[ISN] FBI Using High-Tech Gadgets

From: InfoSec News (isnat_private)
Date: Tue Jul 31 2001 - 00:34:12 PDT

  • Next message: InfoSec News: "[ISN] Code Red Tribulation is nigh, Steve Gibson warns"

    http://www.washingtonpost.com/wp-srv/aponline/20010728/aponline122313_000.htm
    
    By D. Ian Hopper
    AP Technology Writer
    Saturday, July 28, 2001; 12:23 p.m. EDT
    
    WASHINGTON By bugging a keyboard or using special software, FBI agents
    can remotely capture a computer user's every keystroke.
    
    With a black box, they can intercept e-mail from miles away.
    
    In a van parked outside, they secretly can recreate the pictures on a
    computer screen from its electromagnetic energy.
    
    The legal limits for these new investigative tools will get a test
    Monday when a federal court in New Jersey examines a mob case in which
    agents, without a wiretap order, recorded a suspect's computer
    keystrokes.
    
    Privacy experts are watching the case of Nicodemo S. Scarfo Jr. with
    great interest because it could bring major changes to investigative
    tactics in the online age.
    
    "It's the idea of secret government surveillance technology being
    installed with very little oversight or accountability," David Sobel
    of the Washington-based Electronic Privacy Information Center said.
    "It gets about as close to the common perception of Big Brother as
    anything I could really imagine."
    
    Armed only with a search warrant, the FBI broke into Scarfo's business
    and put either a program on his computer or an electronic bug in his
    keyboard officials will not say which and recorded everything typed by
    the son of the jailed former boss of the Philadelphia mob.
    
    The FBI says it needed a password in order to decrypt coded files that
    allegedly contained records of illegal gambling and loan-sharking
    operations.
    
    Scarfo used the software PGP Pretty Good Privacy to encode his
    records. PGP is a strong, free encryption program that can be used for
    e-mail or individual files. The FBI tried to break the encryption
    without the password, but failed. So agents surreptitiously bugged the
    computer to capture it from Scarfo himself.
    
    Scarfo's lawyer wants a Newark, N.J., federal court to suppress the
    evidence and make the FBI say how the bug worked. The lawyer says that
    because the FBI recorded everything Scarfo typed, they got private
    e-mails that were not part of the investigation.
    
    U.S. Attorney Robert J. Cleary has told the court that the
    surveillance device is a "highly sensitive law enforcement search and
    seizure technique" and should not be made public.
    
    Mark Rasch, former head of the Justice Department's computer crimes
    section, said that if the device transmitted the captured keystrokes
    back to the police via e-mail, or emitted them through radio signals,
    then it might be considered a wiretap.
    
    "You really need to understand at what point it captured things, and
    how it got it back to the government, in order to figure out what the
    Fourth Amendment concerns are," Rasch said.
    
    Authorities have to meet a much higher standard for a full wiretap,
    which includes filtering out nonrelevant communications and having
    stronger proof that a crime is taking place.
    
    The government argues it only needed a search warrant for Scarfo's
    computer because the captured keystrokes were not immediately being
    transmitted on the phone line or on the Internet, and should not be
    considered the products of a wiretap.
    
    There are many tools the FBI can use for secretly capturing computer
    information.
    
    Earlier this year, the FBI used a keystroke bug to nab two Russians
    suspected of hacking into U.S. Internet companies. The Russians have
    not yet gone to trial.
    
    In addition to the keystroke logger, technicians can sneak in a
    program that will take intermittent snapshots of the monitor, or
    install a hidden camera pointed at the computer.
    
    There is even a system called TEMPEST that detects electromagnetic
    emanations from a computer monitor. Agents in a van parked outside can
    then reconstruct the desktop.
    
    The FBI also has received widespread attention for a device formerly
    known as Carnivore and now called DCS 1000 that can follow suspects'
    Web browsing, e-mail and instant messages.
    
    "If they can find a way to read your mail or peek in your bedroom and
    find a way for a judge to authorize them to do it, they will do it,"
    Rasch said.
    
    The Supreme Court recently reined in one high-tech tactic when it
    ruled police needed a warrant to use a special heat-sensing device to
    discover that a man was growing marijuana in his home.
    
    However the Scarfo case ends, Sobel said, the high-tech crime
    landscape is bound to change.
    
    "I think it has significant implications for future law enforcement
    investigations," he said. "This type of investigation is the wave of
    the future."
    
    -=-
    
    On the Net: 
    
    PGP: http://www.pgp.com 
    Federal Bureau of Investigation: http://www.fbi.gov 
    Electronic Privacy Information Center: http://www.epic.org 
    
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
    of the mail.
    



    This archive was generated by hypermail 2b30 : Tue Jul 31 2001 - 03:12:46 PDT