Replies to FBI, key logging, and wiretap double standards [priv]

[Declan McCullagh <declan () well com>]

-------- Original Message --------
Subject: RE: [Politech] Bernie S on Feds, key logging,and double 
standards [priv]
Date: Fri, 26 Mar 2004 09:58:41 -0800
From: Kevin Bankston  @ EFF <bankston () eff org>
To: Declan McCullagh <declan () well com>

Declan--the likely difference is that in Scarfo, the keylogger did not log
keys while the bugged computer was connected to the Internet, hence no
"communications" were "intercepted."  Presumably, although the article does
not say, the keylogger in the present case was active while the computer was
connected to the Internet, or at least an internal corporate network.

  --
Kevin S. Bankston
Attorney, Equal Justice Works / Bruce J. Ennis Fellow
Electronic Frontier Foundation
454 Shotwell Street
San Francisco, CA 94110
ph: (415) 436-9333 x126 / fx: (415) 436-9993
bankston () eff org / www.eff.org



-------- Original Message --------
Subject: RE: [Politech] Bernie S on Feds, key logging,and double 
standards [priv]
Date: Fri, 26 Mar 2004 11:24:49 -0500
From: Ted Bridis <TBridis () ap org>
To: Declan McCullagh <declan () well com>

> > The Feds claimed their keystroke logger in the Scarfo case was *not* a
wiretapping device, (they'd failed to get a wiretap warrant) yet they
charged this guy with violating wiretapping laws for using a keylogger.
It would be interesting to know what the differences are between these
keyloggers are, and why using only one of them constitutes
"wiretapping."<<

The FBI's successful argument was that its keystroke logger (the
so-called "KLS") in the Scarfo case didn't require a Title III warrant
because it only captured keystrokes when he was offline (the FBI needed
his PGP passphrase). The KLS was designed to query the status of the com
port on Scarfo's computer and only recorded keystrokes when the port was
inactive (ie, when the modem wasn't in use).

"The FBI, as part of the KLS deployed in the instant investigation, did
not install and operate any component which would search for and record
data entering or exiting the computer from the transmission pathway
through the modem attached to the computer.... For example, if Scarfo
was online, the modem would be on and the keystroke capture component
would, by default, not record keystrokes."

Ropp was indicted "on a single count of endeavoring to intercept
electronic communications, a violation of the federal wiretap statute."
The $90 Key Katcher that Ropp allegedly used wasn't as fancy as the
FBI's. Also, ulike the commercial version, the FBI's KLS fits inside the
PC case out of sight -- "this component was imbedded into Scarfo's
computer in such a way as to conceal its very existence amidst other
pre-existing elements of the computer."

See http://www.epic.org/crypto/scarfo/murch_aff.pdf





-------- Original Message --------
Subject: Re: [Politech] Bernie S on Feds, key logging, and double 
standards [priv]
Date: Mon, 29 Mar 2004 11:37:33 -0500
From: Jack Reed <jr0280 () albany edu>
To: Declan McCullagh <declan () well com>

   Declan,

   The government's defense in Scarfo was done in chambers and there is
very little on record about what they did. The summary they made available
indicated that they *never* had the keylogger working when Scarfo went
online. They said they only used it when he typed in his PGP passphrase and
then shut it off quickly before he connected to the internet. They argued
that since they were not intercepting any wire transmissions, only
transmissions on his personal computer, that a wiretapping warrant was not
necessary. Now, you and your readers may wonder how the Feds pulled off
this magic trick. Since they convinced the judge that making such
information public could harm current investigations they got a pass on
explaining their sleight of hand. I've been very curious to find out how
they pulled this off but I don't imagine they're planning on going public
with that anytime soon.

   The guy who installed the keystroke logger on his boss's computer was
intercepting data that was going over the internet which is why he can be
charged under the wiretapping statute. The FBI should have gotten their
case thrown out but they used the "if only you knew but we know" argument
and it was persuasive.

   --Jack






-------- Original Message --------
Subject: Re: [Politech] Bernie S on Feds, key logging, and double 
standards [priv]
Date: Fri, 26 Mar 2004 15:53:42 -0500
From: Valdis.Kletnieks () vt edu
To: Declan McCullagh <declan () well com>
CC: politech () politechbot com
References: <406413DC.7080100 () well com>

On Fri, 26 Mar 2004 06:28:28 EST, Declan McCullagh <declan () well com>  said:

> The Feds claimed their keystroke logger in the Scarfo case was *not* a
> wiretapping device, (they'd failed to get a wiretap warrant) yet they
> charged this guy with violating wiretapping laws for using a 
keylogger.  It
> would be interesting to know what the differences are between these
> keyloggers are, and why using only one of them constitutes "wiretapping."

The Feds went to excruciating lengths to make sure that their device
never captured an online keystroke.

http://www.epic.org/crypto/scarfo/murch_aff.pdf

(part of a larger Scarfo collection at 
http://www.epic.org/crypto/scarfo.html)


_______________________________________________
Politech mailing list
Archived at http://www.politechbot.com/
Moderated by Declan McCullagh (http://www.mccullagh.org/)