Dear Visitor,

Our system has found that you are using an ad-blocking browser add-on.

We just wanted to let you know that our site content is, of course, available to you absolutely free of charge.

Our ads are the only way we have to be able to bring you the latest high-quality content, which is written by professional journalists, with the help of editors, graphic designers, and our site production and I.T. staff, as well as many other talented people who work around the clock for this site.

So, we ask you to add this site to your Ad Blocker’s "white list" or to simply disable your Ad Blocker while visiting this site.

Continue on this site freely
You are here: Home / Hardware / FBI Uses Spyware To Track Bomb Hoax
FBI Uses Spyware To Track Bomb Hoax
FBI Uses Spyware To Track Bomb Hoax
By Frederick Lane / NewsFactor Network Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
A recently released FBI affidavit in the prosecution of a suspected bomb hoaxer has revealed the development and deployment of an FBI spyware program called the Computer & Internet Protocol Address Verifier (CIPAV).

According to Special Agent Norm B. Sanders, Jr., who applied for an affidavit authorizing the use of CIPAV, the program is capable of secretly sending to the FBI information about a computer's IP and MAC addresses, other environment variables, and certain registry-type information.

Lauren Weinstein, cofounder of People for Internet Responsibility and moderator of the Privacy Forum, said he was not surprised by the information contained in the affidavit.

"Look, many people have known or suspected for a significant time that various agencies are using this technique for surveillance," he said. "It was inevitable that this type of software tool would be developed by law enforcement, particularly given the advances in techniques for concealing and encrypting electronic information."

Bomb Hoax Investigation

The search warrant authorizing the use of CIPAV was sought in the case of a 15-year-old student at Timberline High School in Washington who was suspected of making bomb threats. A handwritten note containing a threat was discovered on May 30, and the high school subsequently received e-mail threats and was hit by a denial-of-service attack.

A week later, another student reported receiving an invitation from a MySpace account with the handle "Timberlinebombinfo," asking her to post a link to the bomb threats on her MySpace page. She reported the invitation to local law enforcement, which subsequently learned that 33 students had received a similar invitation.

When the FBI traced the IP address of the e-mail and MySpace accounts, they were led to a hijacked computer in the National Institute of Nuclear Physics in Italy. Having reached a dead end, they determined that the next step was to send CIPAV to the e-mail address from which the bomb threats were sent.

The information collected by CIPAV led to the arrest of the 15 year-old student, who pleaded guilty on Monday to identity theft, felony harassment, and making bomb threats. He was sentenced to 90 days in juvenile detention.

CIPAV a Powerful Weapon

While noting that this case is not particularly remarkable, Weinstein said that it does raise concerns about the power of CIPAV and what types of information is being gathered by law enforcement. "Once you've got something like this on someone's computer," he noted, "you can basically do anything and learn everything about what that person is doing."

The recent revelations about the scope of the FBI's use of National Security Letters, Weinstein said, undermines the overall confidence in security and law enforcement agencies, and raises questions about whether a program like CIPAV will only be used as the FBI says it is being used. National Security Letters are subpoenas allowing FBI agents to require phone companies, banks, credit agencies, and ISPs to turn over Relevant Products/Services records.

"If techniques like this are going to be used by the FBI and other agencies," Weinstein said, "then we need to have 100 percent trust in the agencies about when such tools will be deployed and under what circumstances. That's the challenge for this society."

Read more on: FBI, NSA, Security, Privacy, Terrorism, Spyware
Tell Us What You Think


Like Us on FacebookFollow Us on Twitter
© Copyright 2016 NewsFactor Network. All rights reserved. Member of Accuserve Ad Network.