nklb
Premium
join:2000-11-17
Ann Arbor, MI
clubs:
| Not detected
My vote is that it was not detected because the AV companies don't have access to it to create the definitions.
The FBI is not exactly interested in showing everyone what their secret programs executables are.
--
for all your Linux questions |
|
Agent_haito
join:2002-09-20
Winston Salem, NC | I wonder if any other foreign governments are doing the same, creating as of yet unknown malware, to penetrate our Networks....  |
|
bhan261
join:2001-02-12
New York, NY | Or worse...creating zombies that could be activated to take down our computer infrastructure in a terrorist attack.
Just because you're paranoid doesn't mean someone isn't out to get you. |
|
Raptor
Not a Dumptruck
join:2001-10-21
London, ON
 ·Rogers Hi-Speed
 ·Bell Sympatico
| Time for...
... Google to offer an AV suite that doesn't bow to the Empire.
Speaking in ignorance, this is actually a good tool that could really be useful for security officials.
Speaking in reality, a little scary, and more than likely excessively non-trustworthy in the hands of aforementioned security officials.
And if someone gives the "if you have nothing to hide then who cares" argument....well, that is so not the point.
--
....where's my fiber? |
|
pnh102
Reptiles Are Cuddly And Pretty
Premium
join:2002-05-02
Mount Airy, MD
·Comcast
| said by Raptor  :And if someone gives the "if you have nothing to hide then who cares" argument....well, that is so not the point. Where is the evidence that the FBI has been using this software on innocent peoples' computers? The only person so far implicated is someone who was planning to bomb a school. I would dare say the FBI was right to take this approach, lest we have another school attack.
My gut feeling is that the FBI probably tricked this guy into installing this software as part of some sort of "legitimate-looking" application. As such, it would probably get past any sort of AV or spyware filtering program.
--
Only SHATNER is Kirk. |
|
TheWickerMan
join:2002-04-09
Enola, PA
| said by pnh102 : The only person so far implicated is someone who was planning to bomb a school. So far.
This is how it always begins. |
|
pnh102
Reptiles Are Cuddly And Pretty
Premium
join:2002-05-02
Mount Airy, MD
·Comcast
| said by TheWickerMan :This is how it always begins. So what should we do then? Disallow law enforcement from using such tactics to catch real criminals because of the possibility that these tactics may be abused?
--
Only SHATNER is Kirk. |
|
morbo
Complete Your Transaction
join:2002-01-22
00000
clubs: | no. checks and balances. they have the SUPER SECRET SECRET COURTS to get warrants to do shit that is so secret not even a regular judge can know about it.
something that the current administration doesn't believe in. |
|
Jim Gurd
Premium
join:2000-07-08
Plymouth, MI
·Comcast
| reply to pnh102
said by pnh102 :My gut feeling is that the FBI probably tricked this guy into installing this software as part of some sort of "legitimate-looking" application. Social engineering gets my vote as well. An anti-virus program with good heuristics might catch it though. |
|
dks7
join:2004-05-31 | reply to pnh102
I'd rather live in a less safe world than allow FBI to use things like this. Some danger in life makes life worth living, the human population has exceeded 6 and a half billion people, we could stand to have a few die ya know. |
|
Placebo
Premium
join:2005-12-14
Huntley, IL
·Comcast
| reply to Raptor
said by Raptor :... Time for Google to offer an AV suite that doesn't bow to the Empire. Google sure bowed to the Chinese empire!
Amazing--Google can do no wrong!
Excuse my while I go puke.
--
Who wants an orange whip? Orange whip? Orange whip? Three orange whips. |
|
Raydr
Premium,MVM
join:2000-11-19
Carrollton, TX
 ·Verizon FIOS
1 edit | How they did it?
I've read all of the articles and there seems to be a lot of people asking "how did they do it?" and "how does a PC in Italy point to a kid in Washington?".
We, by nature, tend to over complicate things when it could have been as simple as this:
1.) We know the kid used an infected PC in Italy to create and maintain this MySpace profile.
2.) MySpace and Google provided the IP of the machine.
3.) The FBI simply connected to infected machine in Italy which was probably wide open, and installed their own spyware. Being that this machine was already compromised, we can assume it did not have a firewall or antivirus/antispyware. Now...:
After CIPAV is installed, the FBI said, it will immediately report back to the government the computer's Internet Protocol address, Ethernet MAC address, "other variables, and certain registry-type information." And then, for the next 60 days, it will record Internet Protocol addresses visited but not the contents of the communications.
So, basically, now the FBI can see what IP addresses this computer is communicating with - namely, they can see the IP address of the computer initiating a remote connection to this infected Italy machine.
4.) Viola, you have your offender.
Simply put, I wouldn't be so fast to give the FBI that much credit. |
|
Squirrelly
join:2000-10-24
Harrisburg, PA | reply to dks7
Re: Time for...
then you have something to hide. I have no problem with this, let them look at my computer, no big deal. If you are not doing anything wrong you have nothing to worry about
--
I bitch. People listen!! |
|
kfsutops
Premium
join:2002-08-19
Brandon, FL
clubs:
| reply to pnh102
said by pnh102 :said by TheWickerMan :This is how it always begins. So what should we do then? Disallow law enforcement from using such tactics to catch real criminals because of the possibility that these tactics may be abused? Oh..I don't know.. Go to a judge and say, "Judge we have a suspect in the bomb case, we need to have a search warrant and confiscate his computer records."
Was there a warrant to allow them to ummm..install this software on a computer without the owners knowledge?
--
"There are no stupid questions, but there are a LOT of inquisitive idiots" |
|
swhx7
Premium
join:2006-07-23
Elbonia
·RoadRunner Cable
1 edit | reply to nklb
Re: Not detected
It appears only in the relatively rare cases of investigations, and is undoubtedly different from any private-sector spyware.
Even if the security-software vendors did have samples, they probably wouldn't build detection into their products. There's a thread about this issue: »Whitelisting keyloggers for law enforcement
It would become possible to detect it if they started using it more widely, because sooner or later they'd target someone who would be astute enough to detect it and would share the info. |
|
pnh102
Reptiles Are Cuddly And Pretty
Premium
join:2002-05-02
Mount Airy, MD
·Comcast
| reply to dks7
Re: Time for...
said by dks7 :I'd rather live in a less safe world than allow FBI to use things like this. So when 9/11 happened, you weren't clamoring at all for the government to try to do something to prevent it from happening? If God-forbid another such attack occurs, you won't be angry at the government for not doing everything it could have to try to prevent the attack?
--
Only SHATNER is Kirk. |
|
pnh102
Reptiles Are Cuddly And Pretty
Premium
join:2002-05-02
Mount Airy, MD
·Comcast
1 edit | reply to morbo
If it is so secret then how do we know about it?
said by morbo :something that the current administration doesn't believe in. *Cough*Carnivore*Cough*
--
Only SHATNER is Kirk. |
|
elboricua
El Subestimado
Premium
join:2001-08-12
Bronx, NY
| reply to Squirrelly
said by Squirrelly :then you have something to hide. I have no problem with this, let them look at my computer, no big deal. If you are not doing anything wrong you have nothing to worry about There is so much wrong with that statement..... I worry about the future of this country. I have nothing to hide either, but I still don't want anyone having unauthorized, unfettered, unchecked access to my computer. Much less the government.
--
My Blog | Sending script kiddies to /dev/null since 1995! |
|
ColorBASIC
8-bit Fun
Premium
join:2006-12-29
Corona, CA
3 edits | Who said the kid was even running AV SW and what brand?
I haven't seen any indication that the 'perp' was using AV software at all. It's all guessing.
I wonder if advanced heuristics fuctions of some of these AV products like NOD32 would have been able to detect it since it's claimed there aren't any defs for it. |
|
