Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
Encryption Security

Legal Challenge to FBI's Keystroke Sniffing 217

Factomatic writes: The "Associated Press is reporting that lawyers for" an alleged "Mafia boss who used PGP will argue on Mon. Jul. 30 that keystroke logging is an illegal wiretap after the FBI bugged his computer to get his password to decrypt his files. The case has major implications for privacy rights and other electronic surveillance techniques like Carnivore. The Electronic Privacy Information Center (EPIC) has put the case documents online." Meanwhile, a spending bill proposes a $7 million increase in the FBI's budget for defeating encryption (and stego).
This discussion has been archived. No new comments can be posted.

Mobster to Challenge Computer Surveillance

Comments Filter:
  • The main arguement is whether or not that the original warrant covered the 'wiretap'. The warrant did allow for seizing of passwords via a keystroke logger, but didn't deal with the transmission of the passwords back to the FBI, hence the problem. I suspect that this case will get appealed upstream perhaps to SCOTUS. But if it turns out that the transmission of the passwords required a wiretap order, then a lot of evidence gets thrown out (Fruit of the Poisonous Tree).
  • > Why is it that more of us don't use PGP for all of our emails? I would happily use it if any of my friends actually had public keys. We can't fight these fights unless we all pull together.

    I find this slightly ironic, as you have no PGP key in your user info. What are you waiting for ?
  • by Anonymous Coward on Monday July 30, 2001 @03:43AM (#2183694)
    So before people start flapping their mouths bout how this mafia probably got what he deserved, the agents didn't have a court order to do this.

    They had a search warrant. The distinctin is a technical one, as they indicate that the "bug" did not transmit anything. It doesn't heed to usual wiretapping SOP, as it was placed on the PC in one warranted search, and the data was picked up at another. As such, the agents did not have the ability to choose not to intercept unrelated data, as they would in a standard wiretap (they have to cease listening after 1 minute if there is nothing relevant to the case said, and wait 1 hour before resuming listening, or something like that). Maybe it's easier to think about it like this: what if the FBI got a warrant, broke in while he wasn't there, stole the key to his safety deposit box, made a copy of it, and replaced it without him knowing. It's just different in that they had to come back later to pick up the copy of the key. They aren't relying on any communications intercepted by the key-capture to make their case, only his password, like his safety-deposit box key.

  • While the case will probably turn on a technical distinction, it ought to turn on a much more philosophical one.

    What is the primary difference between a search and a wiretap? Why do we more evidence before a judge can authorize a wiretap than before he/she can authorize a search?

    1) A search is a one-time event, whereas a wiretap represents ongoing surveilence. As such, a search tends to capture a small amount of private, transitory data (i.e. conversations, web cache, etc) while a wiretap tends to capture and catalog a large amount of this sort of information. This is a much greater invasion of privacy.
    2) A search captures narrowly tailored information, whereas a wiretap casts a very wide net. A search warrent that authorized the authorities to look for root kits on your machine ought not allow them to page through your Quicken data. (I realize that the standards for searching a hard drive haven't yet caught up to the standards that apply to the physical realm, but I'm making a philosophical argument.) A wiretap wouldn't permit that level of distinction.
    3) A search does not require, or generally permit, surreptitious entry. Police officers come to your door, announce that they have a search warrent, and enter. When someone searches your home, they have to provide you with a receipt of the items taken. Everything is done very much out in the open. A wiretap, on the other hand, requires that the police don't alert anyone to their entry when they install the bug. The open nature of the search provides a suspect with context that may be useful should he have to exercise his Constitutional right to confront his accuser at trial. In addition, it provides a useful check on government power since it permits outsiders to analyze the pattern and practice of searches to determine whether there's an abuse of power. The FBI could get away with a lot of abuses by wiretapping civil rights organizers in the 60's than they could not have had they done repeated physical searches.

    Using the "if it looks like a duck, walks like a duck, and quacks like a duck" rule, I would submit that the FBI make a wire tap in this case.
  • I am a lawyer, but this is not legal advice. If you need local advice, contact an attorney licensed in your juriscdiction.


    This doesn't even seem like a close call to me. The Bill of Rights is about privacy and the individual in the face of the awesome power of the state. The protections aren't to protect criminals, but to protect us normal folks against intrusions from the state.


    long ago, we decided that wiretaps warranted special procedures, rather than a regular simple warrant. It would be bizarre to keep this reasoning while allowing the more intrusive act of sniffing keystrokes . . .


    hawk, esq.

  • You're spouting nonsense and you know it. Do you really think that broad overgeneralizations about the scope of the DMCA and faulty conclusions are the best way to fight it?

    The DMCA has to go, but clueless, uninformed rambling only helps the other side.

    (On that note: has anyone written an anti-DMCA advocacy FAQ? We need some guidelines in order to present a unified front to the politicians and media. The Linux Advocacy mini-HOWTO [linuxdoc.org] is a terrific example of the type of document meant to keep advocacy focused and rational, and has been quite successful.)

  • by David Price ( 1200 ) on Monday July 30, 2001 @04:47AM (#2183700)
    Agreed up to a point. Law enforcement has a legitimate interest in monitoring the communications of a very limited, very deserving subset of people. This type of activity - implantation of hardware bugs - is, in my opinion, an adequate balance between the individual right to privacy and the government's need to investigate crime. It permits law-abiding citizens and criminals alike to use crypto, and prohibits driftnet operations in which everyone's communications are sniffed; law enforcement must have a sufficiently compelling interest in someone's communications to enter their home or office and physically plant the bug.

    The problem in this specific case is that the FBI had a search warrant, not a wiretap authorization. There's a distinct difference: the suspect knows that his home or office has been searched when a search warrant is acted upon. In the case of a wiretap, the suspect necessarily knows nothing.

    What we have here is law enforcement gaining authorization for one type of activity - a search of a premises - and undertaking in another. I agree that keystroke logging is a valid investigative technique, but there needs to be a legal structure set up to make sure that it's not abused, as, I believe, it was in this case.

  • Typically these days 'wiretaps' are done in software at telco switches. At least there are still some folks around who remember how to do hardware just in case we need them. (The guys who built this gizmo didn't authorize the illegal tap).
    I suspect if you're a criminal you should be using a USB or ADB keyboard to up the ante.


    -----
    My God, it's full of source!
  • by Glytch ( 4881 ) on Monday July 30, 2001 @05:34AM (#2183702)

    I'm not sure if there is a precedent judging whether keylogging is a wiretap or a search, but common sense says it is a wiretap.

    True, therefore I predict that the legal system will decide that it is a search.

  • Leaving aside the question of what if those conversations with the mistress are actually a secret code used for the discussion of the alleged crime, does this mean that wiretap orders are too difficult to get, or that search warrants are handed out on a whim instead of according to the rather strict parameters specified in the Constitution? Isn't a wiretap just a specialized type of search warrant?
  • by unitron ( 5733 ) on Monday July 30, 2001 @03:25AM (#2183704) Homepage Journal
    The really strange thing here is that they had enough to get a search warrant (during the execution of which they allegedly placed a hardware or software bug in the guy's computer) but either didn't have enough to obtain an authorization for a wiretap (in which case one wonders how they had enough for a search warrant) or they just decided not to bother.

    You don't have to be in favor of the existance of the mafia to be bothered by this.

  • The article also talks about techniques to
    "tap" CRT screens by picking up the RF radiation that they emit.

    I was wondering: are LCD screens safe from this kind of tapping?
  • The difference is, they would have required a wiretap order to tap his phone line. A wiretap order also carries a fair amount of restrictions as to how it is applied and what information is usable. In this case, they're doing something that does exactly the same thing as a wiretap, they just don't _call_ it that.

    The argument the lawyers are making is that recording his keystrokes is a wiretap, regardless of whether the information is recorded on a phone line or not. The reasons for this include the fact that they will be gaining personal non-crime related information as well as the fact that they're receiving a stream of information (not a snapshot like they would get in a normal search).

    For example, if they went into this person's home and searched his computer, that would fall under the warrant that they had. That's legitimate, no argument here.

    In a court case, the FBI can require that a defendant give up his password so that they can view the files. In order to do that, they need to have enough evidence to go to trial. Obviously in this case they didn't have enough evidence and they suspected they would if they were able to search the encrypted files. My point being that there were lots of ways that they could have gathered the same information without putting a tap on his machine. (Which is probably why they didn't get a wiretap order - the judge may have said "No, there's other ways you can get this info without doing a tap.")

    If I'm not totally mistaken, the FBI would require some variant of a wiretap order to put a camera in the house and monitor his keystrokes. This shouldn't be any different. I'm not arguing that they shouldn't be able to wiretap/record/etc. However, if they're going to be able to do that, then they need to follow the rules. Get a wiretap order, it isn't that much of a pain in the ass and it means that any information you gather will be used in a trial without being thrown out on technicalities.

    If a criminal goes free because these agents screwed up, then that's the way the system works. It's something that's designed to make sure that police and the FBI don't overstep their bounds... the knowledge that if they do, the case will be tossed out.
  • by cyberwench ( 10225 ) <tunalei@gmail.com> on Monday July 30, 2001 @08:34AM (#2183711)
    The reason the methods are important is that if the way this device works is similar enough to a wiretap, then it will be considered one. Without knowing anything about how the device works, the court can't make any kind of a ruling as to whether it's a tap or not. While I understand the FBI would prefer to keep the information hidden because it would make it harder to circumvent, it is necessary for and relevant to this case.
  • It is because a wiretap requires a high degree of probable cause and also restricts the enforcement ageny to not record communications not covered by the wiretap order. IE. the FBI could get a wiretap covering an alleged crime and record any conversations about that crime; however, if the target starts having phone sex with his mistress the FBI is not supposed to record the information.
  • by TrentC ( 11023 ) on Monday July 30, 2001 @04:59AM (#2183713) Homepage
    The FBI in this case sought legal rights to survey the activities of an alledged mobster. The FBI had reason to survey this person's activities and obtained the legal authroization plant a deveice of some kind.

    Um, no they didn't; that's the whole point of this alleged mobster's suit.

    They had a search warrant, which allowed the FBI to search for currently existing evidence. Scarfo's suit charges that in order to place whatever device they used, they needed a wiretap order, which has a stronger standard to meet.

    Jay (=
  • They had a search warrant. The distinctin is a technical one, as they indicate that the "bug" did not transmit anything.

    So what are the rules for "bugging" a person's home with an audio tap? Their home, not their telephone. Is a search warrant sufficient, or is a court ordered wiretap required? If the former, this may well stand. If the latter, then the FBI were clearly out of bounds and should have known better.

    Invading one's private communications a la a keyboard wiretap is IMHO more akin to opening someone's mail or tapping their telephone, so whatever standards apply to those sorts of actions should apply to this as well. Guess we'll find out soon enough ...
    --
  • A search warrant != legal authorization to plant a bug.

    Remember: it's a "Microsoft virus", not an "email virus",

  • by ethereal ( 13958 ) on Monday July 30, 2001 @04:30AM (#2183720) Journal

    But searching someone's safety deposit box would also require a warrant, which would be separate from the warrant to search someone's home. I don't think your analogy is correct.

    There is a distinction between hard copy communications which are physical objects that may be searched with a search warrant, and immaterial communications (electronic or just voice) which are by definition transitory and don't hang around to be searched. IMHO, if he had anything written down they could have taken it when they searched, but leaving a device which effectively converts a transitory communication (password keystrokes) into a permanent piece of evidence (keystrokes stored in a bug) is effectively a wiretap, rather than a search of physical property that the mafioso already had. The agents had to do something to convert his communications into physical form so they could take it with a search, and in doing so they stepped over the line into wiretap land.

    Your argument has ludicrous consequences, because you could use it to do essentially any wiretap with just a search warrant - just place miniature voice recorders in all the phones, wait a week, come back again and harvest the tapes, and see what you got. I don't think that's consistent with the spirit of the law, which expects law enforcement to get a separate wiretap warrant for intercepting communications.

    Remember: it's a "Microsoft virus", not an "email virus",

  • Of course, with biometric stuff getting so cheap, soon typed passphrases may only be part of the puzzle and even then the FI will somehow manage to succeed.

    If attackers have physical access to your machine, then biometric keys don't add any security. They can just compromise the software, or install a sniffer in between the biometric reader and the software, or something like that. It's the old "trusted machine" problem. If it were possible to secure against this type of attack, then DVD players would have it.


    ---
  • by Midnight Thunder ( 17205 ) on Monday July 30, 2001 @04:37AM (#2183723) Homepage Journal
    For those of you interested, the BBC also has an article [bbc.co.uk] on the same subject.
  • by Black Parrot ( 19622 ) on Monday July 30, 2001 @04:16AM (#2183726)
    > I also don't support a government that believes in wholesale destruction of the constitution to fulfill their agenda.

    What chaps me about law enforcement is that every time a new technology comes out they assume that the constitution doesn't apply to it, and they walk on our constitutional freedoms until the courts reaffirm the constitution. Can't they see that the phrases "secure in their persons and property" and "unreasonable search and seizure" don't have anything to do with what technology is involved?

    IMO, "zero tolerance" should start with the lawmakers and law enforcers. How can they expect us to behave when they don't?

    --
  • One thing I've wondered about this kind of tapping, would putting two CRT monitors next to each other with different displays make it much harder to tap, or is it easy to distingush the two video signals?
  • not that i'm an acronym fascist, but SCOTUS sounds cooler (and for some strange reason, dirtier) than USSC.
    Prolly because you're subconciously adding a couple of letters: SCrOTUmS.
  • by gorilla ( 36491 ) on Monday July 30, 2001 @06:37AM (#2183736)
    I don't think anyone who uses their authority 'thinks' they're misusing it. Even J Edger probably thought he was in the clear when he dug up dirt on the powerful to protect his position, or when he spied on political organizations he disagreed with. Today, few would agree with his actions.
  • by rjh ( 40933 )
    FBI agent Lou Horouchi participated in a cold blooded murder

    His name is Lon Horiuchi. If you're going to slander a man's reputation, at least spell his name right.

    The facts of the matter are very much disputed, depending on which side of the government-paranoia fence you are and how good your common-sense filters are. However, the founder of the FBI's Hostage Rescue Team, Danny Coulson, has publically described Horiuchi's experience as the "tortures of the damned".

    First he was excoriated in an FBI inquiry; then a separate governmental inquiry exonerated him. Then he was indicted on manslaughter statutes for Vicki Weaver's death, and then a judge declared that Horiuchi was immune to prosecution because he was acting in good faith.

    And just last month, a Federal appeals court set aside the immunity decision, clearing the way for Horiuchi to be tried.

    Contrary to what you believe, Horiuchi is not out of the woods. Barring intervention from the Supreme Court, it is overwhelmingly likely that Horiuchi will soon be tried for manslaughter in the death of Vicki Weaver.

    the FBI jackboot who is persecuting Sklyarov is up to become HEAD of the FBI!

    Robert Swan Mueller III is the United States Attorney for the Northern District of California. The charges against Sklyarov were pressed by one of his subordinates. It is overwhelmingly likely that Mueller was never consulted about the Sklyarov prosecution.

    Again, if you're going to slander someone, then at least get which branch of the government they work for correct.

    The next time you decide to rant off with your anti-government rhetoric, please do your research.
  • In American courtrooms, evidence which is obtained illegally is treated no different than any other evidence, as long as the government had no role in the illegality.

    If the government played any role in the illegality, then the evidence is suppressed.
  • While I generally agree with your assessment, let's put it in a little more focus here.

    The detective responsible for the case, Mark Fuhrman, committed perjury on the witness stand and was exposed to the jury as being an unrepentant racist. That, in turn, meant that virtually all the evidence in the criminal trial was suspect. After all, most of the evidence went through Fuhrman's hands at some point. And if Fuhrman would lie on the witness stand, then it's also very possible that he would doctor evidence to ensure a conviction.

    Fuhrman's perjury is what sunk the OJ trial. OJ was acquitted, as was correct. If the police cannot be trusted--and the LAPD clearly cannot, given Fuhrman and Rampart and Rodney King and every other scandal that's come along--then reasonable doubt will always exist as to whether or not someone arrested by the police is really guilty.
  • by Steve B ( 42864 ) on Monday July 30, 2001 @03:34AM (#2183741)
    One thing which stands out about this is that the FBI guys didn't get a wiretap order. This is obviously not a good thing. IIRC, they got a search warrant, and assummed (wrongly IMHO) that the warrant included the right to search his computer

    There's a reasonable case that a search warrant for documents includes a search of the current contents of the target's computer. However, the keystroke sniffer, placed for the purpose of making it possible to monitor future communications, clearly falls into the "wiretap" category rather than the "search" category.

    (The reason the two are different, and the latter requires a higher standard, is that a search can be executed in the presence of the suspect. This serves as a deterrent against illegal expansion of the search into a fishing expedition. Wiretaps, obviously, cannot be known to the suspect until after the fact, which makes them more open to abuse.)
    /.

  • by alteridem ( 46954 ) on Monday July 30, 2001 @03:29AM (#2183742) Homepage
    This guy will probably have his case thrown out of court because agents, without a wiretap order, recorded a suspect's computer keystrokes which the FBI will then spin to make their point that common citizens should not have strong encryption. They will then push for one legal encryption scheme that they have a backdoor password to (deja-vu anyone?)

    This falls perfectly into the government's propoganda that only criminals use encryption. Why is it that more of us don't use PGP for all of our emails? I would happily use it if any of my friends actually had public keys. We can't fight these fights unless we all pull together.

  • by SweenyTod ( 47651 ) <sweenytod.sweenytod@com> on Monday July 30, 2001 @04:52AM (#2183743) Homepage
    The one thing I've always wondered about biometrics, is what happens when somebody steals a copy of your finger prints or a digital picture of your retna?

    It's easy enough to generate a new passphrase or digital key, but swapping fingerprintes must be a bugger of an operation.
  • From the Court Order: Normal investigative procedures to decrypt the codes and keys necessary to decipher the "factors" encrypted computer file have been tried and have failed"

    They couldn't break PGP. PGP _is_ secure. So they broke his computer, which is not secure. They have not said specifically if they used hard or soft methods - they may have used a hidden program, or they may have used Tempest technology.

    For all of you mafioso reading, keep this case in your mind. Do all of your illegal activities on a laptop, and take it with you every where you go. The FBI can't install software on a laptop they can't get to, and they can't pick up tempest radiation off an LCD.

  • by javatips ( 66293 ) on Monday July 30, 2001 @04:22AM (#2183746) Homepage
    why waste all those NSA CPU cycles tryin gto crack it - just grab teh passphrase


    That's the way to go...

    All cryptography expert will tell you that the best way to break encryption is by attacking the protocol. What most people forget, is that entering a secret (the passphrase in this case) is part of the protocol. It is so much easier to attack this part of the protocol than to attack other parts.

    However I did not know that an agent was allowed to modify the scene when doing a search warrant. I always (maybe wrongly) though that search warrant were done to gather information based on what's present. Not to allow an agent to add spoofing devices without your knowledge.

  • by karb ( 66692 )
    I'm usually one of the FBI hawks here (I'd always thought it would be cool to work for them).

    But, I think it's reasonable to agree that they probably need to get a wiretap to install the detection software.

    However, I don't think they're evil. They have no need to control their own authority because they aren't planning to misuse it, hence the arguing for the search warrant only.

    I don't agree on the disclosal of the methods, however. It's probably simple ... enough to fool a criminal. If we know what it does, I don't really see why we need to know how it does that.

  • Yes, I agree.

    I was pointing out that it would be absurd for the FBI to request more oversight, in light of typical /. comments saying the FBI is evil, or the embodiment of big brother, etc.

    The less oversight they have, the more effective they probably feel they can be in fighting crime. It's up to the people (us) and the courts to put checks in place ... I just don't feel it's right to demonize the FBI when they seek less oversight in instances like this. (Even though I think they're wrong ... we'll see)

  • Yeah, but 99% of the FBI's troubles seem to lie with bad processes. I worked at a college with only about 1,000 computers, and we were 'losing' things all the time :)

    And about the wen ho lee thing ... I'm not sure what the scandle was, but he got off easy ... I don't know, maybe that's the scandle?

  • by Coolfish ( 69926 ) on Monday July 30, 2001 @03:16AM (#2183751)
    From the article: agents, without a wiretap order, recorded a suspect's computer keystrokes.

    So before people start flapping their mouths bout how this mafia probably got what he deserved, the agents didn't have a court order to do this. Think about it. If FBI agents have enough "probably cause" and figure they should tap your computer cause you're under suspicision of doing something illegal, and they don't even have to go see a judge to approve it, then your privacy and civil rights have gone right out the window.
  • by Kanasta ( 70274 )
    Hmm. I thot your DMCA said it was illegal to decrypt stuff w/o the owner's permission. So even if they had the key, they shouldn't be allowed to use it w/o a warrant.

    Anyway, that key sniffer sure sounds like a circumvention device to me. Better go arrest the manufacturers too while you're at it.


    ---
  • by plague3106 ( 71849 ) on Monday July 30, 2001 @07:48AM (#2183753)
    What i wonder is, if the FBI doesn't find anything once they enter my house with a search warrent, could they leave a camera behind in hopes of taping me doing something illegal. I would hope that goes beyond the 'resonable search' the 4th amendment protects. Does anyone one know how much freedom the FBI has to bug people, especially when a search doesn't turn up evidence?
  • by ka9dgx ( 72702 ) on Monday July 30, 2001 @08:30AM (#2183754) Homepage Journal
    It's like this... a search is a single shot event... much like a parked State Trooper on the highway. You watch for him, slow down, and all is well. Everyone accepts this as a way of making revenue for the agencies, and a reasonable trade off in keeping drunks down to a low roar.

    A wiretap (or in this case some other form of bug) is like having the police put a monitor in your car, monitoring your speed and location until they come and pick it up.

    If you know the police are watching, you act accordingly. Would you really want to get a ticket for every single time you went more than the posted limit? Would you want to live in a country that allowed it?

    The bill of rights is a restraint on government, because it's better to let ten guilty men go free than to wrongly convict one innocent man.

    The bias against the persons involved is irrelevant, innocent until proven guilty. The bug was illegal.

    --Mike--

  • by BlueUnderwear ( 73957 ) on Monday July 30, 2001 @05:29AM (#2183755)
    > they have to cease listening after 1 minute if there is nothing relevant to the case said, and wait 1 hour before resuming listening, or something like that)

    Does this mean that if you spend one minute talking about the weather, how are the wifes and the kids, etc. you get one wiretap-free hour of talking "business"?

  • I dunno 'bout letting the truly-guilty go free (if there is no real doubt about the quality of the illegally-gathered evidence).

    I always thought it might be a better idea to go ahead and use the evidence, but then go ahead and throw the book at all of the people who were responsible for collecting it illegally (at the very least blacklisting them from law enforcement, and with the possibility of jail time).

    You'd only have to do that a few public times before most enforcers would only play by the book, unless they thought it was worth sacrificing themselves to take down somebody exceptionally bad for society.

    Of course, there should be a special place in hell for those enforcers who make up evidence.
  • You can't do that and still maintain the integrity of the Bill of Rights. To allow someone's rights to be violated by the government, and then to allow that to be used as evidence makes them meaningless.

    I don't agree. That's like saying that punishing someone for suppressing free speech makes the Bill of Rights meaningless. I'd argue that allowing minor points of law to overrule the facts is a major factor in reducing the respect of the average citizen for the rationality of the law.

    You will NEVER discourage government agents violating the Constitutional rights of citizens unless you then DENY them the rewards of the violation, ie, the illegal evidence that leads to a conviction.

    Again, I disagree. You seem to think that government agents act irrationally. If penalties are properly chosen, you _will_ discourage most government agents from illegally gathering evidence. If they are confronted with the choice, then they will have to decide whether the destruction of their lives is worth putting their suspect behind bars. If they're looking at an organized crime leader directly or indirectly responsible for the deaths of thousands who will otherwise walk on a technicality, they might decide that it was worth it. And you won't have scumbags laughing with their high-priced lawyers scott-free on their way out of the court.

    To the courts, there is no difference at ALL between illegally obtained evidence and false planted evidence, and that's the way it should be.

    No, this is not the way it should be. There's a factual difference between illegally obtained evidence & false planted evidence, and this should be taken into account when determining someone's guilt.

    The best way to discourage this practice is to BOTH disallow that evidence, AND to prosecute those responsible.

    As long as the evidence is beyond question, there's no benefit to society to let a guilty-beyond-all-reasonable-doubt person go free. In fact, it's easy to argue that the current system lets the guilty person go free AND lets the illegal-evidence-gathering person remain in law enforcement and/or relatively unpunished. The best result for society is that the truly guilty be punished, in both cases.

    Now, to prevent conflict of interest, I'd certainly agree that any agency responsible for monitoring & discouraging illegal-evidence gathering activities should be autonomous from the agency they are monitoring, and should have the legal authority to back up their duties, unlike the silly Citizen Review Boards & Internal Affairs departments which so many enforcement agencies use to cover their asses.

  • by Greyfox ( 87712 ) on Monday July 30, 2001 @05:06AM (#2183760) Homepage Journal
    Compromising the passphrase is always easier. I'm sure that you could extract the passphrase from just about anyone given a couple of hours and a pair of needle nosed pliers. It's pretty easy to ignore those inconvienent laws against that sort of thing, too, especially if your suspect is thought to be a domestic terrorist or a copyright infringer.
  • Van Eck phreaking may very well be illegal now, even for cops.

    Awhile back, there was a case where the cops used a heat scanner to detect marijana plants inside a house. The lights necessary to grow them efficently apparently give off a recognizable signature, and your average house doesn't have quite so many of them. However, it was ruled that this was an illegal "search".

  • by wannabe ( 90895 ) on Monday July 30, 2001 @04:57AM (#2183762)
    Forgive me for being too ultra paranoid.

    We are currently in very dangerous times. Every action by our government must be highly scrutinized to make sure it is in the best intrests of the populous.

    Yes, this guy's a mobster. The courts will ultimately decide his guilt. Maybe it's fine that this guy goes away.

    Is the FBI right to do this without permission of an advisory? Absolutely not.

    The FBI is not autonomous, neither is our government. Both need oversight. Our constitution provides a means to oversee our government namely in checks and balances as well as elections. In a last resort we have the right to choose a new government as a government derives its authority by the consent of the governed.

    If we choose to not fight each and every small battle for our privacy and rights, later we will not have the option as the war will be lost.


  • People already dislike the idea of government-held key escrow so that idea is not likely to fly again any time soon either.

    Hmmm. Sounds like a business opportunity to me.

    How about "MS Visa Passport .NET", borrowing a few ideas from AOL marketing about it being "easy", "fun", "hip", "sexy", etc?

  • I always knew taco was a troll at heart
  • by cybercuzco ( 100904 ) on Monday July 30, 2001 @03:39AM (#2183768) Homepage Journal
    No, because neither god nor you own your DNA. Specific DNA sequences can and have been patented by whatever drug company first discovers them. Ignoring of course the fact that its a discovery, not an invention, but hey the USPTO is wacky like that. For example, theres a certain gene that will tell wether or not you have a predisposition towards certain types of breast cancer. In order to test to see if you have that gene, you have to pay a drug company a royalty, because they have a patent on that gene. If anything, the drug companies can sue God for patent infringement.
  • "...the hiding of messages in images..."

    Actually, hiding messages in images is just one application of steganography - a while back there was a story about a girl who did a science project about hiding a message in the DNA of a pigeon (http://slashdot.org/articles/00/03/14/1924204.sht ml) [slashdot.org].

    In a wider sense, it's the practice of hiding data in other data (typically a lot of other data to make it harder to find), but still being able to retrieve it on demand.

  • Yeah, that rings a bell. IIRC it was ruled that the cops were effectively searching the house without a warrant - the tech simply enabled them to do this from outside. Following on from that precedent, I guess Van Eck Phreaking could be considered to be bugging someone at a distance.

    However, since the FBI are accused of not seeking clearance to run this "wiretap", I'm guessing they wouldn't bother if this was illegal or not either. And since it's a passive, non-invasive process, you'd never know they were doing it until they tried to use it as evidence : (

  • by Dr_Cheeks ( 110261 ) on Monday July 30, 2001 @04:07AM (#2183773) Homepage Journal
    In short, no. Do a search on TEMPEST or Van Eck Phreaking for more info, but the pixels switching on and off in an LCD screen will generate EM radiation too. In fact, I've even heard of people picking up data straight from the printed circuits on graphic cards and turning it into a useable display, so you don't even need the target machine to have a screen. Creepy, eh?

    Basically, there's 3 good ways to overcome this that I'm aware of:

    1. Make sure your display is gibberish. Unfortunately this makes it kinda difficult to use : )
    2. Set up something to broadcast a load of EM white noise to drown-out the signal from your machine.
    3. Only use your machine from inside a big thick metal box (to block the signal), and make sure that you take a portable power supply in there with you (signals can even propagate down the power supply cable).
    Yes, it's time to be paranoid.
  • Where does the bug typically reside? In software?

    Wouldn't it be possible to check for strange processes running? Or Win2K now has "hit ctrl-alt-del to logon", would it be possible to implement systemwide encryption in a manner similar to that?

    Or if it's in hardware, do you keep your keyboard on your person 24/7? Or use only a laptop and do the same?

  • expansion of the search into a fishing expedition.
    Remember, folks, unless they have the little piece of paper that says 'search warrent' you can make them stand in the door when they're asking questions, cuz if you let them in, they'll wander around looking at things while they talk to you.
  • Yup. Whereas a traditional 'wiretap' sits between two phones, the telephonic equivalent of this would be placing an incredibly small recorder in the mouthpiece of the phone itself; it's not a 'transmitted communication' at that point, under the letter of the law. Sounds like stuff like this will need an amendment to the wiretapping laws to make the letter closer to the spirit.
  • Are there differences in signals by keyboard type? What I mean is, would using a DVORAK keyboard defeat this if it was designed for QWERTY?
  • Yeah, I too would happily use PGP or a similar technology if anybody I knew used it. That's the problem: nobody feels that e-mails containing "fwd:fwd:fwd:Funny joke" and pictures of their cats warrant spending time and money on encryption. Most people, if they don't feel secure sending sensitive info (credit card #'s, financial records, naked pictures of their spouse) by e-mail, will make a phone call or send a registered letter instead. So how does widespread encryption usage get off the ground? I suppose this is one case where all the paranoia about "hackers" could serve a useful purpose and not just as FUD. People already dislike the idea of government-held key escrow so that idea is not likely to fly again any time soon either. So all we need is one encryption standard that the general public feels comfortable using. Could it be PGP? I dunno.
  • by mikeee ( 137160 ) on Monday July 30, 2001 @04:55AM (#2183789)
    Or encase it in concrete. [slashdot.org]
  • by Sara Chan ( 138144 ) on Monday July 30, 2001 @05:30AM (#2183790)
    This weeks edition of The Economist [economist.com] has several stories surveying illegal drugs [economist.com]. The story relevant here is the one on Collateral Damage [economist.com], which begins
    The most conspicuous victim of the war on drugs has been justice, especially in America, ...

    The attack on drugs has led to an erosion of civil liberties and an encroachment of the state that alarms liberals on America's right as well as the old hippies of the left. At the Cato Institute, a right-wing think-tank in Washington, DC, Timothy Lynch is dismayed by the way the war on drugs seems to be corrupting police forces. ...

    Civil liberties ... suffer because there is usually no complaining witness in a drugs case: both buyer and seller want the transaction to take place. The police, says Mr Lynch, therefore need to rely on informants, wire-taps and undercover tactics that are not normally used in other crimes. The result is "a cancer in our courtrooms", as he puts it, that proponents of America's drugs war rarely acknowledge as one of the costs of prohibition.

    Gradually, the police get accustomed to using these "undercover tactics" even when doing so violates civil liberties. And then they use those tactics in more and more investigations, whether it is legal to do so or not--like (perhaps) keystroke sniffing. And of course, they claim that the end result justifies the means. Clearly, Justice is the loser.

    I'm not sure that I agree with all this, but it's an interesting perspective.

  • ...with biometric stuff getting so cheap, soon typed passphrases may only be part of the puzzle...
    As it stands right now I see passphrases as being MORE secure than biometrics, the way the FBI stands. Think about it -- if they're willing to illegally wiretap your computer to get your passphrase, who's to say they won't drug you and use your body against you? Fingerprints and retinal scans are the same when you're drugged as when you're sober. Passphrases can die with you... your fingerprints can't.
  • Re:they DIDN'T have a judge's approval!
    Yes they did. See for yourself.

    From the document linked:

    The seizure and retrival of key related information and encrypted file(s) ordered pursuant to this order do not involove captured communications protected under title 18, United States Code, Sections 2510 et seq..

    This would indicate to me that this was an illegal wiretap. I'm not sure if there is a precedent judging whether keylogging is a wiretap or a search, but common sense says it is a wiretap.


    Enigma

  • At 27, what have you done to warrant a red flag in your FBI file? Did you use the FOIA to find out about your red flag?

    I'm in Raleigh, what part of NC are you in?

    A host is a host from coast to coast, but no one uses a host that's close
  • Yes,

    but your monitor isn't shielded and the screen can be read outside your building at staggeringly large distances.

    If you do attempt something like this, shield your monitor, or shield your room.

    A host is a host from coast to coast, but no one uses a host that's close

  • I AM NOT A CRYPOTGRAPHER: So why doesn't somebody take a keyboard, replace the microcontroller (typically a cyrix 63412) with a beefier one that can do hardware encryption, and use a protocol with a device driver that establish encrypted transmission across the keyboard's cable?

    I'm sure there's a protocol somewhere in "Applied Cryptography" that covers this scenario, something that defeats a sniffer.

    I wouldn't be surprised if this already existed.


    ---
  • The problem in this specific case is that the FBI had a search warrant, not a wiretap authorization. There's a distinct difference: the suspect knows that his home or office has been searched when a search warrant is acted upon. In the case of a wiretap, the suspect necessarily knows nothing.

    Wiretap or no wiretap, the indeed Feds had permission to enter surreptitiously [epic.org] in this case.

    -

  • Yes they did. See for yourself. [epic.org]

    -

  • ...I actually think this is a good thing.

    We've been told for years that encryption must be controlled because it gives Bad Guys the power to evade law enforcement in a way that was not possible using traditional means of telecommunications. This arrest puts lie to that claim. You can have publicly-available encryption without disrupting law enforcement's existing ability to conduct court-ordered surveillance.

    I know some of you have a beef with court-ordered surveillance, and that's cool. But if you don't, then how is this case any different from surreptitious voice recording?

    -

  • Uh, because the court didn't order any surveillance?

    The court order is here [epic.org]. It grants permission to:

    ...search for and seize key related information from Nicodermo S. Scarfo's computer in the TARGET LOCATION
    by deploying recovery methods which will allow the Government to read and interpret data that was previously seized pursuant to a search warrant on January 15, 1999, as well as those to be seized under this present Court Order. (Emphasis mine.)

    It seems from this that the judge indeed intended for a device to be used to get the private key. Scarfo's lawyers are just trying to argue that he should have specifically said "wiretap" if the device actually transmitted information. It's lawyerly semantics.

    -

  • Eventually, the people get used to the technique of keyboard wiretaps, the barrier for using it will go down, and then what? They can use it on innocent people.

    And this is a problem how? :)

    Either they find out that people are not so innocent after all, or tracking the innocent people wastes inordinate amounts of FBI time, making it easier for criminals to slip under the radar.

    Disclaimer: when I'm not being sarcastic I fully support the rights of the non-to privacy and security in their persons. That some crime is undetectable without the invasion of privacy is a price that society must pay to protect the liberty of all.
  • and they can't pick up tempest radiation off an LCD.

    Yes and no, they cannot get a signal from the LCD it self but you can easly get it right off the wires from the video chip.

  • by unicaller ( 228606 ) on Monday July 30, 2001 @09:53AM (#2183822)
    The court order, however, did authorize the FBI to "install and leave behind software, firmware, and/or hardware equipment which will monitor the inputted data entered on Nicodemo S. Scarfo's computer by recording the key-related information as they are entered." from [philly.com] http://inq.philly.com/content/inquirer/2000/12/04/ front_page/JMOB04.htm
  • They probably just used a copy of BackOrifice.
  • Always have the box physically secured. The suspect was using encryption, perhaps firewalls, etc. Folks with a boot disk can do wonders against most OS's - though I suspect they just put a keystroke logger between the boxen and the keyboard in this case.
  • The device they probably used is available commercially at Keyghost [keyghost.com]When was the last time you checked how your keyboard is plugged in?
  • by ConsumedByTV ( 243497 ) on Monday July 30, 2001 @03:31AM (#2183833) Homepage
    Explain about being flagged? How do you know? How would someone else know? Did you simply assess yourself as a risk? Any good links on the subject?


    The Lottery:
  • by daniel_isaacs ( 249732 ) on Monday July 30, 2001 @03:17AM (#2183834) Homepage
    It's a sad day when the Gov't throws you in jail for breaking the encryption that "protects" a copyrighted work, but openly funds and encourages the development of technolgies that violate the privacy of it's Citizens.

  • by baptiste ( 256004 ) <mike&baptiste,us> on Monday July 30, 2001 @03:22AM (#2183836) Homepage Journal
    I've known people who think PGP is invincable - I try to tell them otherwise. But the way teh FBI pulled this off is genius - why waste all those NSA CPU cycles tryin gto crack it - just grab teh passphrase. Of course, with biometric stuff getting so cheap, soon typed passphrases may only be part of the puzzle and even then the FI will somehow manage to succeed.

    This is clearly a case of wiretapping though. My keystrokes are the same a talking (to me anyway, IANAL) so if they need a court order to bug my house, they damn well better need one to bug my keyboard.

    Time to start putting tiny pieces of tape or those warranty type stickers on my keyboard and PC :) Can't be too paranoid ;)

  • "Actually I wonder why terrorist organizations couldn't at least theoretically use this for their advantage. It shouldn't be too hard to get a corrupted, underpaid policeman to intentionally make a "mistake" (for some nice amount of cold cash), should it?"

    This is why there needs to be balance in the law. If you are going to punish those who commit acts against law enforcement more harshly than against joe citizen, you should also punish lawbreaking law enforcement agencies more harshly.

    Of course, that never happens. The point is, if things are the way you want them to be, and evidence is allowed, even if obtained illegally, then you've just made the Bill of Rights irrelevant and given any rogue agent of the government carte blanche to conduct witchunts.
  • "Well, if the case had already reached a verdict, that verdict is thrown out. But the government can refile the case without the offending evidence. Unless of course that conflicts with double jeopardy?"

    It would only violate double jeopardy if the defendant was found not guilty. The Constitution does not allow for someone to be tried again for the same charge if once found not guilty.

    However, it's less likely, of course, that the prosecutors would re-try a case if the primary evidence is tossed. They'd have to have enough evidence left to even bring the charges again, much less make it to trial.

    This brings up an excellent point... It seems to me that law enforcement is getting TOO dependant on high tech means of evidence gathering, to the point where they neglect conventional means. Take the OJ case for example, the prosecution made the defense's case easier given the fact that they staked their WHOLE case on DNA evidence. DNA evidence, that, it turned out, was processed at a lab with a less than stellar record.

    It's likely that in this case, the FBI's case against this mobster relies almost EXCLUSIVELY on this illegally gained evidence. If so, tough shit. Convienience is no excuse to allow government operatives to violate civil rights.
  • "I always thought it might be a better idea to go ahead and use the evidence, but then go ahead and throw the book at all of the people who were responsible for collecting it illegally (at the very least blacklisting them from law enforcement, and with the possibility of jail time)."

    You can't do that and still maintain the integrity of the Bill of Rights. To allow someone's rights to be violated by the government, and then to allow that to be used as evidence makes them meaningless.

    You will NEVER discourage government agents violating the Constitutional rights of citizens unless you then DENY them the rewards of the violation, ie, the illegal evidence that leads to a conviction. To the courts, there is no difference at ALL between illegally obtained evidence and false planted evidence, and that's the way it should be.

    The best way to discourage this practice is to BOTH disallow that evidence, AND to prosecute those responsible.
    I'd rather see guilty go free (like OJ did) than have innocent people imprisoned. Though I agree that he was guilty, I agree that the jury reached the propler verdict, given all the evidence of mishandled (and even planted) evidence and rampant police corruption. As an upside, it's no coincidence that the pursuit of corruption in the LAPD that is going on today is a DIRECT result of that verdict.
  • "This is what happend in the OJ Simpson case. The LAPD got caught trying to frame a guilty man. The Juice walked because the police acted dirty. Note that he promptly lost the civil case."

    This happened largely because the rules of evidence in a civil case (where imprisonment is not a possible penalty) and a criminal case are completely different. And, the burden of proof is less than "reasonable doubt", but is "perponderance of evidence".

    Which, incidentally, I disagree with. I think that civil double-jeopardy following an acquital of the same charge in criminal court should be outlawed, as is actually implied in the Constitution. And that rules of evidence and standard of conviction should be altered to the same tough standards in criminal cases. This would go a long way to reducing abuse of civil court by the powerful as their personal persecution squad.
  • "There was a "good faith" exception to the Exclusionary Rule that sprang out of a court case in 1983. If the cops belive that they are conducting a legal search (eg, they get a warrant, but the judge inserts a typo and the warrant is for the wrong apt), the evidence is not excluded. It does fit well with the 4th Amendment. "

    Something like that I can live with, as the "spirit" of the law was indeed followed (ie, probable cause WAS shown, etc), however, it is still dangerous to allow. The 4th Amendment is very specific that the PERSON and/or PROPERTY to be searched/seized must be enumerated.
  • by mikethegeek ( 257172 ) <blair AT NOwcmifm DOT comSPAM> on Monday July 30, 2001 @05:52AM (#2183842) Homepage
    "But in the US it seems the means justify ends - letting someone known to be a serial killer free just because some inspector or police made a mistake."

    That, of course is not a good thing. But everyone makes mistakes, even the most skilled.

    The reason why the law HAS to be what it is so that police who WILLFULLY violate the law do not get to use that illegal evidence to prosecute someone.

    It's unfortunate, but the only way to prevent jailing INNOCENT people because of the actions of rogue law enforcement is to increase the chance of freeing the guilty. And the kicker is, the more power you give the jackboots, the more likely you are going to jail more innocents than guilty.

    This comes because under the US Constitution, there is a PRESUMPTION of innocence. It's the burden of the state to prove guilt, and they should not be allowed to use evidence obatined illegally.
  • by mikethegeek ( 257172 ) <blair AT NOwcmifm DOT comSPAM> on Monday July 30, 2001 @05:11AM (#2183843) Homepage
    "This particular event needs to be punished, and unfortunately in this case it means a guilty person goes free."

    Don't hold your breath. The FBI has a long and distinguished history of breaking the law, and I've yet to see a FBI agent be punished for what they've done, unless it's spying.

    FBI agent Lou Horouchi participated in a cold blooded murder, that of Vicki Weaver and her baby, yet wasn't even prosecuted. In fact, he and his fellow jackboots got awards and promotions. Hell, the FBI jackboot who is persecuting Sklyarov is up to become HEAD of the FBI!

    Which is why we need the courts to defend the Constitution. While I'm all for putting mobsters away, the ENDS DO NOT JUSTIFY THE MEANS. To advocate that is to advocate lawlessness and anarchy.

    The only way the FBI will stop violating the Constitution is to lose cases against people they violate.

    This is why under US law, evidence obtained illegally is NOT evidence in the eye of the courts, this is ultimately the ONLY check and balance that will provide incentive for law enforcement to obey the law.
  • by eXtro ( 258933 ) on Monday July 30, 2001 @03:23AM (#2183846) Homepage
    I don't by any means support organized crime. I also don't support a government that is both allowed to and willing to use loopholes in the system to drum up evidence against somebody. I also don't support a government that believes in wholesale destruction of the constitution to fulfill their agenda.

    There are legitimate needs for a wiretap, and there are checks in place that are supposed to prevent abuse. Calling the process "wiretap" was shortsighted but unfortunately the name sticks. Whether you're spying using a phone tap, concealed microphones, a pair of binoculars or some as yet discovered/revealed technology you're accomplishing the same thing. This particular event needs to be punished, and unfortunately in this case it means a guilty person goes free. Still, that is much better than a court case which ends up squashing citizens rights due to precident.

  • tracking the innocent people wastes inordinate amounts of FBI time, making it easier for criminals to slip under the radar. So? I remember when the FBI spent inordinate effort tracking a few, mostly harmless, political radicals, while claiming that the Mafia didn't exist so they didn't have to put any resources into fighting organized crime. Anything that makes it easier for them to do this sort of thing is BAD.

    Note however that this case involves a fine technical point: they got a warrant, but it wasn't the right kind of warrant for a wiretap, and this does seem to be a wiretap as far as the technology goes. On the other hand, wiretaps are especially limited because when you tap a phone, you are tapping two persons, and often one of them is not a suspect. Tapping the keyboard cable doesn't involve an innocent third party. I can see a court reasonably going either way on this one...

    Anyway, the big problem is that the penalties are backwards. Cops don't go to jail for illegal searches. DA's don't get disbarred for fooling some judge into approving a warrant that doesn't really cover what they are going to do. It's pretty unlikely that the judge who signs a warrant on insufficient grounds will even get a reprimand. ALL THAT is what should happen when the cops and prosecutors step over the line -- not tossing out the evidence.

  • Monitor emissions can do a lot of spying, but they will not reveal your password (unless you're using software so braindead it displays the password when you type it). Not that a shielded, encrypted keyboard would be full protection for your passwords, either. It might defeat a physical or distant (Tempest-type) tap on the keyboard cable, but if they break in, they can load a keystroke monitor program that will snag the keys after they're decoded. Remember, the keys have to be decoded before they are presented to the OS to either handle itself or pass on to various applications. It might even be possible to decode your motherboard's radio emissions to tell when it's processing a keystroke and pick that up...
  • Let's say the FBI walks into your house and plants one of these keystroke sniffers on your PC. How can you detect this? Oh, and let's assume it's a software sniffer, because if you're doing something that might attract the attention of the FBI, then you should be smart enough to check for physical bugs.

    1) Run Linux or *BSD or another unix-like system. In a Windows PC you (or in this case, the FBI) can always "cancel" the login and gain some control over the PC, although you will not log into the associated NT network and thus cannot access network resources. So I assume there's a way the FBI could easily install a keyboard sniffer on a Windows PC. But would it work for unix? Even if the FBI knows unix inside and out and could write a keystroke sniffer for it, wouldn't they need to hack your system to install this software? Even if they could hack in, wouldn't they need root access? Discuss.

    2) Use anti-virus software Would this work? Assuming you must run Windows, would anti-virus software detect the keyboard sniffer? Is there any other software that would? Is there a way to make an automated scan of the hard disk to see what new software's been added since you last logged into Windows? (remember, the FBI can't log in as you yet, because they have not yet sniffed your user ID and password, so the next time you log in is still the next time anyone has logged into your account). Discuss.

    3) The best approach might be to use a diskless workstation to access an account on one of several physically remote, physically secure boxes. With SSH and VPN and PGP or GPG this should be easy to do in a secure way, and with a diskless workstation how can the FBI load their sniffing software? You could even have the last part of the secure communication be an agreement on which IP address to use next time, sort of a one-time-pad. The hard part would seem to be setting up the distributed, off-site host system, but I think the mafia should be able to pull that off. Comments?

  • Earlier this year, the FBI used a keystroke bug to nab two Russians suspected of hacking into U.S. Internet companies. The Russians have not yet gone to trial.

    Neither [cnn.com] has Dmitry [slashdot.org].

  • And in related news; The Mob is now known to be hiring geeks after realizing that they don't have time to RTFM in between money laundering and Wall Street extortion.

    "We really don't have a full understanding of this [expletive] technology and we really don't give two [plural expletive] about wanting to learn it.", a spokesman for the New York 5 Families was quoted as saying.

    He continued with, "But we ain't gonna get pinched because of it, so we hired a couple of those smart-ass techno-nerds to make sure that the way we run our *businesses* is as tight as legally can be."

    Tomorrow, we venture into the world of hacking Monks and how they are trying to circumvent technology that would keep God in our lives.

    Larry?

  • I don't recall either the NSA or the CIA being law enforcement agencies, which is what my comment referred to.
  • by Compulawyer ( 318018 ) on Monday July 30, 2001 @03:55AM (#2183864)
    Like it or not, the Feds are probably the most tech-savvy of all the world's law enforcement agencies. Also, with propoer procedures, including obtaining a search warrant, most of these procedures are legal.

    You should be aware though that the US Supreme Court appears to be taking the issue of high tech's effects on privacy very seriously. In Kyllo v. United States, 121 S. Ct. 2038 (2001) (available on LexisOne [lexisone.com] - free registration required) the USSC held that the police's use of a thermal imaging unit to detect the use of heat lamps to grow marijuana inside the defendant's home violated the 4th Amendment's prohibition on unreasonable searches and seizures.

    I predict that the USSC will continue to take privacy matters very seriously as technology progresses.

  • by infinite9 ( 319274 ) on Monday July 30, 2001 @05:45AM (#2183868)
    They can sniff my keyboard all they want. Although I don't know why they'd want to. I mean, it just smells like pizza and jergens lotion.
  • I was wondering: are LCD screens safe from this kind of tapping?

    AFAIK (CMIIW - correct me if I'm wrong) they are. "Tapping" CRTs is possible because of the high level of radiation they cause wehn displaying a picture - a cathode beam is directed across the inner surface of the screen, causing a material to light up, the stronger the beam, the brighter. The three basic colors RGB are realized by using differntly-colored materials that the beam touches with different intensity - mix them, and you get the color.

    LCD, on the other hand, work differently: They have a backlight, and electrically activated liquid crystals (hence the name, d'uh!) that filter that light partly, let it through completely or not at all. By using differtly-colored filters, you again achieve color. However, the electric currents which is needed to toggle those LCs is comparativly low. So you might (and it might not be possible at all) be able to "tap" a LCD this way, but you have to be very close to it to be able to register the currents. If you _are_ that close, you can as well just read what's on the screen.

    Greets

    Anno.
  • There is also a version of this same device that can be installed internally. The company also sells various replacement keyboards with the device already implanted.
  • how did they tap his keyboard without breaking into his house illegally (without court order) or is the first recorded TEMPEST tap by the FBI?

    IIRC, they did enter his house (with a search warrant) and installed a (presumably hardware) bug.

    They are claiming that it did not constitute a wiretap (requiring a court order) because no communication was intercepted - only usage a computer. The complication is that the computer was used for email...

  • Next time buy a laptop and keep it with you.
  • People still have a right of privacy. The FBI in this case sought legal rights to survey the activities of an alledged mobster. The FBI had reason to survey this person's activities and obtained the legal authroization plant a deveice of some kind. The FBI won't want to waste money/time/resources/etc in surveying the activities of a law abiding citizen.

    The reason they do not want the public to gain knowledge of how the device works is because the FBI may want to re-use this device in future investigations. Should another mobster out there find out how the device works, he/she can set themselves up to protect themselves from the device, hence rendering the FBI's efforts useless, and allowing a criminal to go on without facing justice. I dont think the good people of the US would like that to happen.

  • Straw man.

    By your argument, the FBI could place a tape recorder in my house during one warranted search and pick it up during another. Same principle, and that would be an illegal wiretap.
  • Amen. When cases like this filter up to the periphery of the mainstream, it further illustrates the substance behind the LP [lp.org] position on privacy [lp.org].

    Government should never be trusted to behave responsibly with the powers it is given. Just as Corporations' trustworthyness is inversly proportional to the amount of power they have, so too are governments. As someone with a red flag in thier FBI file, I obviously have a vested interest in being able to protect myself. I believe everyone has a vested interest in thier right to live a private life. Period.


    Carl G. Jung
    --

"Don't hate me because I'm beautiful. Hate me because I'm beautiful, smart and rich." -- Calvin Keegan

Working...