Not A Good Time To Hack -1 reply

Please wait...

jumjum

Write heavy; write hard.

50 XP

11th April 2005

0 Uploads

6,827 Posts

0 Threads

#1 9 years ago

Seems the FBI has some new software toyz that can aim at a suspect in hacking, online extortion or other online crimes. The software goes into a suspect's hardrive and report back all kind of goodies about who you are and what you've been up to. It's called "CIPAV" for "computer and protocol address verifier" - Documents: FBI Spyware Has Been Snaring Extortionists, Hackers for Years | Threat Level from Wired.com

In the past in limited cases the FBI could get a "stroke slave" which told them what you were typing; but usually investigations of "cyber crimes" were "after the fact". The Bureau would not really know where a computer user had gone or what he had done until they had taken the hard drive and copied or "mirrored" it, which used to be a process taking several days or longer. And only then could the search of the hard drive really begin.

The CIPAV is "real time", in that it tells the FBI stuff at the instant you're doing it. But it can do a heck of a lot more than just verify an IP: [INDENT] ....it gathers and reports a computer's IP address; MAC address; open ports; a list of running programs; the operating system type, version and serial number; preferred internet browser and version; the computer's registered owner and registered company name; the current logged-in user name and the last-visited URL. After sending the information to the FBI, the CIPAV settles into a silent "pen register" mode, in which it lurks on the target computer and monitors its internet use, logging the IP address of every server to which the machine connects.(emphasis added)

[/INDENT] It's a search so a search warrant or equivalent court order would certainly be required, but that's not that big a deal to get. I do not think it's considered a wiretap so the standard of probable cause to get the court's permission to do a CIPAV would be much lower than for a wiretap.

In the past, even if the FBI knew or had a pretty good idea of who a hacker was, it wasn't certain they could gather enough technical evidence to priove the hacker guilty. This was an unusual outcome, because with most crimes, if the FBI ever identified the criminal, he was ultimately gonna go down, it was just a matter of time for the FBI to dig up the evidence.

With this CIPAV breakthrough, computer crimes join the ranks of "regular crimes" - a hacker's only hope is to never have his trail picked up in the first place, becasue if it is, the Bu is going to send that bug into his system, and his own box will turn snitch on him.

Now that's a good example of what "to be hoist with your own petard" means.




Mr. Pedantic

I would die without GF

234,620 XP

8th October 2006

0 Uploads

23,127 Posts

0 Threads

#2 9 years ago

Well, doesn't it being a search mean that the user has to be informed that he's undergoing a search?




sheikyerbouti

I spend enough time here

50 XP

11th April 2008

0 Uploads

814 Posts

0 Threads

#3 9 years ago

Does this mean that I have to stop spying on you Jummy ?




jumjum

Write heavy; write hard.

50 XP

11th April 2005

0 Uploads

6,827 Posts

0 Threads

#4 9 years ago
Mr. Pedantic;4866576Well, doesn't it being a search mean that the user has to be informed that he's undergoing a search?

Oh, hell no. At a later time and place the fact of a search would be disclosed, but not while to do so would compromise the investigation.




Lobo

All your base are belong to FH

50 XP

27th April 2003

0 Uploads

6,883 Posts

0 Threads

#5 9 years ago

lol@FBI




Lupin

[ยน2ACR]

50 XP

26th July 2004

0 Uploads

1,259 Posts

0 Threads

#6 9 years ago

I guess hacking is only okay if the government does it.




Guest

I didn't make it!

0 XP

 
#7 9 years ago
Lupin;4866605I guess hacking is only okay if the government does it.

The government monopoly of force has moved into cyberspace.