Friday, July 20th, 2007...7:05 am

FBI Spyware And Online Privacy

Wired has an interesting article exploring the mechanics of the software that the FBI used to track down a 15 year old student who made bomb threats against his school.

The software is described as a “computer and internet protocol address verifier” or CIPAV for short. If you go through the list of data it captures, it looks like a common piece of spyware or malware.

This is the information it tracks:

  • IP address
  • MAC address of ethernet cards
  • A list of open TCP and UDP ports
  • A list of running programs
  • The operating system type, version and serial number
  • The default internet browser and version
  • The registered user of the operating system, and registered company name, if any
  • The current logged-in user name
  • The last visited URL

While tools like CIPAV are obviously important for exactly the circumstances under which it was used here, the following statement irked me a little.

Under a ruling this month by the 9th U.S. Circuit Court of Appeals, such surveillance — which does not capture the content of the communications — can be conducted without a wiretap warrant, because internet users have no “reasonable expectation of privacy” in the data when using the internet.

I think your average Internet user would disagree. As one of the commenters on the Wired story remarks - if you employ a firewall or use anti-virus software, that demonstrates an expectation of privacy.

With both Google and Ask taking measures to improve privacy in reaction to user concerns, the above statement seems particularly out of place.

Further reading:

6 Comments

Filed under Internet

Tags: , , , ,

If you enjoyed this post subscribe to my RSS feed for free updates.

Related posts:

6 Comments

  • I hate to take a defeatist approach but I just assume there is no place to hide…

    As for the technology…I could do well with it tracking down a few spammers…

  • […] Original post by dan […]

  • It’s getting like that Adrian. We do surrender a lot of our information willingly so I guess we are partly to blame.

  • Dan,

    Isn’t there a difference in the type of information they are collecting? I’m not saavy on what information is transmitted when we connect, but I would think an IP address is reasonable to collect, however, getting the programs running on my computer is an invasion of my personal property.

    Could that be a reasonable dividing line?

    They need to track down the person so they may need to get that information from the computer or subpoena the ISP. I don’t have a clue how that would work.

  • Can’t agree more on the issues of privacy. I currently am writing a series on this at my Sovereign Journey blog.

    Check it out from Mybloglog.

  • Spyware and malware, apart from recording from recording your personal information, slow down your system; keyloggers are used to steal passwords, credit card numbers and the like, and hijacker software are used to take control of your computer. If threats like these are left unattended, they can cause havoc in your life (imagine your credit card information getting stolen; imagine someone grabbing your Yahoo mail password and then sending out malicious mails to all your contacts – the whole scenario is frightening!)

    Great Information….

Leave a Reply

Blogarama - The Blog Directory Personal Blogs - Blog Top Sites Link With Us - Web Directory