The following story was based on an article in the Register, which has now been revised by its author. It seems that the claims made for D.I.R.T. in the Powerpoint presentation discussed below are not accurate, in the sense that the program is not as powerful as thought. Specifically, it cannot actually defeat all firewalls. Unfortunately, what it can and cannot defeat seems to be unclear.
The program would still presumably allow the placement of files on a computer where it was resident.
The new article suggests that it should be somewhat easier to detect D.I.R.T. on a PC than was implied in the last one. To read the new article click here.
This is our original article:
The contents of a Powerpoint slide show presentation about Codex Data Systems’ infamous D.I.R.T. (Data Interception by Remote Transmission) program sheds new light on its ability not only to invade virtually any computer undetected, but also to enable the planting of false evidence on computers.
The presentation was intended to be seen only by security agencies, but has appeared on the website of Cryptome.org a group devoted to the public release of information about government attempts to invade privacy.
According to Codex Data Systems’ slide show, D.I.R.T is capable of reading all keystrokes typed on a target PC, obtaining all account and password information, getting all e-mail and e-mail address books, bypassing PGP and other encryption software, obtaining graphics, reading the recycle bin and vritually any other file on the PC.
The program can also access other PCs on the same network as the target computer. It can allow the remote running of programs and system manipulation. It can send hidden code to target PCs, generating “bugs” and apparent defects rather than viruses.
Files can be sent to target PCs in virtually every format, meaning that “evidence” can easily be planted.
The program hides itself by installing inside Word documents, Excel documents and Powerpoint Presentations. It can also be installed inside RTF documents, Word Perfect Documents and autorun files on CD-ROMS and floppies. It will soon be able to be installed inside the Lotus Suite, in Java Script and in Active-X files.
Another Codex program, Antisec, searches for firewalls such as Zonealarm, Blackice and many others, then replaces their icon with an identical icon of its own. It allows stealth FTP connections to the target PC and, according to the slide presentation “effectively kills target’s security.”
Sale and use of DIRT and Antisec are controlled by law, and restricted to authorized military, government and law enforcement agencies.
To read the slide show, click here.
For the Register.com story with information about how to protect yourself from D.I.R.T., click here.
Opinion: Law enforcement obviously needs some means of monitoring illegal activity on the internet and in cyberspace in general. However, this program is a real double-edged sword. As long as it allows the planting of files on target computers, it not only opens the door to abuse, it gives defendants an airtight alibi, that the authorities themselves placed the incriminating files on the targeted computer.
NOTE: This news story, previously published on our old site, will have any links removed.