- To former detective Frank Jones, "secure network"
is an oxymoron. The word "delete" isn't in his vocabulary. Password-protect
your computer and you'll make his day.
- And if you really get on Jones' bad side, he'll take
complete control of your PC--and your first clue will be when you open
your door and the boys in overcoats start flashing badges at you.
- If you're among the anonymous thousands of cyber bad
guys who inhabit the Internet's underbelly, Jones is your worst nightmare.
- The retired New York City detective works on the law
enforcement sidelines building software tools to help the government and
police crack down on online criminals.
- And his latest tool is considered the ultimate weapon.
- Digging up DIRT
- Jones wrote the widely used, but little-known software
program called DIRT. The program works like a telephone wiretap for computers,
giving its users the ability to monitor and intercept data from any Windows
PC in the world.
- DIRT stands for Data Interception by Remote Transmission
and was originally created by Jones as a tool to help snare online child
pornographers. But in the short time it has been available only to government
and law enforcement agencies, DIRT is now used to battle hacker groups
like Cult of the Dead Cow and to trap terrorists, drug dealers, money
launderers, and spies.
- "What we do is give law enforcement an additional
line of defense," says Jones, the president of Codex Data Systems.
- The DIRTy Details
- The client side version of the DIRT program is less than
20KB in size and is typically installed on a target PC using a Trojan
horse program (a set of instructions hidden inside a legitimate program).
The DIRT program is usually sneaked inside an e-mail attachment, a macro,
or a workable program that a targeted user is enticed to download.
- Once inside a target Windows 95/98/NT computer, it gives
law enforcement complete control of the system without the user's knowledge.
- It starts off by secretly recording every keystroke the
user makes. The next time the user goes online, DIRT transmits the log
for analysis. Jones says government agencies have even managed to open
encrypted files by obtaining password locks.
- During a recent program demonstration, Jones easily uploaded
and downloaded files to a DIRT-infected computer connected to the Net
by a dial-up modem. Jones could upload and download files to the PC without
a hint of activity on the other end.