The "right" answer has finally filtered to the top: http://cbs.marketwatch.com/news/story.asp?guid=%7B5A7D3C17%2D23C3%2D4C41%2DA 071%2D6329E2E112F1%7D&siteid=mktw Anti-virus firms: No FBI exception Symantec, Network Assoc. won't leave "Lantern" hole (If you have trouble with the long URL, go to: http://cbs.marketwatch.com and click on "Scram, G-Men") Jimmy -----Original Message----- From: Steve Layman To: 'CRIME ' Sent: 12/7/01 7:30 PM Subject: CRIME Article on Magic Lantern from ZDNET Below is an interesting article that was posted on ZDNET.com on Dec. 4th. A few points: * Paragraph two states they (FBI) want to use Magic Lantern "in the war against terrorism" whereas in paragraph 6 they want to use Magic Lantern "to find criminals and terrorists". It clearly does not state to monitor or gleam information from suspected criminals but says "to find criminals". Which one is it. Call me niave but I think it is the latter. * Making Magic Lantern and other activity such as Carnivore public knowledge (one of the few times I think I have ever complimented the press) has done two good things and I think one bad thing if you change your paradigm. Carnivore brought to light that you must use an encryption tool such as PGP. It told folks you need this tool or something like it to keep others with absolutely no business from snooping into and intercepting your private communications . Great lesson from the Carnivore news and the world benefited. Secondly, Magic Lantern brings to light that folks must be very very careful with email attachments. Maybe even to the point of paranoia. I never ever open any email attachment on my computer that is conneted to the internet. Period. Not even if my mother's name is on it. Don't even send attachments to me I tell folks. Great lesson from the Magic Lantern news is that you must protect you encryption keys. Treat them like gold!!! The bad thing it has done is place ideas in the heads of those that may not have ever thought to develop a key-logger for malicious reasons. It is no deep dark secret that many government and commerial computer networks lack adequate security and now a new tool has been brought to light although actually not new. You will see many malicious code writers developing their own key-logger trojan because it is the latest craze. * I use Norton at home (sorry Jimmy... it had the best rebate at the time) and no I have not read the entire license agreement word for word but my expectation is that it would scan for all cases where a signature was available. The public's expectation I would think would be very high that something this powerful would be able to be scanned for and detected. I think folks could potentially sue an AV and argue in a court of law that being able to detect for Magic Lantern was a "reasonable expectation" based upon the type of product I purchased and it was marketed to as a detection program and thus why was Magic Lantern noted detected?. Is this correct? I agree with the author of the article that collusion with the FBI would probably begin the downfall of U.S AV company dominance if not the end for those that were proven in the press to collude. A company would then loose the trust that is so important to the success of the company unless you have a monopoly or something close. I am sure their are others (shadowy webs) with no alligiance to anyone except the almighty dollar that would gladly pick up the slack. * I think with the news of Magic Lantern that makes it already useless as an effective tool. Kind of like publishing that there is photo radar at a particular intersection. What idiot would then run a red light if he know. As the authors of many books on hacking have stated, "know your emeny". They say this is key and it could not be more true. I think in the hacker or malicious code writer world they would say they clearly know whom they see as the enemy and they are not impressed. Stories are published almost daily about some sys. admin. not doing his/her job. Hackers and malicious code writers know that for the most part sys. admins. may not be well trained or very diligent about security or applying know patches. To something more topical... many years ago I played around with a voice recognition S/W tool but never really understood how it worked internally. I had issues with reliability and it was cumbersome to use so I just uninstalled it and never played with it since. Does anyone know how effective Magic Lantern (or any key-logging trojan) would be againt a voice recognition key stroke generator tool instead of physically touching the keys to create and send emails and does this possiblity even exist with any email tools out there? <http://www.zdnet.com/zdfeeds/msncobrand/news/0%2C13622%2C2829781%2C-hud 00025nshm3%2C00.html> http://www.zdnet.com/zdfeeds/msncobrand/news/0%2C13622%2C2829781%2C-hud0 0025nshm3%2C00.html
This archive was generated by hypermail 2b30 : Sun May 26 2002 - 11:37:01 PDT