In the days since I posted a story on the FBI’s use of CIPAV (which may be their “magic lantern” capability), my blog has been visited by many individuals who are trying to figure out how to detect whether CIPAV is running on their systems and, if so, how to disable or remove it.
Sorry, can’t help you. Won’t help you.
As a security professional, I deeply understand the concern about spyware, key loggers, and other tools that track our movements and even our keystrokes. When they originate from commercial or malicious sources, of course I want the ability to detect, disable, and remove. I wrote a book on the subject three years ago.
But when law enforcement obtains a court order and uses the same sort of software, I will not publicly discuss if such capabilities exist or how they work. Being an InfraGard board member, I have visibly close ties with the FBI and other branches and levels of law enforcement. As my disclaimer reads, I am 100% white hat. I support law enforcement as long as law enforcement is acting within established laws. My disclaimer is reproduced below.
My professional codes of ethics ((ISC)², ISACA, GIAC, InfraGard) forbid me from activities that give even the appearance of impropriety. Hence, I do not possess, and never have possessed, nor downloaded, examined, or viewed, any tools that can be used to exploit weaknesses. I do not associate with those who do. I am 100% white hat.
Peter H. Gregory 