[Politech] Replies to FBI, key logging, and wiretap double standards [priv]

From: Declan McCullagh (declan@private)
Date: Tue Mar 30 2004 - 07:46:31 PST

  • Next message: Declan McCullagh: "[Politech] Lesson from Martha Stewart: Don't ever talk to the FBI"

    -------- Original Message --------
    Subject: RE: [Politech] Bernie S on Feds, key logging,and double 
    standards [priv]
    Date: Fri, 26 Mar 2004 09:58:41 -0800
    From: Kevin Bankston  @ EFF <bankston@private>
    To: Declan McCullagh <declan@private>
    
    Declan--the likely difference is that in Scarfo, the keylogger did not log
    keys while the bugged computer was connected to the Internet, hence no
    "communications" were "intercepted."  Presumably, although the article does
    not say, the keylogger in the present case was active while the computer was
    connected to the Internet, or at least an internal corporate network.
    
      --
    Kevin S. Bankston
    Attorney, Equal Justice Works / Bruce J. Ennis Fellow
    Electronic Frontier Foundation
    454 Shotwell Street
    San Francisco, CA 94110
    ph: (415) 436-9333 x126 / fx: (415) 436-9993
    bankston@private / www.eff.org
    
    
    
    -------- Original Message --------
    Subject: RE: [Politech] Bernie S on Feds, key logging,and double 
    standards [priv]
    Date: Fri, 26 Mar 2004 11:24:49 -0500
    From: Ted Bridis <TBridis@private>
    To: Declan McCullagh <declan@private>
    
    >>The Feds claimed their keystroke logger in the Scarfo case was *not* a
    wiretapping device, (they'd failed to get a wiretap warrant) yet they
    charged this guy with violating wiretapping laws for using a keylogger.
    It would be interesting to know what the differences are between these
    keyloggers are, and why using only one of them constitutes
    "wiretapping."<<
    
    The FBI's successful argument was that its keystroke logger (the
    so-called "KLS") in the Scarfo case didn't require a Title III warrant
    because it only captured keystrokes when he was offline (the FBI needed
    his PGP passphrase). The KLS was designed to query the status of the com
    port on Scarfo's computer and only recorded keystrokes when the port was
    inactive (ie, when the modem wasn't in use).
    
    "The FBI, as part of the KLS deployed in the instant investigation, did
    not install and operate any component which would search for and record
    data entering or exiting the computer from the transmission pathway
    through the modem attached to the computer.... For example, if Scarfo
    was online, the modem would be on and the keystroke capture component
    would, by default, not record keystrokes."
    
    Ropp was indicted "on a single count of endeavoring to intercept
    electronic communications, a violation of the federal wiretap statute."
    The $90 Key Katcher that Ropp allegedly used wasn't as fancy as the
    FBI's. Also, ulike the commercial version, the FBI's KLS fits inside the
    PC case out of sight -- "this component was imbedded into Scarfo's
    computer in such a way as to conceal its very existence amidst other
    pre-existing elements of the computer."
    
    See http://www.epic.org/crypto/scarfo/murch_aff.pdf
    
    
    
    
    
    -------- Original Message --------
    Subject: Re: [Politech] Bernie S on Feds, key logging, and double 
    standards [priv]
    Date: Mon, 29 Mar 2004 11:37:33 -0500
    From: Jack Reed <jr0280@private>
    To: Declan McCullagh <declan@private>
    
       Declan,
    
       The government's defense in Scarfo was done in chambers and there is
    very little on record about what they did. The summary they made available
    indicated that they *never* had the keylogger working when Scarfo went
    online. They said they only used it when he typed in his PGP passphrase and
    then shut it off quickly before he connected to the internet. They argued
    that since they were not intercepting any wire transmissions, only
    transmissions on his personal computer, that a wiretapping warrant was not
    necessary. Now, you and your readers may wonder how the Feds pulled off
    this magic trick. Since they convinced the judge that making such
    information public could harm current investigations they got a pass on
    explaining their sleight of hand. I've been very curious to find out how
    they pulled this off but I don't imagine they're planning on going public
    with that anytime soon.
    
       The guy who installed the keystroke logger on his boss's computer was
    intercepting data that was going over the internet which is why he can be
    charged under the wiretapping statute. The FBI should have gotten their
    case thrown out but they used the "if only you knew but we know" argument
    and it was persuasive.
    
       --Jack
    
    
    
    
    
    
    -------- Original Message --------
    Subject: Re: [Politech] Bernie S on Feds, key logging, and double 
    standards [priv]
    Date: Fri, 26 Mar 2004 15:53:42 -0500
    From: Valdis.Kletnieks@private
    To: Declan McCullagh <declan@private>
    CC: politech@private
    References: <406413DC.7080100@private>
    
    On Fri, 26 Mar 2004 06:28:28 EST, Declan McCullagh <declan@private>  said:
    
     > The Feds claimed their keystroke logger in the Scarfo case was *not* a
     > wiretapping device, (they'd failed to get a wiretap warrant) yet they
     > charged this guy with violating wiretapping laws for using a 
    keylogger.  It
     > would be interesting to know what the differences are between these
     > keyloggers are, and why using only one of them constitutes "wiretapping."
    
    The Feds went to excruciating lengths to make sure that their device
    never captured an online keystroke.
    
    http://www.epic.org/crypto/scarfo/murch_aff.pdf
    
    (part of a larger Scarfo collection at 
    http://www.epic.org/crypto/scarfo.html)
    
    
    _______________________________________________
    Politech mailing list
    Archived at http://www.politechbot.com/
    Moderated by Declan McCullagh (http://www.mccullagh.org/)
    



    This archive was generated by hypermail 2b30 : Tue Mar 30 2004 - 07:37:36 PST