[Politech logo]

Politech is the oldest Internet resource devoted to politics and technology. Launched in 1994 by Declan McCullagh, the mailing list has chronicled the growing intersection of culture, technology, politics, and law. Since 2000, so has the Politech web site.

FBI reportedly creating "Magic Lantern" anti-crypto virus

[This has been talked about in tech circles for years; it's hardly 
suprising that the FBI would finally get around to creating such a beastie. 
Perhaps an enterprising netrepreneur will take the next step: Creating a 
"Secure PC" that would be proof against such an attack. Perhaps it would 
run a better OS than Windows (just about any would do) where programs have 
privileges, boot from fixed media like a CDROM that would require a 
physical break-in to alter, require a private key embedded in a keychain 
plugged in through a USB port to unlock the hard drive partitions where 
application data are stored, use a flatscreen monitor and certain default 
typefaces to limit TEMPEST emissions, include an Ethernet/serial port 
monitor that would try to detect suspicious outgoing packets, compute 
checksums every night on all executable and other relevant files, feature 
tamper-proof hardware that would leave a physical or virtual mark if opened 
by an intruder, be protected by a motion-activated videocam streaming 
images of intruders to secure offshore websites, and so on. Dedicated 
hardware that could not be accessed remotely could be hooked up to the SCSI 
chain and scan key files nightly for the same MD5 checksum as the night 
before. Or instead of a keychain, your crypto-key could be kept in your 
Palm, which through a serial link also could be used to offload crypto 
processing on hardware that's unlikely to be compromised. It's an 
interesting dual trend and arms race: Police turning to software to snoop 
on alleged miscreants, while counter-techniques are developing apace. My 
money's on the defense. --Declan]

---

From: "Geoff Gariepy" <geoff_gariepy@hotmail.com>
To: <declan@well.com>
Subject: FBI software cracks encryption wall
Date: Tue, 20 Nov 2001 14:24:21 -0500

FBI software cracks encryption wall

'Magic Lantern' part of new 'Enhanced Carnivore Project'

By Bob Sullivan
MSNBC

Nov. 20 - The FBI is developing software capable of inserting a computer
virus onto a suspect's machine and obtaining encryption keys, a source
familiar with the project told MSNBC.com. The software, known as "Magic
Lantern," enables agents to read data that had been scrambled, a tactic
often employed by criminals to hide information and evade law enforcement.

....
       MAGIC LANTERN installs so-called "keylogging" software on a suspect's
machine that is capable of capturing keystrokes typed on a computer. By
tracking exactly what a suspect types, critical encryption key information
can be gathered, and then transmitted back to the FBI, according to the
source, who requested anonymity.
        The virus can be sent to the suspect via e-mail - perhaps sent for
the FBI by a trusted friend or relative. The FBI can also use common
vulnerabilities to break into a suspect's computer and insert Magic Lantern,
the source said.

http://www.msnbc.com/news/660096.asp?0na=x21017M32




-------------------------------------------------------------------------
POLITECH -- Declan McCullagh's politics and technology mailing list
You may redistribute this message freely if you include this notice.
Declan McCullagh's photographs are at http://www.mccullagh.org/
To subscribe to Politech: http://www.politechbot.com/info/subscribe.html
This message is archived at http://www.politechbot.com/
-------------------------------------------------------------------------

Enter your email address to join Politech, Declan McCullagh's moderated technology and politics announcement list:

Return to politechbot.com