Kuo, Jimmy wrote: >>This article >>http://www.washingtonpost.com/wp-dyn/articles/A1436-2001Nov22.html >>(which is mostly about the FBI's "Magic Lantern" crypto key >>sniffing mail virus) also mentions that McAfee Antivirus will NOT >>detect and report Magic Lantern, >> >This piece of "truth" is fabricated. >... > >By detecting its presence if we ever encounter it. > Cool! Yes, that's a much better answer than I expected. Thanks! >PS. From the *rumored* description, it sounds like a trojan, not a virus. > IMHO, the distinction between trojans, worms, and virii has eroded to the point where it no longer has any value. Mostly it is just a nuance for journalists to get wrong, and geeks like us to rant over :-) >PPS. How would we know if a password stealing trojan that is handed to us >by one of our users is this "Magic Lantern" thing? You think the FBI would >come and tell us, "He's under investigation! So, don't tell on us, >pleeeeeease!" Or maybe it has "Copyright FBI" inside so we'll know when we >see it. :-) > It is plausible for the FBI to provide a signature to McAffee and say "please don't report if you see this." Whether NAI would ever do such a thing is outside my knowledge. The report I cited only mentions in passing that NAI has done this, and I am thrilled to hear that it's not true. Thanks, Crispin -- Crispin Cowan, Ph.D. Chief Scientist, WireX Communications, Inc. http://wirex.com Security Hardened Linux Distribution: http://immunix.org Available for purchase: http://wirex.com/Products/Immunix/purchase.html
This archive was generated by hypermail 2b30 : Sun May 26 2002 - 11:32:52 PDT