Re: CRIME FBI's "Magic Lantern" and McAfee Antivirus

From: Crispin Cowan (crispin@private)
Date: Sat Nov 24 2001 - 23:41:11 PST

  • Next message: Kuo, Jimmy: "RE: CRIME FBI's "Magic Lantern" and McAfee Antivirus"

    Kuo, Jimmy wrote:
    
    >>This article 
    >>http://www.washingtonpost.com/wp-dyn/articles/A1436-2001Nov22.html 
    >>(which is mostly about the FBI's "Magic Lantern" crypto key 
    >>sniffing mail virus) also mentions that McAfee Antivirus will NOT 
    >>detect and report Magic Lantern, 
    >>
    >This piece of "truth" is fabricated.
    >...
    >
    >By detecting its presence if we ever encounter it.
    >
    Cool!  Yes, that's a much better answer than I expected.  Thanks!
    
    >PS.  From the *rumored* description, it sounds like a trojan, not a virus.
    >
    IMHO, the distinction between trojans, worms, and virii has eroded to 
    the point where it no longer has any value. Mostly it is just a nuance 
    for journalists to get wrong, and geeks like us to rant over :-)
    
    >PPS.  How would we know if a password stealing trojan that is handed to us
    >by one of our users is this "Magic Lantern" thing?  You think the FBI would
    >come and tell us, "He's under investigation!  So, don't tell on us,
    >pleeeeeease!"  Or maybe it has "Copyright FBI" inside so we'll know when we
    >see it.  :-)
    >
    It is plausible for the FBI to provide a signature to McAffee and say 
    "please don't report if you see this." Whether NAI would ever do such a 
    thing is outside my knowledge. The report I cited only mentions in 
    passing that NAI has done this, and I am thrilled to hear that it's not 
    true.
    
    Thanks,
        Crispin
    
    -- 
    Crispin Cowan, Ph.D.
    Chief Scientist, WireX Communications, Inc. http://wirex.com
    Security Hardened Linux Distribution:       http://immunix.org
    Available for purchase: http://wirex.com/Products/Immunix/purchase.html
    



    This archive was generated by hypermail 2b30 : Sun May 26 2002 - 11:32:52 PDT