The "infinity bug" is alleged to be a device rendering any telephone, even one on-hook, capable of transmitting audio to a listener. Whether it's real is not the point. Could the LEAs and intelligence agencies be using the equivalent of infinity bugs in the computers of targets? Something that is sent to a user as an attachment or executable, a la the various worms and viruses, something that sends results of keystrokes, or passwords entries, or keyword searches? Items: * The alleged use of "registration sniffers" which Microsoft was alleged (probably wrongly) to have used a few years ago to scan the hard disks of users of its products and then this information--it was alleged--could be retrieved by MS at some point. (I say probably wrongly for reasons discussed a few years ago. Still, it suggests some possibilities, which is why I mention it now.) * The spoof Web pages, masquerading as real Web pages. A classic man-in-the-middle attack, analogous to building a fake ATM (on screen or even physical) around a real ATM. Even the "Web page shrinks to a 3 x 5 pixel dot and lingers on the screen where it is not noticed" method. (I don't remember what this was called, so I'm describing it.) * The SirCam thing, of course. My spoof about NIPC secret documents being sent out turned out not to be such a spoof after all, we heard a few days later. Suppose a much more refined and much more targeted version of SirCam was deposited on a target's computer? * We know there has been much funding of worms and viruses by the government...for more than a few years. There were _claims_ after the Gulf War that the U.S. had disabled some Iraqi systems with worms, viruses, trojans, etc. (Some of these claims were based on an "Infoworld" spoof reporting on viruses being sent to printers. But I expect _some_ of the claims may be based on fact.) * I read a French novel some years back called "Softwar," where a software bug is placed inside a supercomputer and is set to go off if ever a weather report has a specific combination of temperatures and wind speeds in a specific city. Poorly written (maybe it was the translation, maybe it was just typical French SF), but an interesting idea. * There were some cases years ago where Webcams, often built into monitors or left sitting on top of monitors permanently, could be turned-on remotely. Even more the case with built-in microphones. It'd be a hoot if the Feds are finding ways to turn on Webcams and microphones in homes and businesses. Even to leave trojans on a system for storing compressed snatches of audio. These items are just meant to suggest possibilities. Besides doing research to "protect" the computer infrastructure, it seems that using "remote viewing" is a potential good alternative to Carnivore and to breaking physically into homes. Maybe something like this is the bugging technology the FBI doesn't want to disclose in open court? Last point. As networks get so complex, with so many old legacy things left hanging on corporate Intranets, on LANs and WANs and wireless nets (another can of worms, so to speak), more and more opportunities for depositing little bits of code to sniff passwords, to search for keywords, to turn on microphones and cameras. It's a place I'd be putting some money into, were I the CIA, DEA, FBI, or any of a dozen other agencies. --Tim May