Politech is the oldest Internet resource devoted to politics and technology. Launched in 1994 by Declan McCullagh, the mailing list has chronicled the growing intersection of law, culture, technology, and politics. Since 2000, so has the Politech web site.

There have been rumors for years about the FBI remotely installing 
spyware via e-mail or by exploiting an operating system vulnerability 
from afar — and now there's confirmation.

Last month, the FBI obtained a federal court order to remotely install 
spyware called CIPAV (Computer and Internet Protocol Address Verifier) 
to find out who was behind a MySpace account linked to bomb threats sent 
to a high school near Olympia, Wash.

The story is here:
http://news.com.com/8301-10784_3-9746451-7.html

I've posted the FBI affidavit, which is interesting reading, and a 
summary of the CIPAV results that the FBI sent back to a magistrate 
judge, here:
http://politechbot.com/docs/fbi.cipav.sanders.affidavit.071607.pdf
http://politechbot.com/docs/fbi.cipav.sanders.search.warrant.071607.pdf

Here's a Slashdot thread:
http://yro.slashdot.org/article.pl?sid=07/07/18/1434229

Wired's article on CIPAV notes that the FBI's 2008 budget request 
includes $220,000 to "purchase highly specialized equipment and 
technical tools used for covert (and) overt search and seizure forensic 
operations... This funding will allow the technology challenges (sic) 
including bypass, defeat or compromise of computer systems":
http://www.wired.com/politics/law/news/2007/07/fbi_spyware

All this is quite timely given our discussion yesterday about security 
firms detecting spyware:
http://www.politechbot.com/2007/07/17/correction-on-security/

-Declan

Posted by Declan McCullagh on Jul 18, 2007 in category privacy

Get a Politech feed through RSS or Atom

The Politech general information pages and photographs are copyrighted by Declan McCullagh. Original posts distributed to the mailing list are licensed under a Creative Commons License.