Re: CBS Marketwatch article, was: CRIME Article on Magic Lantern from ZDNET

From: Steve Layman (slayman@private)
Date: Mon Dec 10 2001 - 09:01:47 PST

  • Next message: CURTIS Michael S * LEDS: "RE: CRIME LEDS/NCIC"

    Hi Jimmy -
    Thanks. It was a pleasure to see that Network Associates and other AV 
    suppliers think it important enough to provide the service that is fully 
    expected from their paying customers.
    Cheers... Steve
    Kuo, Jimmy wrote:
    >The "right" answer has finally filtered to the top:
    >Anti-virus firms: No FBI exception
    >Symantec, Network Assoc. won't leave "Lantern" hole
    >(If you have trouble with the long URL, go to:
    >and click on "Scram, G-Men")
    >-----Original Message-----
    >From: Steve Layman
    >To: 'CRIME '
    >Sent: 12/7/01 7:30 PM
    >Subject: CRIME Article on Magic Lantern from ZDNET
    >Below is an interesting article that was posted on on Dec.
    >4th. A few points:
    >*	Paragraph  two states they (FBI) want to use Magic Lantern "in
    >the war against terrorism" whereas in paragraph 6 they want to use Magic
    >Lantern "to find criminals and terrorists". It clearly does not state to
    >monitor or gleam information from suspected criminals but says "to find
    >criminals". Which one is it. Call me niave but I think it is the latter.
    >*	Making Magic Lantern and other activity such as Carnivore public
    >knowledge (one of the few times I think I have ever complimented the
    >press) has done two good things and I think one bad thing if you change
    >your paradigm. Carnivore brought to light that you must use an
    >encryption tool such as PGP. It told folks you need this tool or
    >something like it to keep others with absolutely no business from
    >snooping into and intercepting your private communications . Great
    >lesson from the Carnivore news and the world benefited. Secondly, Magic
    >Lantern brings to light that folks must be very very careful with email
    >attachments. Maybe even to the point of paranoia. I never ever open any
    >email attachment on my computer that is conneted to the internet.
    >Period. Not even if my mother's name is on it. Don't even send
    >attachments to me I tell folks. Great  lesson from the Magic Lantern
    >news is that you must protect you encryption keys. Treat them like
    >gold!!! The bad thing it has done is place ideas in the heads of those
    >that may not have ever thought to develop a key-logger for malicious
    >reasons. It is no deep dark secret that many government and commerial
    >computer networks lack adequate security and now a new tool has been
    >brought to light although actually not new. You will see many malicious
    >code writers developing their own key-logger trojan because it is the
    >latest craze.
    >*	I use Norton at home (sorry Jimmy... it had the best rebate at
    >the time) and no I have not read the entire license agreement word for
    >word but my expectation is that it would scan for all cases where a
    >signature was available. The public's expectation  I would think would
    >be very high that something this powerful would be able to be scanned
    >for and detected. I think folks could potentially sue an AV and argue in
    >a court of law that being able to detect for Magic Lantern was a
    >"reasonable expectation" based upon the type of product I purchased and
    >it was marketed to as a detection program and thus why was Magic Lantern
    >noted detected?. Is this correct? I agree with the author of the article
    >that collusion with the FBI would probably begin the downfall of U.S AV
    >company dominance if not the end for those that were proven in the press
    >to collude. A company would then loose the trust that is so important to
    >the success of the company unless you have a monopoly or something
    >close. I am sure their are others (shadowy webs) with no alligiance to
    >anyone except the almighty dollar that would gladly pick up the slack.
    >*	I think with the news of Magic Lantern that makes it already
    >useless as an effective tool. Kind of like publishing that there is
    >photo radar at a particular intersection. What idiot would then run a
    >red light if he know. As the authors of many books on hacking have
    >stated, "know your emeny". They say this is key and it could not be more
    >true. I think in the hacker or malicious code writer world they would
    >say they clearly know whom they see as the enemy and they are not
    >impressed. Stories are published almost daily about some sys. admin. not
    >doing his/her job. Hackers and malicious code writers know that for the
    >most part sys. admins. may not be well trained or very diligent about
    >security or applying  know patches.
    >To something more topical... many years ago I played around with a voice
    >recognition S/W tool but never really understood how it worked
    >internally. I had issues with reliability and it was cumbersome to use
    >so I just uninstalled it and never played with it since. Does anyone
    >know how effective Magic Lantern (or any key-logging trojan) would be
    >againt a voice recognition key stroke generator tool instead of
    >physically touching the keys to create and send emails and does this
    >possiblity even exist with any email tools out there?

    This archive was generated by hypermail 2b30 : Sun May 26 2002 - 11:37:03 PDT