired expect? The FBI invited Wired to submit list of questions. Now wired is compaining that the FBI isn't following up on their request for questions?

Sheesh, I mean, I know IT reporting has gone down teh tubes, but really... maybe if Wired wants to get info from the FBI, they should actually respond to the invite and submit questions -- maybe then they'd hear back.

/Sorry, deliberately obtuse tonight.

Re:

[MulluskO]

They published a list of the questions they sent.

Oh, you're joking?

Re:

[Anonymous Coward]

Why should Wired waste it's time doing that? The FBI made the same request last year and then blew Wired off after they got the questions. That's the reason why Wired was forced to submit a FOIA request. The link to the exchange is right there in THE FUCKING SUMMARY, you idiot. In fact, I'll post the link here in this post so it'll real easy for you to find.

http://blog.wired.com/27bstroke6/2007/07/thank-you-for-y.html [wired.com]

Re:

[Red Flayer]

whoosh

Well, I'm glad I use Linux

[the_humeister]

And if they target Linux, I'll go to FreeBSD, and so on...

Re:

[sumdumass]

I'm not sure that there is too many things different to make BSD an alternative to something like linux in the case of spyware.

Your probably better off giving up computing and illegal activities if your that worried about it.

Re:

[sumdumass]

Right.. 'cause anyone who is concerned about privacy or liberty is a terrorist. Dissent these days is an illegal activity, when will open discussion or anything that challenges the government be "reason" to get spied on .. I'm sure some of you have seen the how to identify domestic terrorists handbooks the FBI hands out..

No, it is because paranoid people aren't any safer going with BSD when it comes to a government secretly installing spyware onto your computer if they are already using linux.

They are be

Re:

[eitreach]

You ain't paranoid unless you use AmigaOS for safe browsing.

Re:

[milsoRgen]

AmigaOS for safe browsing.

Nahh it's even easier than that, just go back to a 28.8 modem. There's no way you wouldn't notice something going up or down on that connection.

Re:

[Gazzonyx]

You ain't paranoid unless you use AmigaOS for safe browsing.

...In VMWare on top of Xen...

Re:

[basotl]

In other news... insurgents in Iraq have switched to using Terrorbuntu, in response to the FBI's use of spyware. One Jihadist was quoted as saying, "The new Terrorbuntu is great! Not only can I keep the Infidel FBI from seeing my computer but I am also more productive."

Re:

[jamstar7]

Does it automatically install JihadOffice or is that a seperate download?

Re:

[Red Flayer]

Hey, maybe FBI will even license this software to world's dictators who are sponsored by USA.

*Rolls eyes* That's just plain silly, everyone knows it's the CIA and black ops agencies that sponsor dictators.

If you're going to wear the tinfoil hat, please make sure to leave enough ventilation for you brain to operate properly.

And yet...

[Phroggy]

The FISC is generally regarded as a rubber stamp; it approved over 4,000 surveillance requests in 2005 and 2006[PDF], rejecting none.

Bush has been warning Congress that this same rubber stamp will prevent the government from being able to stop potential terrorist attacks, urging them to extend an unconstitutional law that grants the executive branch permission to bypass the rubber stamp.

Shhh! They'll mod you "Troll"...

[Mr. Roadkill]

...and open your mail, and tap your phone, and monitor your internet traffic, because you have different views and aren't afraid to state them. All quite legally. And in many others, they'd probably do it anyway if they felt it was "right" to do so.

Parent raises a fair and intersting point, that Bush considers the FISC to be an impediment to those who are simply trying to protect the American People. If the FISC was merely rubber-stamping whatever the U.S. Government wanted to do, then how could its oversig

Re:

[Phroggy]

If the FISC was merely rubber-stamping whatever the U.S. Government wanted to do, then how could its oversight prevent government from protecting the American People? How come this deserves the "Troll" mod it got?

Maybe they thought I was spreading FUD, because I was too lazy to provide references. So here we go, from the 2008 State of the Union address [whitehouse.gov]:

On the home front, we will continue to take every lawful and effective measure to protect our country. This is our most solemn duty. We are grateful that there has not been another attack on our soil since 9/11. This is not for the lack of desire or effort on the part of the enemy. In the past six years, we've stopped numerous attacks, including a plot to fly a plane into the tallest building in Los Angeles and another to blow up passenger jets bound for America over the Atlantic. Dedicated men and women in our government toil day and night to stop the terrorists from carrying out their plans. These good citizens are saving American lives, and everyone in this chamber owes them our thanks.

And we owe them something more: We owe them the tools they need to keep our people safe. And one of the most important tools we can give them is the ability to monitor terrorist communications. To protect America, we need to know who the terrorists are talking to, what they are saying, and what they're planning. Last year, Congress passed legislation to help us do that. Unfortunately, Congress set the legislation to expire on February the 1st. That means if you don't act by Friday, our ability to track terrorist threats would be weakened and our citizens will be in greater danger. Congress must ensure the flow of vital intelligence is not disrupted. Congress must pass liability protection for companies believed to have assisted in the efforts to defend America. We've had ample time for debate. The time to act is now.

The legislation Bush alluded to that Congress passed last year was the Protect America Act of 2007 [loc.gov], which was extended by 15 days [networkworld.com] after Bush made his speech. Here is the White House's summary of the Protect America Act [whitehouse.gov] as of August 2007; notice in particular the clause granting immunity to third parties from being sued [eff.org] for giving private data about US citizens to [washingtonpost.com]

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:

[WWWWolf]

What it should be called is CIGS..."Completely Illegal Government Spyware".

CIGS is too easy to detect! One of the most curious signs when CIGS is in operation is that your task bar will very slowly grow shorter!

None rejected means nothing

[n6kuy]

> The FISC is generally regarded as a rubber stamp; it approved over 4,000 surveillance requests in
> 2005 and 2006[PDF], rejecting none.

This means nothing interesting, unless you can point to some requests that should have been rejected.

Re:

[vux984]

What percentage of regular warrants the FBI asks for get denied?
FISA rates should be about the same I'd think, don't you.

It -might- not be meaningful that so few have been rejected, but it -is- interesting, and it immediately suggests that additional investigation should be done.

This is a good thing.

[TurinPT]

Much better than picking random people from Afghanistan and throw them in some cuban jail.

This way they can actually get conclusive evidence on suspects without harming the innocent caught in the crossfire.

Re:

[EaglemanBSA]

...while they mine data that could be used for anything, if the right people got their hands on it. The minute the FBI breaks into my computer to get information, benign or not, whether or not I'm innocent of any crimes, is the minute I pick up and leave. If they're that hell bent on taking my privacy for your false sense of security, they've got problems bigger than a terrorist detonating a bomb in a crowded room.

Honestly, doesn't it seem like the terrorists got what they wanted? They hate us for our fre

SpyWare

[MrCopilot]

Finally an apt use of the name.

And just in case the FBI is monitoring this thread, I voted for Bush 3 times.

You Think About It

[not_hylas( )]

You think about it, I'll wait:

http://www.securityfocus.com/comments/articles/11372/33500#33500 [securityfocus.com]

If you think you have a chance or a clue as to how mature this stuff is, reconsider. Also if they're asking "permission", it's too late.

Hi Mom !

Re:

[Anonymous Coward]

Gee, maybe you should get a clue before posting.

From the Interim Report on FBI Oversight in the 107th
Congress by the Senate Judiciary Committee:

FISA Implementation Failures
Senator Patrick Leahy, Senator Charles Grassley, and Senator Arlen Specter
February 2003

http://www.fas.org/irp/congress/2003_rpt/fisa.html [fas.org]

2. General Findings.

We found that key FBI personnel involved in the FISA process were not properly trained to carry out their important duties. In addition, we found that the structural, manageme

Re:

[poopdeville]

Oh the irony. They already knew you respect them.

not news

[brass1]

This is not news. The US intelligence community, including the fbi, has been a known user of key loggers and spyware for about a decade. My link is from 2001, but I have knowledge of a federal investigation in 1998 that used key loggers to track suspects' use of certain services.

damnit

[brass1]

My link

Said link was even in the preview, but didn't make the post. Try this [msnbc.com].

Re:

[instarx]

This is not news. The US intelligence community, including the fbi, has been a known user of key loggers and spyware for about a decade. My link is from 2001, but I have knowledge of a federal investigation in 1998 that used key loggers to track suspects' use of certain services.

Not only is it not news, it's REALLY not news. In the 70's the Federal government had devices that were able to tell what was being typed on typewriters in real time. These were devices that were attached to the typerwriter power cord (or installed behind the power outlet) that measured current changes. By recording the changes it was possible to re-create the letters typed. This was possible because in Selectric-type typewriters each letter took a slightly different amount of energy to print. Tradition

Spy on Everyone!

[wshwe]

This is part of Bush/Cheney's "Spy on Everyone Except Themselves" Program!

Peering into the void

[The Angry Mick]

This is part of Bush/Cheney's "Spy on Everyone Except Themselves" Program!

Just looking at Cheney is frightening enough, spying on him would just be futile. I know you can detect a black hole, but can you actually see anything when you look into one?

FBI Sought Approval---WOW!!!

[fred911]

I tip my hat at just the look of propriety! Makes me proud!

How does one get it

[kcbanner]

How does one get infected with WWWFBISearchBar, or FBIDesktopBuddy? Does it get installed when your browsing shady government websites, or what?

Oh yeah I can see it now.

[seeker_1us]

"Osama, this email attachment says 'see Brittney Spears naked'!"

"What are you waiting for man? Open it!"

In related news...

[thousandinone]

Use of programs such as spybot, hijackthis, and their ilk has been criminalized