FBI Spyware: How Does the CIPAV Work? 
The CIPAV will be deployed through an electronic messaging program from an account controlled by the FBI. The computers sending and receiving the CIPAV data will be machines controlled by the FBI. The electronic message deploying the CIPAV will only be directed to the administrator(s) of the Timberinebombinfo account.
It's possible that the FBI used social engineering to trick Glazebrook into downloading and executing the malicious code by hand but given the teen's hacker proclivities, it seems unlikely he'd fall for a ruse like that. More likely the FBI used a software vulnerability, either a published one that Glazebrook hadn't patched against, or one that only the FBI knows. MySpace has an internal instant messaging system, and a web-based stored messaging system. Both are closed systems. (Contrary to one report, MySpace doesn't offer e-mail, so we can rule out an executable attachment.) Since there's no evidence the CIPAV was crafted specifically to target MySpace, my money is on a browser or plug-in hole, activated through the web-based stored messaging system, which allows one MySpace user to send a message to another's inbox. The message can include HTML and embedded image tags. There are several such holes to choose from. There's an old hole patched early last year in the way Windows renders WMF (Windows Metafile) images. Cyber crooks are still using to install keyloggers, adware and spyware on vulnerable machines. Last year it even popped up in an attack on MySpace users delivered through an ad banner. Roger Thompson, CTO of security vendor Exploit Prevention Labs, says he'd bet on the fresher Windows animated cursor vulnerability, which was discovered being exploited by Chinese hackers last March, and was quickly picked up by all the blackhats everywhere. For a couple weeks, there wasn't even a patch available for the animated cursor hole in April, Microsoft rushed one out. But, of course, not everybody jumps on every Windows security update, and this hole remains one of the most popular browser bugs among black hats today, he says. There are also holes in Apple's QuickTime browser plug-in fixing it means downloading and reinstalling QuickTime. Like the animated cursor hole, some of the QuickTime vulns allow an attacker to gain complete control of a machine remotely. They might have embedded something in a QuickTime movie or something. Do you feel safe yet ??? - OS9USER  Labels: breaking news os9user
|
Feds have been known to use PC-spying technology since at least 1999, when a court ruled they could break into mobster Nicodemo Scarfo's office and key log his PC. I wonder if they have that right ??? Where does our privacy start and stop ???