Computer and Internet Protocol Address Verifier
Encyclopedia
The Computer and Internet Protocol Address Verifier (CIPAV) is a data gathering tool that the Federal Bureau of Investigation
(FBI) uses to track and gather location data on suspects under electronic surveillance
. The software operates on the target computer much like spyware
, whereas it is unknown to the operator that the software has been installed and is monitoring and reporting on their activities.
The CIPAV captures location-related information, such as: IP address
, MAC address
, open ports
, running programs, operating system
and installed application registration and version information, default web browser
, and last visited URL
.
Once that initial inventory is conducted, the CIPAV slips into the background and silently monitors all outbound communication, logging every IP address to which the computer connects, and time and date stamping each.
The CIPAV made headlines in July, 2007, when its use was exposed in open court during an investigation of a teen who had made bomb threat
s against his high school
.
FBI sought approval to use CIPAV from Foreign Intelligence Surveillance Court in terrorism or spying investigations.
Federal Bureau of Investigation
The Federal Bureau of Investigation is an agency of the United States Department of Justice that serves as both a federal criminal investigative body and an internal intelligence agency . The FBI has investigative jurisdiction over violations of more than 200 categories of federal crime...
(FBI) uses to track and gather location data on suspects under electronic surveillance
Surveillance
Surveillance is the monitoring of the behavior, activities, or other changing information, usually of people. It is sometimes done in a surreptitious manner...
. The software operates on the target computer much like spyware
Spyware
Spyware is a type of malware that can be installed on computers, and which collects small pieces of information about users without their knowledge. The presence of spyware is typically hidden from the user, and can be difficult to detect. Typically, spyware is secretly installed on the user's...
, whereas it is unknown to the operator that the software has been installed and is monitoring and reporting on their activities.
The CIPAV captures location-related information, such as: IP address
IP address
An Internet Protocol address is a numerical label assigned to each device participating in a computer network that uses the Internet Protocol for communication. An IP address serves two principal functions: host or network interface identification and location addressing...
, MAC address
MAC address
A Media Access Control address is a unique identifier assigned to network interfaces for communications on the physical network segment. MAC addresses are used for numerous network technologies and most IEEE 802 network technologies, including Ethernet...
, open ports
TCP and UDP port
In computer networking, a port is an application-specific or process-specific software construct serving as a communications endpoint in a computer's host operating system. A port is associated with an IP address of the host, as well as the type of protocol used for communication...
, running programs, operating system
Operating system
An operating system is a set of programs that manage computer hardware resources and provide common services for application software. The operating system is the most important type of system software in a computer system...
and installed application registration and version information, default web browser
Web browser
A web browser is a software application for retrieving, presenting, and traversing information resources on the World Wide Web. An information resource is identified by a Uniform Resource Identifier and may be a web page, image, video, or other piece of content...
, and last visited URL
Uniform Resource Locator
In computing, a uniform resource locator or universal resource locator is a specific character string that constitutes a reference to an Internet resource....
.
Once that initial inventory is conducted, the CIPAV slips into the background and silently monitors all outbound communication, logging every IP address to which the computer connects, and time and date stamping each.
The CIPAV made headlines in July, 2007, when its use was exposed in open court during an investigation of a teen who had made bomb threat
Bomb threat
A bomb threat is generally defined as a threat, usually verbal or written, to detonate an explosive or incendiary device to cause property damage, death, or injuries, whether or not such a device actually exists...
s against his high school
High school
High school is a term used in parts of the English speaking world to describe institutions which provide all or part of secondary education. The term is often incorporated into the name of such institutions....
.
FBI sought approval to use CIPAV from Foreign Intelligence Surveillance Court in terrorism or spying investigations.
See also
- Wiretapping
- Backdoor (computing)
- Policeware
- ECHELONECHELONECHELON is a name used in global media and in popular culture to describe a signals intelligence collection and analysis network operated on behalf of the five signatory states to the UK–USA Security Agreement...
- Magic Lantern (software)Magic Lantern (software)Magic Lantern is keystroke logging software developed by the United States' Federal Bureau of Investigation. Magic Lantern was first reported in a column by Bob Sullivan of MSNBC on 20 November 2001 and by Ted Bridis of the Associated Press.-How it works:...
External links
- http://blog.wired.com/27bstroke6/2009/04/fbi-spyware-pro.html
- http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9131778&source=NLT_AM
- https://www.eff.org/deeplinks/2011/04/CIPAV_Post