Hushmail, PGP, Feds keylogger

opus · 11:47 PM

There has been a lot of talk about the feds being able to intercept encrypted email, this may be the case but I dont think they can decrypt them. PGP was in a huge legal battle and the FBI was trying to stop them from releasing the software when it was downloaded on the web for free. Not one of the indictments says they were able to crack emails and use for evidence but they do say they acquired the corresponding IP addresses and found they lead to the same individual.
I feel end to end encryption is still the way to go. If you are not using end to end problems occur and yes them emails can be intercepted. So they can't access the server but they don't need to cuz they can intercept the communication anyway, read the communications act.

This further solidifies my theory on the subject if they could intercept they wouldnt need to go through all this

Feds use keylogger to thwart PGP, Hushmail
Posted by Declan McCullagh

A recent court case provides a rare glimpse into how some federal agents deal with encryption: by breaking into a suspect's home or office, implanting keystroke-logging software, and spying on what happens from afar.

An agent with the Drug Enforcement Administration persuaded a federal judge to authorize him to sneak into an Escondido, Calif., office believed to be a front for manufacturing the drug MDMA, or Ecstasy. The DEA received permission to copy the hard drives' contents and inject a keystroke logger into the computers.

That was necessary, according to DEA Agent Greg Coffey, because the suspects were using PGP and the encrypted Web e-mail service Hushmail.com. Coffey asserted that the DEA needed "real-time and meaningful access" to "monitor the keystrokes" for PGP and Hushmail passphrases.

The aggressive surveillance techniques employed by the DEA were part of a case that resulted in a ruling on Friday (PDF) by the 9th Circuit Court of Appeals, which primarily dealt with Internet surveillance through a wiretap conducted on a PacBell (now AT&T) business DSL line used by the defendants. More on that below.

The DEA's pursuit of alleged Ecstasy manufacturers Mark Forrester and Dennis Alba differs from the first known police use of key-logging software, which snared reputed mobster Nicodemo Scarfo in 1999. In the Scarfo case, the FBI said in an unclassified affidavit (PDF) at the time, a keylogger that also was planted in a black bag job was disabled when the Internet connection became active.

Note requirement for 'real-time' access / Excerpt from DEA Agent Greg Coffey affidavit

Not much more is known about the DEA's keylogger in the Forrester-Alba case. An affidavit prepared by DEA agent Coffey in July 2001 asks for permission to enter the Escondido office "by breaking and entering, if necessary, for the purpose of installing, maintaining, and removing software tools" that "will enable agents to capture and record all keyboard keystrokes."

Note there's no evidence the DEA used the FBI's keystroke logger known as Magic Lantern, which reportedly can be installed remotely by taking advantage of operating system vulnerabilities without having agents physically break into an office.

Keyloggers are hardly unusual nowadays, of course. In 2003, a former Boston College student was indicted for allegedly installing key-logging software on campus computers. More recent surveys indicate that plenty of workplaces are infected by spyware with key-logging abilities.

Who created PGP? It was actually Phil Zimmermann. / Excerpt from DEA Agent Greg Coffey affidavit

Keyloggers: Unresolved questions
The use of keyloggers by police, however, seems to be uncommon: A search on Monday through legal databases for terms such as "keylogger" turned up only the Scarfo and Forrester-Alba cases.

When used by police, they raise novel legal issues. That's because it's not entirely clear in what circumstances they're permitted under the U.S. Constitution and wiretap laws (which is why, in the Scarfo case, the FBI cleverly ducked this issue by, according to sworn testimony, disabling the keylogger when the modem was in use).

Even so, Scarfo's defense attorney claimed that a keylogger is akin to a "general warrant" permitting the DEA to seize "any record, including e-mail, simply because it was typed on a computer." General warrants are prohibited by the Fourth Amendment, which requires that warrants specify the "things to be seized." Another potential legal obstacle is whether wiretap laws apply--including their requirement of minimizing the interception of irrelevant conversations.

A federal judge eventually ruled that the unique design made the Scarfo logger permissible. But in the Forrester-Alba case, because Alba did not challenge the keylogger directly, the 9th Circuit never weighed in.

DEA claims that alleged Ecstasy/MDMA lab operators use encryption frequently / Excerpt from DEA Agent Greg Coffey affidavit

Eavesdropping without probable cause
Instead, the 9th Circuit spent much of its time evaluating whether government agents can eavesdrop on the Internet addresses Americans visit and the e-mail address of their correspondents without obtaining a search warrant first.

The judges' conclusion: federal agents did not violate the Fourth Amendment when spying on the Escondido DSL line without any evidence of criminal wrongdoing on his behalf, a legal standard known as probable cause. All the feds must do is prove the information is "relevant" to an ongoing investigation.

The wiretap was done at PacBell's connection facility at 650 Robinson Rd. in San Diego. The DEA obtained what's known as a "mirror port," a feature that many network switches made by companies including Cisco Systems include for troubleshooting purposes.

A mirror port duplicates all the Internet traffic of one user to a second port on the same switch, without the suspect being alerted that electronic surveillance is under way. The scheme is probably easier to accomplish with a static Internet Protocol (IP) address, which is what the Escondido case involved.

According to the DEA, only IP addresses of Web sites (such as 216.239.122.200 instead of cnet.com) and e-mail headers are captured, and not the rest of the communication stream. That, they argue, makes it akin to existing precedent dealing with pen registers, which capture telephone numbers dialed and are permitted without any proof of probable cause of wrongdoing.

The 9th Circuit agreed, ruling on Friday that "e-mail and Internet users have no expectation of privacy in the To/From addresses of their messages or the IP addresses of the websites they visit because they should know that these messages are sent and these IP addresses are accessed through the equipment of their Internet service provider and other third parties." This follows the lead of a Massachusetts judge who said much the same thing in November 2005.

Both Forrester and Alba were sentenced to 30 years in prison (PDF) on charges including conspiracy to manufacture and distribute Ecstasy. In a decision made on unrelated grounds, however, the 9th Circuit reversed Forrester's conviction and partially reversed Alba's. Forrester faces retrial.

XLS

Good info but scary

Squat4Life

It's all a violation of the 4th.

ryan400

There have been recent articles where hush has admitted that they were able to upload a java script that allowed them to obtain your password and they then turned over the unencrypted data to LE on CD. 12 CD's to be exact. If you were using the web mail version of HUSH then there is a brief moment when your password is exposed on the hush server. So it doesn't matter if you use the Java script version or the web mail version they can get your password. Therefore, LE does not have to worry about decrypting the data all they need is a court order.

**littlelouie**

Quote:

Originally Posted by ryan400

There have been recent articles where hush has admitted that they were able to upload a java script that allowed them to obtain your password and they then turned over the unencrypted data to LE on CD. 12 CD's to be exact. If you were using the web mail version of HUSH then there is a brief moment when your password is exposed on the hush server. So it doesn't matter if you use the Java script version or the web mail version they can get your password. Therefore, LE does not have to worry about decrypting the data all they need is a court order.

Scary shit but good to know, great read BTW...

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Thread	Thread Starter	Forum	Replies	Last Post
Hushmail Spills to the Feds	JOEYZ	General Chat & Conversation	9	11-11-2007 05:13 AM
Feds buying steroids online	liftsiron	Anabolic Discussion	4	09-03-2007 11:35 PM
hushmail	sparks1420	General Chat & Conversation	2	04-22-2006 12:01 AM
sending messages with hushmail. help me out plz !	GAMBINO	Computer Discussion	1	07-17-2004 07:36 PM

	#1 (permalink)
opus New Member Join Date: Nov 2007 Posts: 49 Rep Power: 0	Hushmail, PGP, Feds keylogger There has been a lot of talk about the feds being able to intercept encrypted email, this may be the case but I dont think they can decrypt them. PGP was in a huge legal battle and the FBI was trying to stop them from releasing the software when it was downloaded on the web for free. Not one of the indictments says they were able to crack emails and use for evidence but they do say they acquired the corresponding IP addresses and found they lead to the same individual. I feel end to end encryption is still the way to go. If you are not using end to end problems occur and yes them emails can be intercepted. So they can't access the server but they don't need to cuz they can intercept the communication anyway, read the communications act. This further solidifies my theory on the subject if they could intercept they wouldnt need to go through all this Feds use keylogger to thwart PGP, Hushmail Posted by Declan McCullagh A recent court case provides a rare glimpse into how some federal agents deal with encryption: by breaking into a suspect's home or office, implanting keystroke-logging software, and spying on what happens from afar. An agent with the Drug Enforcement Administration persuaded a federal judge to authorize him to sneak into an Escondido, Calif., office believed to be a front for manufacturing the drug MDMA, or Ecstasy. The DEA received permission to copy the hard drives' contents and inject a keystroke logger into the computers. That was necessary, according to DEA Agent Greg Coffey, because the suspects were using PGP and the encrypted Web e-mail service Hushmail.com. Coffey asserted that the DEA needed "real-time and meaningful access" to "monitor the keystrokes" for PGP and Hushmail passphrases. The aggressive surveillance techniques employed by the DEA were part of a case that resulted in a ruling on Friday (PDF) by the 9th Circuit Court of Appeals, which primarily dealt with Internet surveillance through a wiretap conducted on a PacBell (now AT&T) business DSL line used by the defendants. More on that below. The DEA's pursuit of alleged Ecstasy manufacturers Mark Forrester and Dennis Alba differs from the first known police use of key-logging software, which snared reputed mobster Nicodemo Scarfo in 1999. In the Scarfo case, the FBI said in an unclassified affidavit (PDF) at the time, a keylogger that also was planted in a black bag job was disabled when the Internet connection became active. Note requirement for 'real-time' access / Excerpt from DEA Agent Greg Coffey affidavit Not much more is known about the DEA's keylogger in the Forrester-Alba case. An affidavit prepared by DEA agent Coffey in July 2001 asks for permission to enter the Escondido office "by breaking and entering, if necessary, for the purpose of installing, maintaining, and removing software tools" that "will enable agents to capture and record all keyboard keystrokes." Note there's no evidence the DEA used the FBI's keystroke logger known as Magic Lantern, which reportedly can be installed remotely by taking advantage of operating system vulnerabilities without having agents physically break into an office. Keyloggers are hardly unusual nowadays, of course. In 2003, a former Boston College student was indicted for allegedly installing key-logging software on campus computers. More recent surveys indicate that plenty of workplaces are infected by spyware with key-logging abilities. Who created PGP? It was actually Phil Zimmermann. / Excerpt from DEA Agent Greg Coffey affidavit Keyloggers: Unresolved questions The use of keyloggers by police, however, seems to be uncommon: A search on Monday through legal databases for terms such as "keylogger" turned up only the Scarfo and Forrester-Alba cases. When used by police, they raise novel legal issues. That's because it's not entirely clear in what circumstances they're permitted under the U.S. Constitution and wiretap laws (which is why, in the Scarfo case, the FBI cleverly ducked this issue by, according to sworn testimony, disabling the keylogger when the modem was in use). Even so, Scarfo's defense attorney claimed that a keylogger is akin to a "general warrant" permitting the DEA to seize "any record, including e-mail, simply because it was typed on a computer." General warrants are prohibited by the Fourth Amendment, which requires that warrants specify the "things to be seized." Another potential legal obstacle is whether wiretap laws apply--including their requirement of minimizing the interception of irrelevant conversations. A federal judge eventually ruled that the unique design made the Scarfo logger permissible. But in the Forrester-Alba case, because Alba did not challenge the keylogger directly, the 9th Circuit never weighed in. DEA claims that alleged Ecstasy/MDMA lab operators use encryption frequently / Excerpt from DEA Agent Greg Coffey affidavit Eavesdropping without probable cause Instead, the 9th Circuit spent much of its time evaluating whether government agents can eavesdrop on the Internet addresses Americans visit and the e-mail address of their correspondents without obtaining a search warrant first. The judges' conclusion: federal agents did not violate the Fourth Amendment when spying on the Escondido DSL line without any evidence of criminal wrongdoing on his behalf, a legal standard known as probable cause. All the feds must do is prove the information is "relevant" to an ongoing investigation. The wiretap was done at PacBell's connection facility at 650 Robinson Rd. in San Diego. The DEA obtained what's known as a "mirror port," a feature that many network switches made by companies including Cisco Systems include for troubleshooting purposes. A mirror port duplicates all the Internet traffic of one user to a second port on the same switch, without the suspect being alerted that electronic surveillance is under way. The scheme is probably easier to accomplish with a static Internet Protocol (IP) address, which is what the Escondido case involved. According to the DEA, only IP addresses of Web sites (such as 216.239.122.200 instead of cnet.com) and e-mail headers are captured, and not the rest of the communication stream. That, they argue, makes it akin to existing precedent dealing with pen registers, which capture telephone numbers dialed and are permitted without any proof of probable cause of wrongdoing. The 9th Circuit agreed, ruling on Friday that "e-mail and Internet users have no expectation of privacy in the To/From addresses of their messages or the IP addresses of the websites they visit because they should know that these messages are sent and these IP addresses are accessed through the equipment of their Internet service provider and other third parties." This follows the lead of a Massachusetts judge who said much the same thing in November 2005. Both Forrester and Alba were sentenced to 30 years in prison (PDF) on charges including conspiracy to manufacture and distribute Ecstasy. In a decision made on unrelated grounds, however, the 9th Circuit reversed Forrester's conviction and partially reversed Alba's. Forrester faces retrial. __________________ WWW.ANONBB.COM "Reducing The World To The Size Of A Dime" - Opus Last edited by opus; 11-17-2007 at 11:47 PM.

	#2 (permalink)
XLS Banned Join Date: Sep 2007 Age: 37 Posts: 30 Rep Power: 0	Re: Hushmail, PGP, Feds keylogger Good info but scary

	#3 (permalink)
Squat4Life Senior Member Join Date: Jul 2005 Location: City of 5 Flags Age: 29 Posts: 6,024 Blog Entries: 1 Rep Power: 10	Re: Hushmail, PGP, Feds keylogger It's all a violation of the 4th. __________________ I like simple and beautiful things like squats, food, clean air, and pure water.- Lou Simmons

	#4 (permalink)
ryan400 Junior Member Join Date: Jun 2005 Posts: 127 Rep Power: 4	Re: Hushmail, PGP, Feds keylogger There have been recent articles where hush has admitted that they were able to upload a java script that allowed them to obtain your password and they then turned over the unencrypted data to LE on CD. 12 CD's to be exact. If you were using the web mail version of HUSH then there is a brief moment when your password is exposed on the hush server. So it doesn't matter if you use the Java script version or the web mail version they can get your password. Therefore, LE does not have to worry about decrypting the data all they need is a court order.

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)