FC: AP's Ted Bridis replies to McAfee: "I stand by my reporting"

From: Declan McCullagh (declanat_private)
Date: Mon Nov 26 2001 - 14:36:36 PST

  • Next message: Declan McCullagh: "FC: London police will create database of juvenile miscreants"

    Previous Politech article:
    "McAfee replies -- by denying any FBI contacts of any sort"
    From: "Ted Bridis" <tbridisat_private>
    To: "Declan McCullagh" <declanat_private>, <politechat_private>
    Subject: RE: McAfee replies -- by denying any FBI contacts of any sort
    Date: Mon, 26 Nov 2001 17:11:32 -0500
     >>Perhaps Ted can elaborate?<<
    I stand by my reporting for the AP. This information came from a senior
    company officer. I won't identify this person in this post because I've been
    unable to reach this person by phone or e-mail since the flap erupted.
    I can't resolve what McAfee told me last week and today's contradictory
    statement except to note the critical public response against McAfee that
    emerged over the holiday weekend.
    I do empathize with the awkward dilemma this puts companies in: Good U.S.
    corporate citizens have a responsibility to assist the FBI in criminal and
    terrorism investigations. But accommodating the government by intentionally
    building a weakness/vulnerability into detection or security software seems
    to carry a lot of consequences.
    I noticed that McAfee's statement doesn't say they will not build any such
    an accommodation into its antivirus or its firewall software if the FBI
    asks, just that it hasn't been asked to do it yet and that it complies with
    all U.S. laws.
    But as McAfee's PR release noted, much of this is speculative since nobody's
    sure how Magic Lantern would be installed remotely (as an enticing e-mail
    attachment, "fbi-porn.exe"? Or using a buffer overflow? Or using different
    vectors depending on the target's o/s and applications?) If it's the latter,
    wouldn't the major operating system vendors need to leave unpatched holes
    for the FBI to exploit? Where does it end?
    Ted Bridis, staff writer
    The Associated Press
    2021 K St., NW, Suite 600
    Washington, DC 20006
    (202) 776-9462, voice
    (202) 776-9570, fax
    (202) 437-4640, cell
    POLITECH -- Declan McCullagh's politics and technology mailing list
    You may redistribute this message freely if you include this notice.
    Declan McCullagh's photographs are at http://www.mccullagh.org/
    To subscribe to Politech: http://www.politechbot.com/info/subscribe.html
    This message is archived at http://www.politechbot.com/

    This archive was generated by hypermail 2b30 : Mon Nov 26 2001 - 14:40:49 PST