is your computer watching you?The spectre of Big Brother just got a giant step closer thanks to a controversial piece of software called DIRT.Sold only to police, military and intelligence agencies, DIRT is causing a small furor in civil liberties circles. It offers government operatives a powerful tool to break into your home through the Internet and read everything on your computer, without ever leaving their offices.
The brainchild of former NYPD cop Frank Jones, DIRT stands for Data Interception by Remote Transmission. Depending on the model, it reportedly costs anywhere from a few thousand dollars to over $200,000.
Even a well-secured computer is vulnerable. The software is said to be powerful enough to penetrate many common security tools, including firewalls. No anti-virus program on the market can detect it.
Reached at his company, New York-based Codex Data Systems, Jones was tight-lipped about the software's capabilities and which governments he's sold it to, calling that "proprietary information."
An ad for DIRT says even the technically challenged can use it to break into a computer halfway around the globe. "Imagine being able to remotely monitor any PC in the world any time you want," says the ad, posted earlier this month on the intelligence Web site cryptome.org. "Suppose you could read every keystroke access and retrieve any file from the hard drive. No more secrets."
No police or intelligence agency in Canada or the U.S. has acknowledged that it hacks. In fact, computer hacking by governments is one of the most sensitive and highly classified government secrets anywhere in the world.
It goes by innocent-sounding terms like "computer network exploitation" and "information operations."
But even military and intelligence officials acknowledge hacking is highly dubious in the eyes of both domestic and international law.
"If you get caught mapping out the critical infrastructure of a power grid, people might view it as an act of war," said one U.S. intelligence expert who advises the Pentagon on information operations.
A renowned U.S. computer scientist who has testified before Congress and advised the U.S. government on computer security tells NOW that hacking by western military and intelligence services is an explosive issue.
"There are a lot of folks here who don't want to admit this is going on," he says, adding a warning: "You're on the tip of the iceberg here. You want to be a little bit careful."
Canadian and U.S. police, for their part, are also interested in hacking to get evidence for criminal cases. But here too, the legalities are extremely questionable. "There is no case law on it at all," says RCMP Inspector Peter McAughley, head of the force's high-tech crime forensics unit. Yet he says that with a little "tweaking," existing legislation in Canada does allow cops to hack for evidence. "If it's an investigative avenue and it can be done legally, it's something else we can throw in the tool box."
Already, Australia and New Zealand have adopted legislation to allow security agencies to hack into citizens' computers and alter data to hide traces of intrusions.
All this has civil libertarians aghast. "These are the worst kinds of searches," says Barry Steinhardt, associate director of the American Civil Liberties Union. "We do not think intelligence agencies or law enforcement should be engaging in these black bag operations, especially without close supervision from courts."
Canadian interest in hacking technology was revealed during a New York trial in which DIRT vendor Frank Jones was charged with possession and distribution of illegal wiretap equipment. Jones was convicted of a single count of possessing illegal bugs, and sentenced in 1999 to 300 hours of community service and five years of probation.
The court file includes letters from Jones's attorney, seeking permission for Jones to travel to Canada three times during the trial to meet RCMP, local and regional police, Interpol, Canadian government and military officials to discuss software he had developed.
Michael Richardson, a former Canadian intelligence officer who was the Canadian distributor for DIRT at the time, tells NOW the meetings were arranged to discuss DIRT.
Richardson says he quit Codex after he learned of Jones's criminal conviction and that Jones had secretly been selling DIRT to governments like Peru and South Africa that have lax laws covering the use of evidence in court.
"It's a very dangerous product. It can take control of a machine and download what's on it," says Richardson.
Eric Schneider, the computer programmer who wrote DIRT, also doesn't have much nice to say about Jones. A business partner in Codex, Schneider left in 1999 for what he calls "ethical reasons." He tells NOW he designed DIRT to help police investigate pedophiles, but that Codex has since sold it to foreign governments.
Schneider also says DIRT isn't as powerful as Codex claims. The latest versions aren't much more powerful than free hacker tools called Trojans, like Back Orifice or SubSeven, he said. "It's pretty unimpressive, I think."
Jones vehemently disagrees, saying DIRT "bears little resemblance to Back Orifice. The underground community likes to knock the program, but they've never seen the true power of this device."
Jones refuses to talk about the court case, saying he's about to file a $20-million defamation suit against people who disparaged him and DIRT on the Web. He then hangs up the phone.