-Caveat Lector- http://www.pcworld.com/shared/printable_articles/ 0,1440,11614,00.html Getting DIRT on the Bad Guys by Tom Spring, PC World From PC World Online To former detective Frank Jones, "secure network" is an oxymoron. The word "delete" isn't in his vocabulary. Password-protect your computer and you'll make his day. And if you really get on Jones' bad side, he'll take complete control of your PC -- and your first clue will be when you open your door and the boys in overcoats start flashing badges at you. If you're among the anonymous thousands of cyber bad guys who inhabit the Internet's underbelly, Jones is your worst nightmare. The retired New York City detective works on the law enforcement sidelines building software tools to help the government and police crack down on online criminals. And his latest tool is considered the ultimate weapon. Digging up DIRT Jones wrote the widely used, but little-known software program called DIRT. The program works like a telephone wiretap for computers, giving its users the ability to monitor and intercept data from any Windows PC in the world. DIRT stands for Data Interception by Remote Transmission and was originally created by Jones as a tool to help snare online child pornographers. But in the short time it has been available only to government and law enforcement agencies, DIRT is now used to battle hacker groups like Cult of the Dead Cow and to trap terrorists, drug dealers, money launderers, and spies. "What we do is give law enforcement an additional line of defense," says Jones, the president of Codex Data Systems. The DIRTy Details The client side version of the DIRT program is less than 20KB in size and is typically installed on a target PC using a Trojan horse program (a set of instructions hidden inside a legitimate program). The DIRT program is usually sneaked inside an e-mail attachment, a macro, or a workable program that a targeted user is enticed to download. Once inside a target Windows 95/98/NT computer, it gives law enforcement complete control of the system without the user's knowledge. It starts off by secretly recording every keystroke the user makes. The next time the user goes online, DIRT transmits the log for analysis. Jones says government agencies have even managed to open encrypted files by obtaining password locks. During a recent program demonstration, Jones easily uploaded and downloaded files to a DIRT-infected computer connected to the Net by a dial-up modem. Jones could upload and download files to the PC without a hint of activity on the other end. Arresting Developments If you think this sounds like B-grade fiction, it isn't. During a recent meeting of high-ranking federal and state gumshoes, DIRT received glowing software reviews. Many cited long lists of arrests thanks to Codex. One police detective said DIRT has become a powerful tool in fighting crime online. It aids criminal investigations and results in about one arrest each month. Most of those arrested were suspected pedophiles, he said. The hardest part of using DIRT, say its users, is getting owners of targeted computers to download the Trojan horse programs. Typically law enforcement tries to entice a targeted individual to download a program or a compressed file that must be "un-zipped" which contains the DIRT bug inside. Because the program is not available to the public, DIRT is undetectable using virus scanning software, Jones said. "The only way to avoid DIRT is to ignore your e-mail," he says. Fighting Fire With Fire Jones says law enforcement desperately needs these tools to turn the tide in its battle against online crime. "Law enforcement is outgunned," he says. In an age where hacking horror stories have become front-page news, DIRT gives law enforcement an effective tool to even the score and catch the bad guy. On one recent occasion DIRT was used to track a suspected drug dealer as he zigzagged across the country from client to client selling methamphetamines. His big mistake, police say, was keeping a client list on his laptop and logging into the Net each night to stay in touch with business associates and friends. Using DIRT, police tracked his whereabouts each night and took notes on who his associates were. The alleged drug dealer was eventually arrested as he was surfing the Net in a San Jose, California motel room. A Form of Flattery? Though DIRT is restricted to military, government, and law enforcement agencies, the "Back Orifice" hacker tool offers some similar tricks. Jones maintains that its inventor, a member of the hacking group Cult of the Dead Cow, attended Codex's first public demonstration of DIRT more than a year ago and slapped together an "imitation" of DIRT based on what he saw. "Close, but no cigar," Jones says. But according to Mike Hudack, editor of Aviary-mag.com, an online magazine for hackers, there's more to Back Orifice than that. An updated version called "Back Orifice 2000" is expected to hit the Web in July. Big Brotherware? Hudack says the technological Cold War between white-hat hackers and black-hat hackers is just beginning -- and law enforcement needs all the help it can get. But others view DIRT as a potential threat to privacy, raising serious legal and ethical questions as a means of gathering information. To use DIRT law enforcement agencies must first obtain a wiretap search warrant. But privacy groups maintain that this type of electronic surveillance goes far beyond wiretap warrants because DIRT allows authorities to invisibly snoop inside a targeted PC's entire hard drive -- not just monitor electronic communications. "Throughout history law enforcement has had a long track record of overstepping its bounds when it comes to search warrants," says Shari Steele, director of legal services for Electronic Freedom Foundation, the privacy rights group. Unless appropriate checks and balances are in place, Steele says, DIRT can quickly go from being an effective crime-fighting tool to a privacy activist's worst nightmare. The American Civil Liberties Union takes a harder stance. "Clandestine searches like these are the worst kind," says Barry Steinhardt, associate director of the ACLU. "This is exactly the kind of search the Fourth Amendment is designed to protect us from." Copyright � 1999 PC World Communications. All Rights Reserved. DECLARATION & DISCLAIMER ========== CTRL is a discussion and informational exchange list. Proselyzting propagandic screeds are not allowed. Substance�not soapboxing! These are sordid matters and 'conspiracy theory', with its many half-truths, misdirections and outright frauds is used politically by different groups with major and minor effects spread throughout the spectrum of time and thought. That being said, CTRL gives no endorsement to the validity of posts, and always suggests to readers; be wary of what you read. CTRL gives no credeence to Holocaust denial and nazi's need not apply. Let us please be civil and as always, Caveat Lector. ======================================================================== Archives Available at: http://home.ease.lsoft.com/archives/CTRL.html http:[EMAIL PROTECTED]/ ======================================================================== To subscribe to Conspiracy Theory Research List[CTRL] send email: SUBSCRIBE CTRL [to:] [EMAIL PROTECTED] To UNsubscribe to Conspiracy Theory Research List[CTRL] send email: SIGNOFF CTRL [to:] [EMAIL PROTECTED] Om
