John Paczkowski

Recent Posts by John Paczkowski

FBI-CIPAV.exe Is an Unknown Application. Install Anyway?

The email was sent over a newly made Gmail account, from overseas in a foreign country. Seeing as you’re too stupid to trace the email back lets [sic] get serious,” he taunted in another. “Maybe you should hire Bill Gates to tell you that it is coming from Italy. HAHAHA. Oh wait. I already told you that it’s coming from Italy.”

–Bomb hoaxer Josh Glazebrook

Now that the FBI has made “significant progress in decreasing the rate of loss for … laptops,” it can get on with the much more important business of using them to nab bad guys. Bad guys like former Timberline High School student Josh Glazebrook of Lacey, Wash., who pleaded guilty to emailing bomb threats and other charges after the bureau tracked him down with a piece of spyware called a Computer and Internet Protocol Address Verifier, or CIPAV. A remotely installed application, CIPAV logs a computer’s Internet protocol address, its open TCP and UDP ports, the type and serial number of the operating system it’s running, the registered user of that operating system, and that user’s login name, and then it sends them all along to the government.

Just how the FBI managed to install CIPAV on Glazebrook’s computer is anyone’s guess. Perhaps the bureau convinced security software makers to white-list the application so it could operate undetected. Or perhaps it exploited an unknown vulnerability in Windows. Of those two explanations, it’s the latter that seems most plausible. “It’s quite possible the FBI knows about vulnerabilities that have not been disclosed to the rest of the world,” Roger Thompson, CTO of security vendor Exploit Prevention Labs, told Wired. “If they had discovered one, they would not have disclosed it, and that would be a great way to get stuff on people’s computer. Then I guess they can bug whoever they want.”


Twitter’s Tanking

December 30, 2013 at 6:49 am PT

2013 Was a Good Year for Chromebooks

December 29, 2013 at 2:12 pm PT

BlackBerry Pulls Latest Twitter for BB10 Update

December 29, 2013 at 5:58 am PT

Apple CEO Tim Cook Made $4.25 Million This Year

December 28, 2013 at 12:05 pm PT

Latest Video

View all videos »

Search »

There was a worry before I started this that I was going to burn every bridge I had. But I realize now that there are some bridges that are worth burning.

— Valleywag editor Sam Biddle