From today's edition of the NY Times

Page1

Link

Page 2

Link



While this article in question does not specifically make any mention of Khalid being contacted or therefore actively participating with law enforcement authorities I think given the article and the mention of the FBI requesting IRC authors to build backdoors into their clients, that it should be discussed as to whether or not Khalid has been contacted and/or if he is participating with law enforcement when it comes to coding updates to mIRC... Again this isn't an allegation, however, given the article I think there is a valid concern for an official answer..

Note from moderator: I fixed your links so they wouldn't widen the page.

First, to make it absolutely clear, this is not an official answer of any description merely what I think....

I highly doubt that Khaled would ever put such a thing in mIRC. I also highly doubt that if he ever did, it would remain undiscovered - with the millions of people that use mIRC I find it hard to believe that none of them would have discovered some sort of odd behaviour in mIRC and not informed the whole world of it. Look at the "Exploit" in 6.14

I'm sure Khaled would co-operate if necessary if such an organisation contacted him to certain limits. In myself (perhaps I'm too trusting?) I am 100% sure that Khaled has not done this to mIRC, and does not intend to - ever. Everyone knows he's a peace lovin' veggie (and I've spoken to people online who've met him IRL and they confirm this ) - doesn't sound like someone who'd do such a thing. mIRC is way too publiscised and popular to get away with such a "scam".

Whilst I'm sure the NYTimes themselves are a trustworthy source, I have no idea who "Mr. Bierman" is and from the description of "server software" it sounds more like he's an IRCd developer and not an IRC client developer. It would be easier (and probably more legal) to keep track of things that go through the server (such as private message queries, channel messages etc.) than it would be to get away with backdooring an IRC client.

I also believe it is illegal to infect an IRC client (or any program) with something which would break privacy laws, although I hope that doesn't spark some law debate whereby people quote the jurisdiction of all these different countries and the "Rights of privacy" on the Internet etc. etc. etc....and despite the media hype which has made the FBI out to be some sort of top secret terrible organisation that are all cloak and dagger (re: X-Files) I'm sure a lot of the departments are very average and have very few resources to cover any sort of crime up and many, many restraints. Not saying such organisations don't hold any secrets, we all know they do (i.e. CIA, KGB, MI5/6 etc.) but I highly doubt it relates to this

So, as the FBI are there to uphold the law, they probably wouldn't break it to do so - as if it was ever uncovered (and with such reports as this it would be/has been) it couldn't go to court in most countries. Speaking of, you have the whole debate abour IRC being a global activity and different countries having different laws, and the FBI having absolutely no jurisdiction over what goes on in them....the whole discussion could go on and on like an energizer bunny (and probably will do) but it's all been said before. </rant>

My 2 cents.

P.S. As I doubt you typo'd 3 times, you might like to know his name is Khaled :tongue:

Regards,

Appreciate the correction in regards to the spelling of Khaled's name.

I understand your point, in that it would be much easier to view traffic from a network standpoint rather than a client standpoint however, from experience in life one might say it's always better to be safe rather than sorry.

Well mIRC is developed in Britain so the FBI have no authority over it whatsoever. Even if any kind of 'chat tracking' was put into a client as high profile as mIRC without being explicitly stated that it contained such 'features' I'm almost certain beyond any doubt that it would breach some form of law and would leave mIRC Co. Ltd. wide open for lawsuits. Fortunately in Britain the government isn't quite so far ahead in it's ability to circumvent all basic privacy rights in the War Against Terror™.

In short: I'd bet £10,000 that there's nothing remotely like that in mIRC (if I had £10,000 that is), and even if it ever were it would no doubt be discovered within hours of being released, you simply can't hide that kind of tracking.

'IRC developers and administrators' is far more likely to mean the developers and administrators of the IRC daemons and IRC networks themselves. From the server side you could monitor all IRC traffic over that server without any indication whatsoever to the users so it's from there that any government agency would do it's tracking.

By Starbucks Mafia: Well mIRC is developed in Britain so the FBI have no authority over it whatsoever.

Quite correct, and something that newpapers and some websites need to learn. The FBI is like any national crime authority in that they only have jurisdiction in their home nation, despite the fantasy world some journalists live in where the FBI seem to be able to do whatever they like.

That said, I am with all sentiment here and believe that mIRC doesn't and won't ever contain backdoors or spyware or any other weird things that the end user won't know about until it's too late. If it ever did I would be the first such user to delete it and get something else or if that idea was fruitless I'd go without the power of scripting and just write a simple client myself.

Nothing like a bit of FBI-nudging towards another country to get their law enforcements to do something. Saying they have no power is well.. a bit absurd.

In my opinion, that is as absurd as the RIAA forcing Internet Service Providers to hand over a list of users downloading pirated material. Regardless of a persons geographical location.

The FBI just likes to flex their muscles at other countries to get them to do something. I say the FBI should stick to their own internal problems rather than external...but that's just how I think. As long as the internet exists, so will the few problems that come along with it...

FBI is short for "Fools Bulls****ing Idiots" case in point...look whos in the white house....

Yep, exactly. Sadly one persons absurdity is another's profit-making-idea.

Bingo!

I like your latest signature.

Thanks! It's getting a bit difficult to think up a witty line LOL. Plus I tried to make it sound better but I only have 200 characters to work withl

Personally I think the people involved in making mIRC and IRC happen did a great job. There are some people who may commit bad deeds however I think in this case the good deeds outweight the bad. I don't believe it was the mIRC was made under the intention of being a tool for illegal file sharing.

Either way mIRC/IRC has given me much fun over the past few years.

CIA?

I look at it like this if he is working along with the FBI and there was a back door into the program I really think in matter of hrs some one will find it.Also I dont have anything to hide other than I download stuff so its not worry for me at all

"Also I dont have anything to hide other than I download stuff so its not worry for me at all"

What do you mean by you "download stuff"? If you're downloading mp3s/movies/software/etc, then you would have something to worry about, as downloading such material is illegal. It's also not what mIRC is meant for, aswell as a good way to get a virus.

On the other hand, if you're just getting picture/text files from a friend, then you wouldn't have much to worry about.

Regards,

The thing that bothers me is that this is true.

The FBI is actively approaching writers of IRC and Email and HTTP and FTP clients and servers, offering them tax incentives if they add "compliance" to their software. This includes breakable encryption and access point weaknesses.

The FBI isn't as stupid as it was in '97-'99; trying to pass bills mandating this into law. Instead, they are going directly to software authors with cash money (in the form of tax breaks), using hacker technique and deniability (oh, that was just a bug).

Just look at any public records from the 90's and you will see how urgantly concerned they were about their technological capability to spy on people. Don't think for a minute that they've just given up and decided to do something else. This is what they DO.

Know that the FBI doesn't inform you that you are being monitored. If you are being monitored and engague in questionable activities without caution, expect something to become of it. Don't expect that Carnivore ended with SMTP... the laws which enable Carnivore to exist also permit the FBI to monitor all TCP communication for red-flag words and phrases. Warrants are not required now to investigate someone.

This post has been read by an FBI agent.

Take off your tinfoil hat. The FBI can't be arsed to wade through every single internet post ever made in search of suspicious or "red-flag" words. I'm sure that because this board is so popular that there is an agent assigned to look through it occasionally, but I wouldn't worry too much about it.

If you're worried about the FBI putting backdoors into your IRC client, you've got bigger problems on your hands.

Unless you're using the (rarely used) SSL feature in mIRC, everything you say is sent clear-text. You'd better worry about the people running the 30 routers between you and the other person monitoring your communication.

This is why everyone says 'don't give out personal info'- because it goes through about 100 people to get to its destination.

If you're so paranoid that you're worried about backdoors, perhaps you shouldn't be on the internet.

Guess what... people dont wad-through internet traffic.. COMPUTERS DO! And they don't complain much either. Just as routers have to read and process the headers of every packet that passes through, the FBI's machines simply read and process the bodies of every packet that passes through.

Don't let people who wear tin-foil hats, stand in the way of your vigilance for freedom. We're not talking about aliens here... we're talking about a corporate for-profit entity who earns an income by arresting and charging people for copyright violation and conspericy, among other things. We're talking about people who electronically monitor all modes of communication in the name of Homeland Security. So don't go alien bashing privacy concious individuals.

If only the FBI would IPO and allow us buy stock.

- Is that a joke? Actually I guess I should phrase that as a statement, it is a joke. The question is, was that intended as a joke? If not you need to do some serious homework before you come up with this stuff. The FBI are not corporate and are not funded based on arrests. Nor do they 'electronically monitor all modes of communication'. Contrary to what the_truth_is_out_there34253 may have told you, the FBI can't magically intercept all electronic communications. Personally, at least half of the data from my computer never goes anywhere near a computer in the United States or it's territories, whether any other country in Europe is monitoring anything is open to debate, but the point is that the FBI couldn't see half of what I do online even if they cared to. All modes of communication also includes speaking and writing, are the FBI opening my mail? Have they laced my house with microphones? Not only are you perpetrating a completely false view of what the FBI are and of their capabilities to fuel some half-cocked conspiracy theory, but you're also completely off the point of the original subject of the thread (as am I now). Let's just let this thread rest in peace.

Sorry, I was refering to all modes of electronic/internet communication.. my apologizes. And of course they dont have access to all overseas equipment.. but I can guarantee that all major US hubs have their traffic monitored.

My point is, the FBI doesn't exist to look pretty. They are actively monitoring (by monitoring I mean spying by every definition of the word) text communications. They didn't have these laws handed to them to put on the wall and look at, they are *wow* utilizing them. Perhaps you need to pay more attention to the_truth_is_out_there34253.

Indeed. That's the job/aim of people like GCHQ in the UK and the NSA in the United States. Remember the fuss a couple of years ago when it was suggested that major corporations were getting access to supposedly confidential information on their competitors from the 'Aegis' system? (I think I remember the name right).

PM

You articulate a stunning level of naiveté.

If you are poisoned by a tampered with bottle of aspirin you can find an attorney who will take your case (or your widow's case) and who will be able to find a court where a judge will hear it because the judge and his fellow members of the court, and police, and the federal and secret police, don't want to be poisoned or their families poisoned.

However, when a federal or secret police agency gets caught with their pants down, or a client of said agency does, you may succeed for a short time in getting an attorney to proceed with your case.

But...once the attorney is taken into the judge's chambers to meet with a high level officer of the fed/secret police and understands that this is a " matter of national security " your attorney will either tell you this (unlikely) or deceive you into believing that the case can't proceed because as "raccoon" stated in his lucid post "it was due to an error".

Remember, "9-11" and "al qaeda" are used to justify every sort of surveillance on the internet. The courts have never stood down such requests and almost every member of the national security state in every western nation is appalled at the level of anonymity possible in internet communications.

Just twenty years ago you could expect to have an FBI or even CIA file opened on you in the states for writing and receiving too many letters to foreign nations. Now you can talk in real time with people all over the world.

The governments of the west are in a state of abject fear which they are desperately trying to hide.

Given their ruthlessness and lethal ability to act you should be very concerned about such security matters and assume that anyone who starts screaming in a forum about "tinfoil hats" is an operative of such an entity concerned about a lucid post which reveals too much. You won't always be right about that assumption because of the copy cat nature of such posts, but more often than not you will. If challenged such a poster will attempt to defend itself by pointing out that it is a "long time member here" as if that disproved the suspicion.

I'm sure that the FBI, MI5, MI6, CIA and other lesser known (to me) police agencies have agents employed to monitor dozens of forums each day and to create personalities there which allow them to influence and even control discussions.

That's a big part of high level police and intelligence work.

Surely you have read reports about police posing as children? Why would you imagine that they limit such deceptive practices to pursuit of child molesters?

You're taking American policies and practices and assuming that they're present throughout the Western world, I can assure you that is not the case. In Britain and most -if not all- of Europe simply claiming something is a 'matter of national security' doesn't give anyone licence to do whatever they want at any cost. Of course spying is always going on, much of it illegal by anyone's laws - but that's all done in secret. As I explained in my previous post, putting logging into end user's software is impossible to hide, there aren't any governments in Europe who would want to risk the kind of backlash that would come about when the public realised that they were being monitored from their own computer by their own government.



- I think right here is where you left the rails. You honestly believe that there are tens of thousands of employees of government agencies just surfing the net contradicting people's conspiracy theories? It simply wouldn't happen. Not because they couldn't or due to any moral reason, but simply because they don't care. If a bunch of people posting on http[i][/i]://some.random.forum.com think that the government is spying on them and want to talk about it do you think someone at MI5 or the FBI suddenly thinks "we've got to stop them before they start a revolution! I know, let's call them paranoid!"? I think you grossly overestimate the importance placed by the government on your or anyone else's opinions. At most a single employee might glance over it's content and dismiss it as immaterial after having been caught, processed, and tagged as possibly noteworthy by some large-scale monitoring system.

I'm sure there are plenty of occurences in which a government agency oversteps the bounds of what I would consider reasonable and infringes on people's privacy, however utilising end-user software as government-endorsed spyware isn't one of them. I'm afraid that it's people who cry wolf about 'big brother' and government conspiracies who dilute the potency of valid concerns about privacy issues and help paint the picture that every internet privacy advocate is a paranoid nutball.

British police do not need to claim anything. Britain has the most intrusive laws governing ISP logging of their customers, the English were pioneers in this area.



What backlash are you referring to? The ACLU freely admits that the American people by huge majorities do not support the First Amendment of their Constitution. I recall someone from the ACLU saying that 90% of the American people do not support free speech when challenged.

I know that a majority of people will openly support the monitoring of their activities to prevent crime and "terrorism".

Most of the so-called "civil libertarians" in America are either such frauds or of such grand incompetence that often I feel compelled -for a split second- to side with their jackboot opponent because their arguments are so weak.

It's like listening to an NRA spokesman claim that he needs his rifle or handgun to "hunt deer".

The writers of the Constitution did not give the public of 1776 the right to own guns so they could hunt for food, but to defeat any attempt at government tyranny. A proper reading of the Constitution thus means that today we would all have the right to bear Stinger anti-aircraft missiles so we could shoot down jet fighters and helicopters and anti-tank rounds to defeat armored personnel carriers and tanks such as what were used at Waco.

Essentially the Founders of America gave the citizenry the right to say whatever they wanted, and the right to kill anyone who would deny them this right.



No, that's too many. Perhaps eight hundred to a thousand or so, that's all that's necessary. In fact, given the prevalence of bots used to monitor traffic in conjunction with supercomputers a few hundred may be all that is needed.

Most Web forums are populated by idiots and thus would be flagged so. No need for any input. With pooling of resources (people) a few hundred cops is all that is needed.

I don't know of any western nations which do not work with the FBI and CIA. Private corporations in all these nations also work with them and do not talk about it. Most people are scared of losing their jobs at a minimum and some of us know the answer to the question posed to Robert Redford in "Three Days of the Condor".

"Will they print it?

No.

They work very hard to make us believe they will, but the answer -if it's really significant- is "no".

Articles such as this one give the game away if you remember it.

I have never read a truly critical article about the FBI and their inability to arrest real Internet criminals.

For instance: Business Week magazine ran an article about two years ago about identity information and credit cards being traded over IRC. Business Week gave up the names of the chat rooms on DALnet which were being used.

I logged onto them a week later and found all of this to be true. I was further stunned a couple of months later when I tried again and everything was operating as usual. We are talking about people's full identities being given away in the open channel.

True this is not going on in DALnet channels anymore, but it is still going on via IRC two years later.

The New York Times and all other media outlets are obviously aware of this, but they write nothing about it. That is proof of a working relationship between the FBI and the so-called "mainstream" media.

This hacker/cracker/identity thief who keeps this going runs his Web site teaching the trade two years on. He calls himself (or herself I suppose) "GSD". This individual should be more famous than Kevin Mitnick, but is not because the FBI can't find him, and until they do -if they do- he will get not a drop of ink in the media from those who know about him.

Here's something else to think about: Only one virus writer has ever been caught. The rest are "script kiddies" who altered another existing virus.

Your virus/Trojan scanner is only useful against known viruses and Trojans which are "in the wild". Nothing is ever mentioned about that by the media. Truly malicious trojans used to gather real information from someone are probably in broad use by police and intelligence agencies. Private dicks probably use them as well for illegal purposes. No doubt individuals -true hi-tech crooks- have written and successfully used their own.

Was the Justice Department's (top control of FBI) suit against Microsoft really about anti-trust violations or was it about gaining backdoor access to Windows? Is that why so many backdoors to Windows keep popping up, and after discovery remain unfixed up to seven months later despite the bad publicity eventually generated?

Why does it take so many months for the media to report on such vulnerabilities? If a noted Web site with ties to big corporations and law enforcement reports on its Web site that total access to Windows XP can be gained -but withholds the info- why would the "mainstream" media not immediately report this news? Does the FBI share security info with the media to prevent their being victimized and thus assure them of their own security while the vulnerability goes unfixed?

So the answer to the question posed to Robert Redford is definitely "no".

British police do not need to claim anything. Britain has the most intrusive laws governing ISP logging of their customers, the English were pioneers in this area.

ISPs in Australia log activity too but not by choice, it's a government requirement and it's not just activity itself but for dialup customers even the number they connect from is logged as well. Perhaps you believe that people are oblivious to this. On the other side of the coin is a little thing called the Privacy Act, which among other things governs what ISPs can do with the information they collect and how the information can be stored and for how long it must be held, etc. Can a spy agency here just help themselves to the information? No. They have to get a court order ad to get that they have to explain to the magistrate why they require the information. Telling the court that the FBI (or any other spy agency) wants it is not good enough and would be laughed at every step of the way.

I think you would be pleasantly surprised as to what lengths are required to obtain personal information about other people. The AFP (Australian equivalent of the FBI) can't even hold a suspected terrorist for more than 48 hours without laying charges so what hope have they got trying to arrest someone who was distributing a few movies or songs on IRC which isn't harming anything aside from the greedy pockets of multinational record companies. It is my suggestion that most western countries have a similar situation. Your belief that the FBI is the recipient of conveyor belt loads of information about non-US citizens is a patent case of make-believe. You need to stop watching "Greatest American Hero" and look at the real world.