Re: IBM Uses Keystroke-monitoring ing NJ Mob Case (was Re:
Ken Brown [EMAIL PROTECTED] wrote: In every office or factory I've ever been in, including government ones where we kept paper copies of tax returns (yes folks, I have worked for the Inland Revenue) there are cleaners. They seem to come in 3 kinds - middle-aged black women, African students working their way through college, and people with vaguely asiatic features who sound as if they are speaking Portuguese. The latter would probably be Phillipinos.
Re: IBM Uses Keystroke-monitoring in NJ Mob Case (was Re:
At 2:06 PM -0800 on 12/10/00, petro wrote: RAH whinged ...and in error. My apologies. Cheers, RAH -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
Re: IBM Uses Keystroke-monitoring in NJ Mob Case (was Re:
Petro wrote: R. A. Hettinga wrote: [...] As I've written, the FBI should run quality house cleaning services in large cities. How do you know they don't? In every office or factory I've ever been in, including government ones where we kept paper copies of tax returns (yes folks, I have worked for the Inland Revenue) there are cleaners. They seem to come in 3 kinds - middle-aged black women, African students working their way through college, and people with vaguely asiatic features who sound as if they are speaking Portuguese. (Sometimes you get a few white students working their way through college but they are more likely to get jobs in bars) If I wanted to hire spies or assassins, I'd go for the middle-aged black women. Preferably short and dumpy and shabbily dressed. Someone who looks like a granny. They can go anywhere, no-one ever stops them or asks them who they are. An invisible woman to match Chesterton's Invisible Man. Ken
Re: IBM Uses Keystroke-monitoring in NJ Mob Case (was Re:
At 05:31 PM 12/5/00 -0500, R. A. Hettinga wrote: An instructive case. Apparently they used the keystroke monitoring to obtain the pgp passphrase, which was then used to decrypt the files. A PDA would have been harder to hack, one imagines. Are there padlockable metal cases for PDAs? As I've written, the FBI should run quality house cleaning services in large cities. How do you know they don't? -- A quote from Petro's Archives: ** "Despite almost every experience I've ever had with federal authority, I keep imagining its competence." John Perry Barlow
Re: IBM Uses Keystroke-monitoring in NJ Mob Case (was Re: BNA'sInternet Law News (ILN) - 12/5/00)
Mr. May: Frankly, the PGP community veered off the track toward crapola about standards, escrow, etc., instead of concentrating on the core issues. PGP as text is a solved problem. The rest of the story is to ensure that pass phrases and keys are not black-bagged. Forget fancy GUIs, forget standards...concentrate on the real threat model. What is the real threat model? Everybody has different worries. I'm not a bookie, I don't do work for the mob, I don't spend more than I earn. My biggest threat is (1) financial (stolen credit card numbers, or other form of credential fraud) (2) Political--that comments here and other places get me the list of "People To Take Care Of Later". The first threat can be dealt with by "cheap" crypto deployed everywhere--to co-opt one of RAH's phrases--a "Geodesicly encrypted network. In a network where every single stinking bit on the wire is encrypted at as many layers as possible, even with "10 cent" crypto will virtually eliminate (by making it more expensive) many of the low level financial threats. Yes, big banks and large financial institutions need stronger crypto, but they can multiple-encrypt, write their own protocols etc.). The second threat would be made much harder by the encrypt everything all the time type of network, if I weren't so thick headed as to insist on using my Real Name. This is presumably what the "PGP Community" veered off towards. Unfortunately, they've done a half-assed job so far. -- A quote from Petro's Archives: ** "Despite almost every experience I've ever had with federal authority, I keep imagining its competence." John Perry Barlow
Re: IBM Uses Keystroke-monitoring in NJ Mob Case (was Re:
From reading the docs at EPIC, it is not clear that the FBI actually got data from the planted device. The USA application dated June 8 asks for a supplemental order of extension of time in order to break in and remove the device. This need was caused by Scarfo's unexpected removal of the equipment. We have not been presented with the initial USA application and the initial order, at least not that I've seen. Interesting possibilities are: 1. The FBI is bluffing that it got incriminating data and is using the applications and orders as window dressing or camouflage to hide their failure. Or to hide that they got evidence some other way. 2. The FBI captured some stuff but is faking the rest. 3. Scarfo discovered the device, or suspected it, and removed the equipment in order to sanitize it, or even planted his own device aimed at the feds. Say he rigged a program to endlessly type "fuck you," Or played Bin Laden's taunts. He's a fair comp whiz so all sorts of good stuff may have happened. 4. If Scarfo got the device, by now defenses against it have been deployed, maybe even generated a tidy black market for those who want to snoop and/or snarl the feds by redirecting their own devices.
Re: IBM Uses Keystroke-monitoring in NJ Mob Case (was Re: BNA'sInternet Law News (ILN) - 12/5/00)
At 2:37 PM -0500 on 12/5/00, Steven M. Bellovin wrote: Very interesting, but what does IBM have to do with the case? Did you mean to type "FBI"? Absolutely. God knows why I did it... Cheers, RAH -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
Re: IBM Uses Keystroke-monitoring in NJ Mob Case (was Re: BNA'sInternet Law News (ILN) - 12/5/00)
(dcsb and cryptography and other closed lists removed, for obvious reasons)
At 4:52 PM -0500 12/5/00, R. A. Hettinga wrote:
Date: Tue, 05 Dec 2000 08:47:20 -0800
From: Somebody
To: "R. A. Hettinga" [EMAIL PROTECTED]
Subject: Re: IBM Uses Keystroke-monitoring in NJ Mob Case (was Re:
BNA'sInternet
Law News (ILN) - 12/5/00)
An instructive case. Apparently they used the keystroke monitoring
to obtain the pgp passphrase, which was then used to decrypt the files.
The legal fight over whether the monitor was legal and whether the
information so obtained are in fact records of criminal activity is a
side-show. It remains practical evidence of how insecure computer
equipment / OS's and pass-phrase based identity authentication combine to
reduce the effective security of a system.
I fully support this comment that the whole issue of "legality" is a
"side show."
We've known that keyboard sniffers were a major issue for many years.
I remember describing the sniffers ("keystroke recorders") which were
widely available for Macs in the early 90s. Others cited such
recorders for Windows and Unices.
We discussed at early CP meetings the issue, with various proposed
solutions. (For example, pass phrases stored in rings, pendants,
Newtons, Pilots. For example, zero knowledge approaches. For example,
reliance on laptops always in physical possession.)
Frankly, the PGP community veered off the track toward crapola about
standards, escrow, etc., instead of concentrating on the core issues.
PGP as text is a solved problem. The rest of the story is to ensure
that pass phrases and keys are not black-bagged.
Forget fancy GUIs, forget standards...concentrate on the real threat model.
--Tim May
--
(This .sig file has not been significantly changed since 1992. As the
election debacle unfolds, it is time to prepare a new one. Stay tuned.)
Re: IBM Uses Keystroke-monitoring in NJ Mob Case (was Re: BNA's Internet Law News (ILN) - 12/5/00)
On Tue, Dec 05, 2000 at 09:04:03AM -0500, R. A. Hettinga wrote: KEYSTROKE MONITORING AND THE SOPRANOS A federal gambling case against the son of a New Jersey mob boss may provide the courts with the opportunity to weigh in A copy of the indictment is here: http://www.cluebot.com/article.pl?sid=00/12/06/0138246 Nicodemo S. Scarfo, the defendant in this case, is the son of the former head of the Philadelphia-Atlantic City mob (who has been in jail himself since 1991); Nicodemo is currently out on bail and awaiting trial. His attorney was going to file a pretrial motion on the crypto issue, but was replaced today (conflict of interest rules) with a new attorney, with whom I have not yet spoken. So if you don't like this kind of FBI black bag job, you'll want to root for Mr. Scarfo. :) -Declan PS: Some background on FBI black bag jobs and crypto: http://www.wired.com/news/print/0,1294,33779,00.html
Re: IBM Uses Keystroke-monitoring in NJ Mob Case (was Re: BNA'sInternet Law News (ILN) - 12/5/00)
On Tue, Dec 05, 2000 at 05:16:03PM -0800, Tim May wrote: The legal fight over whether the monitor was legal and whether the information so obtained are in fact records of criminal activity is a side-show. It remains practical evidence of how insecure computer equipment / OS's and pass-phrase based identity authentication combine to reduce the effective security of a system. I fully support this comment that the whole issue of "legality" is a "side show." Exactly - not every attacker represents law enforcement, and not every law enforcement attack is performed with the intention of creating admissible evidence. The US' exclusionary rule is the exception, not the rule, worldwide - most courts take more or less whatever evidence they can get. And thugs and goons and spies of many flavors don't give a shit about even pretending to cover their tracks when they're not following the rules. -- Greg Broiles [EMAIL PROTECTED] PO Box 897 Oakland CA 94604
