Kẻ cắp gặp bà già

FBI dùng spyware bắt một chú nhóc

FBI agents trying to track the source of e-mailed bomb threats against a Washington high school last month sent the suspect a secret surveillance program designed to surreptitiously monitor him and report back to a government server, according to an FBI affidavit obtained by Wired News.
…
The software was sent to the owner of an anonymous MySpace profile linked to bomb threats against Timberline High School near Seattle. The code led the FBI to 15-year-old Josh Glazebrook, a student at the school, who on Monday pleaded guilty to making bomb threats, identity theft and felony harassment.

In an affidavit seeking a search warrant to use the software, filed last month in U.S. District Court in the Western District of Washington, FBI agent Norman Sanders describes the software as a “computer and internet protocol address verifier,” or CIPAV.

Việc FBI lây spywares vào máy của các nghi phạm sẽ dẫn đến một song đề: một công ty viết chương trình scan spyware có la toáng lên nếu thấy spyware của FBI không? (Nếu ta thấy chú nào cầm súng vung vẩy ngoài ngã tư thì ta gọi cảnh sát, nhưng nếu chú ấy là FBI thì … chắc là không cần gọi cảnh sát.)

With the FBI in the business of hacking, security companies are in a tight place. Thompson’s LinkScanner product, for example, scans web pages for security exploits, and warns the customer if one is found. How would his company respond if the FBI asked him to turn a blind eye to CIPAV? He says he’s never fielded such a request. “That would put us in a very difficult position,” Thompson says. “I don’t know what I’d say.”