[SLL] Fedora project lead seems to have played role in installing malware for FBI

Bradley Willson bradley.j.willson at gmail.com
Mon Apr 20 15:32:29 PDT 2009 

Just a hope we had gotten ourselves past the days of dipping
witches...plenty of facts missing to clearly define the situation and plenty
of inflammatory rhetoric to make it tabloid fodder.  Chances are he's not
going to divulge anything for security reasons.

On Mon, Apr 20, 2009 at 2:49 PM, Phil Mocek <pmocek-sll at mocek.org> wrote:

> On Mon, Apr 20, 2009 at 02:01:39PM -0700, Bradley Willson wrote:
> > It smacks of about half of the facts are there and all of the
> > supposition is present.
>
> There are quite a few facts.  It's hard not to combine them and draw a
> conclusion.
>
> Page 93 of the FBI documents [1] obtained by Wired News does indicate
> that "pfrields" was working on "CIPAV support as per discussion between
> EP SA<redacted> and <redacted>" in March of 2005, and it indicates that
> this is related to "data/voice intercept with encryption."
>
> Wired News reported [2] that "Computer and Internet Protocol Address
> Verifier," or CIPAV, is designed to infiltrate a target's computer and
> gather a wide range of information, which it secretly sends to an FBI
> server in eastern Virginia
>
> MIT's key server [3] does show:
>
>    pub  1024D/BD113717 1997/09/19 Paul W. Frields <pfrields at fbi.gov>
>                                   Paul W. Frields <paul at frields.com>
>                                   Paul W. Frields <paul at frields.org>
>                                   Paul W. Frields <stickstr at cox.net>
>                                   Paul W. Frields <pfrields at redhat.com>
>                                   Paul W. Frields <stickster at gmail.com>
>                                   Paul W. Frields <stickstr5 at hotmail.com>
>                                   Paul W. Frields <pwfrields.cart at fbi.gov>
>                                   Paul W. Frields <Paul.Frields at ic.fbi.gov
> >
>                                   Paul W. Frields <stickstr at cyberrealm.net
> >
>                                   Paul W. Frields <
> stickstr at novacoxmail.com>
>                                   Paul W. Frields <
> pfrields at fedoraproject.org>
>
> A document [4] describing a FUDCONF11 key signing party that happened
> this January indicates that someone with the aforementioned key
> participated.
>
> A configuration file [5] in Paul Frields' Subversion repository at
> frields.org lists the pfrields at fbi.gov address.
>
> Those very well may be coincidences, and this could be cleared up by
> Frields.  Soghoian says he's trying to reach Frields:
>
> >> As of press time (2AM on Saturday morning), Paul Frields had yet to
> >> respond to queries submitted via email or twitter. If he does respond
> >> at a later date, this blog post will be updated to reflect his
> >> comment.
>
> Soghoian also notes:
>
> >> Of course, even if the pfrields who worked for the FBI is the same
> >> pfrields who now leads Red Hat's free Linux distribution, there isn't
> >> necessarily any cause for concern.
> >>
> >> After all, unlike the CIA agents who tortured prisoners, and the illegal
> >> wiretapping performed by NSA employees, the work of the FBI seems to be
> >> above board -- well, except for the FBI's misuse of National Security
> >> Letters, oh and the likely illegal backdoor the FBI has to Verizon
> >> Wireless's backbone network.
> >>
> >> No need to worry though, since all of the CIPAV spyware requests do
> >> seem to have been accompanied by a court-approved search warrant.
>
> and:
>
> >> It's not that former government employees - even those in charge of
> >> installing spyware - should be excommunicated from the rest of the
> >> development community (after all -- there are former NSA engineers
> >> who have done amazing work on the SE Linux project). It's just that
> >> we should think twice before placing them into the open source
> >> community's most sensitive positions - just as the FBI would never
> >> grant the highest security clearances to a former hacker.
>
>
> References:
>
> [1]: <
> http://blog.wired.com/27bstroke6/files/fbi_cipav_wired_foia_041609.pdf>
> [2]: <http://blog.wired.com/27bstroke6/2009/04/fbi-spyware-pro.html>
> [3]: <http://pgp.mit.edu:11371/pks/lookup?search=fbi.gov&op=index>
> [4]: <
> http://domsch.com/linux/fedora/fudconf11/fudconf11-keysigning.txt.asc>
> [5]: <
> http://www2.frields.org:8080/WebSVN/filedetails.php?repname=repo&path=%2Fprofiles%2Fbin%2Fredhat-mirror&rev=90
> >
>
> --
> Phil Mocek
>



-- 
Best regards,
Brad Willson
http://www.linkedin.com/in/bradleywillson

More information about the linux-list mailing list