CBS Marketwatch article, was: CRIME Article on Magic Lantern from ZDNET

From: Kuo, Jimmy (Jimmy_Kuo@private)
Date: Sat Dec 08 2001 - 22:29:56 PST

  • Next message: George Heuston: "CRIME FW: NIPC Daily Report 10 December 2001"

    The "right" answer has finally filtered to the top:
    
    http://cbs.marketwatch.com/news/story.asp?guid=%7B5A7D3C17%2D23C3%2D4C41%2DA
    071%2D6329E2E112F1%7D&siteid=mktw
    
    Anti-virus firms: No FBI exception
    Symantec, Network Assoc. won't leave "Lantern" hole
    
    (If you have trouble with the long URL, go to:
    
    http://cbs.marketwatch.com
    
    and click on "Scram, G-Men")
    
    Jimmy
    
    -----Original Message-----
    From: Steve Layman
    To: 'CRIME '
    Sent: 12/7/01 7:30 PM
    Subject: CRIME Article on Magic Lantern from ZDNET
    
    Below is an interesting article that was posted on ZDNET.com on Dec.
    4th. A few points:
    
    
    *	Paragraph  two states they (FBI) want to use Magic Lantern "in
    the war against terrorism" whereas in paragraph 6 they want to use Magic
    Lantern "to find criminals and terrorists". It clearly does not state to
    monitor or gleam information from suspected criminals but says "to find
    criminals". Which one is it. Call me niave but I think it is the latter.
    *	Making Magic Lantern and other activity such as Carnivore public
    knowledge (one of the few times I think I have ever complimented the
    press) has done two good things and I think one bad thing if you change
    your paradigm. Carnivore brought to light that you must use an
    encryption tool such as PGP. It told folks you need this tool or
    something like it to keep others with absolutely no business from
    snooping into and intercepting your private communications . Great
    lesson from the Carnivore news and the world benefited. Secondly, Magic
    Lantern brings to light that folks must be very very careful with email
    attachments. Maybe even to the point of paranoia. I never ever open any
    email attachment on my computer that is conneted to the internet.
    Period. Not even if my mother's name is on it. Don't even send
    attachments to me I tell folks. Great  lesson from the Magic Lantern
    news is that you must protect you encryption keys. Treat them like
    gold!!! The bad thing it has done is place ideas in the heads of those
    that may not have ever thought to develop a key-logger for malicious
    reasons. It is no deep dark secret that many government and commerial
    computer networks lack adequate security and now a new tool has been
    brought to light although actually not new. You will see many malicious
    code writers developing their own key-logger trojan because it is the
    latest craze.
    *	I use Norton at home (sorry Jimmy... it had the best rebate at
    the time) and no I have not read the entire license agreement word for
    word but my expectation is that it would scan for all cases where a
    signature was available. The public's expectation  I would think would
    be very high that something this powerful would be able to be scanned
    for and detected. I think folks could potentially sue an AV and argue in
    a court of law that being able to detect for Magic Lantern was a
    "reasonable expectation" based upon the type of product I purchased and
    it was marketed to as a detection program and thus why was Magic Lantern
    noted detected?. Is this correct? I agree with the author of the article
    that collusion with the FBI would probably begin the downfall of U.S AV
    company dominance if not the end for those that were proven in the press
    to collude. A company would then loose the trust that is so important to
    the success of the company unless you have a monopoly or something
    close. I am sure their are others (shadowy webs) with no alligiance to
    anyone except the almighty dollar that would gladly pick up the slack.
    *	I think with the news of Magic Lantern that makes it already
    useless as an effective tool. Kind of like publishing that there is
    photo radar at a particular intersection. What idiot would then run a
    red light if he know. As the authors of many books on hacking have
    stated, "know your emeny". They say this is key and it could not be more
    true. I think in the hacker or malicious code writer world they would
    say they clearly know whom they see as the enemy and they are not
    impressed. Stories are published almost daily about some sys. admin. not
    doing his/her job. Hackers and malicious code writers know that for the
    most part sys. admins. may not be well trained or very diligent about
    security or applying  know patches.
    
    
    To something more topical... many years ago I played around with a voice
    recognition S/W tool but never really understood how it worked
    internally. I had issues with reliability and it was cumbersome to use
    so I just uninstalled it and never played with it since. Does anyone
    know how effective Magic Lantern (or any key-logging trojan) would be
    againt a voice recognition key stroke generator tool instead of
    physically touching the keys to create and send emails and does this
    possiblity even exist with any email tools out there?
    
     
    <http://www.zdnet.com/zdfeeds/msncobrand/news/0%2C13622%2C2829781%2C-hud
    00025nshm3%2C00.html>
    http://www.zdnet.com/zdfeeds/msncobrand/news/0%2C13622%2C2829781%2C-hud0
    0025nshm3%2C00.html 
    



    This archive was generated by hypermail 2b30 : Sun May 26 2002 - 11:37:01 PDT