Symantec sells security software including: Norton Antivirus Symantec Intruder Alert Symantec NetProwler 3.5 Symantec AntiVirus Enterprise Edition Symantec AntiVirus Command Line Scanner 1.0 Symantec Desktop Firewall 2.0 Symantec Enterprise Firewall 6.5 Symantec Enterprise VPN 6.5 Symantec Enterprise Security Manager 5.5 Symantec NetRecon 3.5 ********* Date: Wed, 28 Nov 2001 12:47:21 +0100 To: declanat_private From: Maurice Wessling <mauriceat_private> Subject: Symantec will not detect Magic Lantern http://www.theregister.co.uk/content/55/23057.html Eric Chien, chief researcher at Symantec's antivirus research lab, said that provided a hypothetical keystroke logging tool was used only by the FBI, then Symantec would avoid updating its antivirus tools to detect such a Trojan. The security firm is yet to hear back from the FBI on its enquiries about Magic Lantern but it already has a policy on the matter. "If it was under the control of the FBI, with appropriate technical safeguards in place to prevent possible misuse, and nobody else used it - we wouldn't detect it," said Chien. "However we would detect modified versions that might be used by hackers." ********* Date: Wed, 28 Nov 2001 00:57:28 -0500 To: politechat_private From: red <redat_private> Subject: FC: McAfee broadens denial: No contact with government of any sort Cc: declanat_private, tbridisat_private Declan, et al. I believe it to be impossible that McAfee would build-in some sort of mechanism that would enable an authority to remotely allow keystroke logging. Not because this would technically be inconceivable - I believe it is, and I believe it is done as well -, but merely because of the international ramifications such construct would bring along. NAI, and McAfee.com certainly look forward to a more prosperous financial year. And they do their best to accomplish that. This company simply cannot afford under its new leadership to see its overseas competition (as F-Secure, Sophos and others) eat away their international market share. If McAfee.com/NAI would entertain what was said, this would be quite possibly the end of the company, as their international revenue would halt almost instantly. The impact would be felt in all NAI products. And then with so many a.v. manufacturers, they'd still only cover those who'd agreed to do this. The possibility of an embarrassing leak would be a federal disaster. Come to mind that none of the foreign owned a.v.'s would go along. Although it might be seen that way by some, this would not be a "home land" security issue, sec. It would impact almost all foreign nations. E.g. the EU would start stripping Mr. Mueller's pants down so fast, he even wouldn't have known he has 'em on. There's under the current EU regime (after the first Echelon raid) no-one willing to accept another candid U.S. camera trick. Not even the U.K. would accept it. And mix in that you also need to row-up all network intrusion vendors. And I simply do not see guys like Marcus Ranum (Network Flight Recorder) and Christopher Klaus (Internet Security Systems), just to name my personal pick of the crop, agree with compromising their product lines and future international sales. To top it off, look at this from the user side as well. A program like SurfinShield (Finjan) or Agnitum's Tauscan will take care of almost ANY Trojan. And, it would be a good idea to start using Evidence Eliminator (the latest version is here: http://www.evidence-eliminator.com/go.shtml?A660528 ) made by a real neat Brit, Andy Churchill, who deserves to be complemented for his efforts to contribute relentlessly to protect privacy of computer use. On MagicLantern. MagicLantern, according to my reliable sources is a derivative of the D.I.R.T. program (see http://www.codexdatasystems.com/ for details). A by no means for the experienced network administrator unbeatable, but nevertheless nifty pack of sleuth goodies, which do exactly what is promised: remote keystroke logging. Codexdatasystems provides the software free of charge to law enforcement, so it's beyond the likely stage that the FBI didn't study it, and hence after some de-compilation made it more tailor-made, so to speak. You'd be utterly surprised to learn what can be done and seen if you mix in the latest version of Network Observations, and use remote installed nodes. By the way, Jack Valenti ( the movie mogul ) attempted to legally incorporate DIRT applications in the latest digital music trivia battle. Not too long ago I saw a remark from John Young passing by, mentioning this. with regards / stringing along Jack Jack Ryan, PhD research editor Internet Security Review ********* ------------------------------------------------------------------------- POLITECH -- Declan McCullagh's politics and technology mailing list You may redistribute this message freely if you include this notice. Declan McCullagh's photographs are at http://www.mccullagh.org/ To subscribe to Politech: http://www.politechbot.com/info/subscribe.html This message is archived at http://www.politechbot.com/ -------------------------------------------------------------------------
This archive was generated by hypermail 2b30 : Wed Nov 28 2001 - 05:07:35 PST