Computer and Internet Protocol Address Verifier
| Original author(s) | Federal Bureau of Investigation |
|---|---|
| Type | Spyware |
The Computer and Internet Protocol Address Verifier (CIPAV) is a data gathering tool that the United States Federal Bureau of Investigation (FBI) uses to track and gather location data on suspects under electronic surveillance. The software operates on the target computer much like spyware, whereas it is unknown to the operator that the software has been installed and is monitoring and reporting on their activities.[1]
The CIPAV captures location-related information, such as: IP address, MAC address, open ports, running programs, operating system and installed application registration and version information, default web browser, and last visited URL.[1]
Once that initial inventory is conducted, the CIPAV slips into the background and silently monitors all outbound communication, logging every IP address to which the computer connects, and time and date stamping each.[1]
The CIPAV made headlines in July, 2007, when its use was exposed in open court during an investigation of a teen who had made bomb threats against his high school. [1]
FBI sought approval to use CIPAV from United States Foreign Intelligence Surveillance Court in terrorism or spying investigations.[citation needed]
Based on recently released FOIA papers, this tool has been utilized by the FBI on many different cases. Given the flexibility of the tool, it most likely has dormant code that resides in the BIOS embedded in firmware and operates in a similar fashion to the Phoenix Technologies (BIOS company) theft product. Upon sending an "Activation" request, it awakens the code in the firmware and information can begin to be gathered. It can be assumed that the FBI has worked with these companies to insert their dormant code
See also
References
- ^ a b c d "FBI's Secret Spyware Tracks Down Teen Who Made Bomb Threats". Wired Magazine. 2007-07-18.