FC: Symantec pledges to acquiese to FBI backdoor demands

From: Declan McCullagh (declanat_private)
Date: Wed Nov 28 2001 - 05:00:20 PST

  • Next message: Declan McCullagh: "FC: Federal judge throws out EFF-Felten lawsuit challenging DMCA"

    Symantec sells security software including:
      Norton Antivirus
      Symantec Intruder Alert
      Symantec NetProwler 3.5
      Symantec AntiVirus Enterprise Edition
      Symantec AntiVirus Command Line Scanner 1.0
      Symantec Desktop Firewall 2.0
      Symantec Enterprise Firewall 6.5
      Symantec Enterprise VPN 6.5
      Symantec Enterprise Security Manager 5.5
      Symantec NetRecon 3.5
    Date: Wed, 28 Nov 2001 12:47:21 +0100
    To: declanat_private
    From: Maurice Wessling <mauriceat_private>
    Subject: Symantec will not detect Magic Lantern
    Eric Chien, chief researcher at Symantec's antivirus research lab, said 
    that provided a hypothetical keystroke logging tool was used only by the 
    FBI, then Symantec would avoid updating its antivirus tools to detect such 
    a Trojan. The security firm is yet to hear back from the FBI on its 
    enquiries about Magic Lantern but it already has a policy on the matter.
    "If it was under the control of the FBI, with appropriate technical 
    safeguards in place to prevent possible misuse, and nobody else used it - 
    we wouldn't detect it," said Chien. "However we would detect modified 
    versions that might be used by hackers."
    Date: Wed, 28 Nov 2001 00:57:28 -0500
    To: politechat_private
    From: red <redat_private>
    Subject: FC: McAfee broadens denial: No contact with government of any
    Cc: declanat_private, tbridisat_private
    Declan, et al.
    I believe it to be impossible that McAfee would build-in some sort of 
    mechanism that would enable an authority to remotely allow keystroke 
    logging. Not because this would technically be inconceivable - I believe it 
    is, and I believe it is done as well -, but merely because of the 
    international ramifications such construct would bring along. NAI, and 
    McAfee.com certainly look forward to a more prosperous financial year. And 
    they do their best to accomplish that. This company simply cannot afford 
    under its new leadership to see its overseas competition (as F-Secure, 
    Sophos and others) eat away their international market share. If 
    McAfee.com/NAI would entertain what was said, this would be quite possibly 
    the end of the company, as their international revenue would halt almost 
    instantly. The impact would be felt in all NAI products.  And then with so 
    many a.v. manufacturers, they'd still only cover those who'd agreed to do 
    this. The possibility of an embarrassing leak would be a federal disaster. 
    Come to mind that none of the foreign owned a.v.'s would go along. Although 
    it might be seen that way by some, this would not be a "home land" security 
    issue, sec.  It would impact almost all foreign nations. E.g. the EU would 
    start stripping Mr. Mueller's pants down so fast, he even wouldn't have 
    known he has 'em on. There's under the current EU regime (after the first 
    Echelon raid) no-one willing to accept another candid U.S. camera 
    trick.  Not even the U.K. would accept it.  And mix in that you also need 
    to row-up all network intrusion vendors. And I simply do not see guys like 
    Marcus Ranum (Network Flight Recorder) and Christopher Klaus (Internet 
    Security Systems), just to name my personal pick of the crop, agree with 
    compromising their product lines and future international sales. To top it 
    off, look at this from the user side as well. A program like SurfinShield 
    (Finjan) or Agnitum's Tauscan will take care of almost ANY Trojan. And, it 
    would be a good idea to start using Evidence Eliminator (the latest version 
    is here: http://www.evidence-eliminator.com/go.shtml?A660528 ) made by a 
    real neat Brit, Andy Churchill, who deserves to be complemented for his 
    efforts to contribute relentlessly to protect privacy of computer use.
    On MagicLantern.  MagicLantern, according to my reliable sources is a 
    derivative of the D.I.R.T. program (see http://www.codexdatasystems.com/ 
    for details). A by no means for the experienced network administrator 
    unbeatable, but nevertheless nifty pack of sleuth goodies, which do exactly 
    what is promised: remote keystroke logging.  Codexdatasystems provides the 
    software free of charge to law enforcement, so it's beyond the likely stage 
    that the FBI didn't study it, and hence after some de-compilation made it 
    more tailor-made, so to speak.  You'd be utterly surprised to learn what 
    can be done and seen if you mix in the latest version of Network 
    Observations, and use remote installed nodes.  By the way, Jack Valenti ( 
    the movie mogul ) attempted to legally incorporate DIRT applications in the 
    latest digital music trivia battle.  Not too long ago I saw a remark from 
    John Young passing by, mentioning this.
      with regards / stringing along
    Jack Ryan, PhD
    research editor
    Internet Security Review
    POLITECH -- Declan McCullagh's politics and technology mailing list
    You may redistribute this message freely if you include this notice.
    Declan McCullagh's photographs are at http://www.mccullagh.org/
    To subscribe to Politech: http://www.politechbot.com/info/subscribe.html
    This message is archived at http://www.politechbot.com/

    This archive was generated by hypermail 2b30 : Wed Nov 28 2001 - 05:07:35 PST