Previous Politech article: "McAfee replies -- by denying any FBI contacts of any sort" http://www.politechbot.com/p-02839.html --- From: "Ted Bridis" <tbridisat_private> To: "Declan McCullagh" <declanat_private>, <politechat_private> Subject: RE: McAfee replies -- by denying any FBI contacts of any sort Date: Mon, 26 Nov 2001 17:11:32 -0500 >>Perhaps Ted can elaborate?<< I stand by my reporting for the AP. This information came from a senior company officer. I won't identify this person in this post because I've been unable to reach this person by phone or e-mail since the flap erupted. I can't resolve what McAfee told me last week and today's contradictory statement except to note the critical public response against McAfee that emerged over the holiday weekend. I do empathize with the awkward dilemma this puts companies in: Good U.S. corporate citizens have a responsibility to assist the FBI in criminal and terrorism investigations. But accommodating the government by intentionally building a weakness/vulnerability into detection or security software seems to carry a lot of consequences. I noticed that McAfee's statement doesn't say they will not build any such an accommodation into its antivirus or its firewall software if the FBI asks, just that it hasn't been asked to do it yet and that it complies with all U.S. laws. But as McAfee's PR release noted, much of this is speculative since nobody's sure how Magic Lantern would be installed remotely (as an enticing e-mail attachment, "fbi-porn.exe"? Or using a buffer overflow? Or using different vectors depending on the target's o/s and applications?) If it's the latter, wouldn't the major operating system vendors need to leave unpatched holes for the FBI to exploit? Where does it end? Rgds, Ted Bridis, staff writer The Associated Press 2021 K St., NW, Suite 600 Washington, DC 20006 (202) 776-9462, voice (202) 776-9570, fax (202) 437-4640, cell ------------------------------------------------------------------------- POLITECH -- Declan McCullagh's politics and technology mailing list You may redistribute this message freely if you include this notice. Declan McCullagh's photographs are at http://www.mccullagh.org/ To subscribe to Politech: http://www.politechbot.com/info/subscribe.html This message is archived at http://www.politechbot.com/ -------------------------------------------------------------------------
This archive was generated by hypermail 2b30 : Mon Nov 26 2001 - 14:40:49 PST