Imagine that you're accused of a crime, and the basis of the accusation is a log entry generated by a piece of custom software. You might have some questions: does the software work? how accurate is it? how did it get the results that it did? Unfortunately, the software isn't available to the public. And you can't get access to the source code or even a working instance of the software. All you get are assurances that the software is in use by investigators around the globe, and doesn't do anything that law enforcement isn't supposed to be doing. Because you can trust the government, right?
This talk will look at a family of tools designed for investigating peer-to- peer networks. By synthesizing information from dozens of search warrant affidavits, and a few technical sources, we're able to put together at least a partial picture of the software's capabilities. But we'll also look at the reasons the government offers for keeping these tools out of the public eye and talk about whether they make sense. Finally, we'll examine the implications that investigations based on secret capabilities have for justice.