PDA

View Full Version : FBIs-Secret-Spyware



wk357mag
2007-07-22, 00:41
http://www.dslreports.com/shownews/The-FBIs-Secret-Spyware-85857

So the question: Does SpyBot S&D have a white list that allow/assist goverments in this way?

PepiMK
2007-07-22, 15:42
Well, use the search history for "Magic Lantern" :D:
At least that was a name given to a suspected FBI spyware or keylogger years ago, and back then we said that we even might add it to detection if we could get hold of a copy, and that hasn't changed for any new software.
And no, we do not have such a whitelist. I really would be speechless from surprise if any government would actually contact us with such a question.

One quote from the news.com article (http://news.com.com/8301-10784_3-9746451-7.html):

Putting the legal issues aside for the moment, one key question remains a mystery: Assuming the FBI delivered the CIPAV spyware via e-mail, how did the the program bypass antispyware defenses and install itself as malicious software? (There's no mention of antivirus defenses in the court documents, true, but the bomb-hoaxster also performed a denial of service attack against the school district computers -- which, coupled with compromising the server in Italy, points to some modicum of technical knowledge.)Well, imho someone with a "modicum of technical knowledge" probably wouldn't execute email or IM attachments from strangers ;) But then, his footprints sound more like a script kiddy using some downloaded DoS tool and the "hacked Italian server" was probably just an open proxy server.

Anyway, it's probably not a modified standard keylogger, and as most news say, it's the first apperance for it. So the chance that no AV/AS just have never seen it before is quite high. And with an unknown sample, I would wonder more why his software firewall didn't warn him (but then, someone who installs software from a strangers email probably would allow that to go through the firewall as well) instead of asking for AV/AS.

wk357mag
2007-07-22, 17:45
The real concern here would be the potential WHITELISTing of known malware, just cause UncleSam would want you to assist them. I could see other companies (cough:MicroCrap:cough) doing such a thing.

I truely didnt suspect that you would do such a thing, but, thought I would post this anyway. As a point of interest to us all. Yeah they may use these tools to get bad people doing bad things. But since they have a history of abusing (controling) citizens with their other tools, I suspect they will do so with these tools too!

Of coarse I may just be paranoid!?!? As I am a memeber of a Special Grand Jury (SGJ-Investigates its own goverment) and has been having alot of computer issues, that have lead me to try to test and work with over 7 software Firewalls (now with Comodo), as my computer has in the past tried to upload data over 7000 times in one evening while I sleep. I cant find any Spyware, or rootkits, ect. But I suspect my rig is comprimised, just havent been able to find it yet. Maybe UncleSam wants access to my notes.