
Documents: FBI Spyware Has Been Snaring Extortionists, Hackers for Years - kqr2
http://blog.wired.com/27bstroke6/2009/04/fbi-spyware-pro.html
======
mustpax
The spyware itself is boring as it just collects IP addresses and similar
info. What is interesting, on the other hand, is that the payload is delivered
through a single page view. Either FBI is using 0-day exploits or has other
"understandings" with OS/Browser vendors. And some systems are more vulnerable
than others apparently:

>>> "In these instances, the CIPAV did not deliver its payload because of
system incompatibility."

0-day browser exploits are hard to come by, even for the FBI.

~~~
tptacek
Or they're just using any of a hundred older browser vulnerabilities, and
targeting people who haven't patched.

Though, for what it's worth, 0-day browser exploits may not be hard to come by
for the FBI; government agencies are vulnerability buyers.

------
Herring
So what's the next step in this cat & mouse security game? Chrome-like
sandboxing? OS level virtualization of every process? Is the end in sight?

------
GrandMasterBirt
Fun question: Is it illegal for anti-viruses to detect and prevent this?

