[Politech logo]

Politech is the oldest Internet resource devoted to politics and technology. Launched in 1994 by Declan McCullagh, the mailing list has chronicled the growing intersection of culture, technology, politics, and law. Since 2000, so has the Politech web site.

McAfee broadens denial: No contact with government of any sort

Here's an email exchange I had with Tony Thompson (Tony_Thompson@nai.com, 
408 346-3696), a spokesman for McAfee/Network Associates. I asked him:

>My followup question is: Is Network Associates/McAfee aware of any other
>companies or organizations that have had any contact of any sort with the
>FBI or other law enforcement or intelligence agencies regarding Magic
>Lantern or a product with capabilities it is reported to have? How about
>trade associations to which NAI/McAfee belongs? How about broadening the
>question to include any government agency or contractor or affiliate?

Tony replied:

>No, we are not.

I added:

>Tony, thanks, much obliged. I just noticed my question didn't include you
>folks directly. Can you assure me that Network Associates/McAfee has not
>had any contact with any law enforcement or intelligence agencies or other
>government entities including Congress or the White House about Magic
>Lantern or a product with capabilities it is reported to have?

Tony replied:
>You are correct.  We have not.

He didn't say anything I left out -- that's the entirety of his answers.





To: Marisa_Lewis@mcafee.com
cc: politech@politechbot.com, tbridis@ap.org, declan@well.com
Cc: ah@well.com, gnu@toad.com
Subject: Re: FC: McAfee replies -- by denying any FBI contacts of any sort
Date: Mon, 26 Nov 2001 15:43:03 -0800
From: John Gilmore <gnu@toad.com>

Hi Marisa, speaking for McAfee.  Your answer makes me wonder about how
your company seems to be interpreting US the law.  And you forgot the
most important point, which is serving your customers; I can see why
they might worry.

 > 4.  Network Associates/McAfee.com Corporation does and will continue to
 > comply with any and all U.S. laws and legislation.

It is not illegal in the US for a software product to report that
software has been inserted secretly into a system, even if the
secretly inserted software was from the FBI under a wiretap warrant.
If you believe otherwise, show me what provision of law would be violated.

In your list of points for the press, you forgot the most important

  5.  Network Associates/McAfee.com anti-virus products will continue to
  protect our customers' computers from *any* program that intrudes into
  their system against the desires or without the knowledge of our customer.

Will your European customers be able to detect official US spyware,
since US law has no force in Europe, but your US customers be denied
that capability?  Will your US customers be able to detect European
governments' spyware?  When the French government installs spyware on
US machines at Chrysler, Ford and GM, for Renault's benefit, will you
be protecting these companies -- or looking the other way?  When
Palestinian activists acquire the US and French spyware (from their
own computers that were infected by wiretappers from the US and
France), then install it on Japanese computers and use it to wreak
havoc on the Japanese financial markets, will your product be lying to
its Japanese customers?  Would you be liable if so?  Legally, or
merely in the public mind?  Would you have thereby become a supporter
of terrorism?

If the company decides that your company's software will lie about the
presence of "legitimate" spyware from "legitimate" countries'
governments, what will you do when such countries change governments?
Would your software now be protecting Poles from old USSR spyware, but
not from more modern Russian spyware?  If the State of Arizona decides
to write their own spyware, can they get it onto your protected list
too?  How about the City of Berkeley, or the Bay Area Water Quality
Management District?  Will whoever hijacks an election in Latin
America be able to slide with impunity into any computer worldwide,
after a short discussion with your company to have their spyware added
to the "legitimate" list?  When the PRI lost the Mexican election,
would your next release suddenly reveal the extent of PRI spying on
its opposition?  Would your software protect Democratic Party HQ
from Richard Nixon's "plumbers"?  Before or after the impeachment?

As soon as your company steps away from "We protect our customers
against *everybody* else", you are in a morass whose depth you
do not suspect.

         John Gilmore
         (a former stockholder of PGP Inc, acquired by Network Associates)


From: Richard M. Smith [mailto:rms@computerbytesman.com]
Sent: Monday, November 26, 2001 8:36 AM
To: politech@politechbot.com
Cc: press@mcafee.com; InvestorRelations@mcafee.com
Subject: RE: McAfee sides with FBI against customers on "Magic Lantern"


Anti-virus (AV) software typically use file signatures to detect viruses
and Trojan horses.  For this scheme to work to detect Magic Lantern, an
AV company like McAfee would need a copy of the FBI's software.  I
seriously doubt that the FBI is going to be giving out samples of their
software for anyone to look at any time soon.

It will be interesting to see if the Magic Lantern becomes publicly
available anyway.  I bet there is going to be a lot of people looking
for it.

On a related note, about 2 years ago I informally floated the idea that
AV companies should be looking to see if customers are running software
with known security holes.  The same AV engine which looks for viruses
can easily locate broken software.  My idea got a very luke-warm
reception.  It seems that the AV companies were real reluctant to point
fingers at other software companies like Microsoft.

Richard M. Smith


Date: Mon, 26 Nov 2001 15:48:37 -0600 (CST)
From: Boris Kupershmidt <bkupersh@utsi.edu>
To: Declan McCullagh <declan@well.com>
Subject: Re: FC: McAfee replies -- by denying any FBI contacts of any sort

Read carefully, this very Clintonesque quasi-denial
doesn't deny the report.
  1)"McAfee Corp., contacted the FBI on Wednesday to ensure its software
wouldn't inadvertently detect the bureau's snooping software and alert a
criminal suspect." This is the AP report.
  2)The company says:
  1.  Network Associates/McAfee.com Corporation has not contacted the FBI,
nor has the FBI contacted NAI/McAfee.com Corp., regarding Magic Lantern.
  2.  We do not expect the FBI to contact Network Associates/McAfee.com
  Corporation regarding Magic Lantern.
  3.  Network Associates/McAfee.com Corp. is not going to speculate on
Magic Lantern as it's existence has not even been confirmed by the FBI or any
  government agency.

In other words, nothing is said or denied about anything that is not
Magic Lantern.
  The report is thus likely to be true.
  The company is now actively lying, provided we agree what the
meaning of "is" is.

  4.  Network Associates/McAfee.com Corporation does and will continue to
  comply with any and all U.S. laws and legislation.

So, the company has chosen sides, with the government against
its customers.

  Cheers, Boris.


Date: Mon, 26 Nov 2001 13:32:42 -0800
From: "G. Armour Van Horn" <vanhorn@whidbey.com>
To: declan@well.com
CC: brett@lariat.org, press@mcafee.com, InvestorRelations@mcafee.com
Subject: Re: FC: McAfee sides with FBI against customers on "Magic Lantern"


While hardly as influential a force in the marketplace as Declan or Brett, I do
consult with a modest set of clients and assist with ongoing support for their
networks. In that capacity I probably have been responsible directly for two or
three new licenses for the McAfee antivirus program every month for the 
last few
years. I reached the conclusion that your product did a thorough job and was
easy enough to use for the end users, most of whom are real estate agents with
no real interest in becoming system administrators. When asked, or when an
infection prompted us to act, I would install your product.

As of last Wednesday, this tiny trickle of new business ended. To be trusted on
systems I work with any intrusion-detection product must perform as advertised
without any exceptions. Your virus scanner must detect and remove infections
caused by malicious individuals, your own company, other software vendors, or
any government on earth.

Unless you can assure me that your program will not be crippled in this regard,
and I am concerned both with the direct intrusion of governments and the risk
that others will slide through whatever back door you might open for a
government or commercial entity, there will not only be no additional
installations but I will strongly recommend that my clients upgrade to a more
reliable product at the end of the current license.

G. Armour Van Horn
Freeland, Washington


Date: Tue, 27 Nov 2001 01:26:54 -0500
To: declan@well.com
From: "Robert L. Ellis" <rellis@internet-attorneys.com>
Subject: Translation of German article


McAfee denies report about cooperation with FBI

A spokesperson of the McAfee parent company Network Associates has denied 
reports in the Washington Post according to which McAfee supposedly offered 
to not indicate the presence of' the FBI snooping tool Magic Lantern 
through its anti-virus software.  Network Associates spokesperson Alexander 
Wegner explained to heise online that such a report in the Washington Post 
did not correspond with the truth, [and that] it could not be determined 
who had spoken with the paper.

Magic Lantern -- according to an MSNBC report last week citing 
well-informed sources -- is supposed to expand the email surveillance by 
the controversial snooping program Carnivore.  The program is supposed to 
be surreptitiously delivered to the unknowing user via email where it 
installs a key logger that become active if encryption software is 
activated on the target PC.   The Washington Post had reported [that] "at 
least one anti-virus firm, McAfee," had contacted the FBI in order to 
ensure that the firm's anti-virus software would not "mistakenly" detect 
the snooping trojan [software] and thus warn criminals of the surveillance.

Wagner sharply denied this description:  "We are not interested in what the 
FBI does," he stated to heise online.  "We write software which detects 
malicious code.  If a trojan or a virus is present on the system, it will 
be reported.  McAfee makes no exceptions."


Date: Mon, 26 Nov 2001 21:10:36 -0600
To: declan@well.com
From: "Randal J. King" <rjking@vtechnology.com>
Subject: Re: FC: McAfee replies -- by denying any FBI contacts of any

>From: "Lewis, Marisa" <Marisa_Lewis@mcafee.com>
>To: "'Declan McCullagh'" <declan@well.com>
>  <snip>
>4.  Network Associates/McAfee.com Corporation does and will continue to
>comply with any and all U.S. laws and legislation.

Simple enough.  Congress rules that Magic Lantern is part and parcel of the 
provisions of homeland security and requires A/V manufacturers to 
explicitly exclude its detection.

Sounds like NAI (a) either anticipates this or (b) is sending a message on 
how this can get done.

Question:  If such a law were to hit the books, would I be in violation for 
writing my own personal detection software and installing it?  What if I 
gave it to a few thousand friends free of charge?

Anyone ready to go back to pulse dialing and O26 keypunch cards?

-- Randy King


Date: Tue, 27 Nov 2001 11:24:59 +1100
From: Nathan Cochrane <ncochrane@theage.fairfax.com.au>
Reply-To: ncochrane@theage.fairfax.com.au
Organization: The Age newspaper
To: declan@well.com
Subject: Re: FC: McAfee replies -- by denying any FBI contacts of any sort

It's like Asimov's three laws of robotics.

So if the US Government tells McAfee to pass the scan, McAfee will.


Date: Mon, 26 Nov 2001 17:52:12 -0600 (CST)
From: Zippy <sjdyer@cs.twsu.edu>
To: Marisa_Lewis@mcafee.com
cc: declan@well.com
Subject: Re: FC: Has McAfee sided with FBI on "Magic Lantern" detection?

How about actually giving us a clear statement that NAI will not--not now,
nor in the the future--engineer its software to overlook inconvenient
government mischief? If the below is true, your German colleagues have had
no such problem in doing so. What gives?


POLITECH -- Declan McCullagh's politics and technology mailing list
You may redistribute this message freely if you include this notice.
Declan McCullagh's photographs are at http://www.mccullagh.org/
To subscribe to Politech: http://www.politechbot.com/info/subscribe.html
This message is archived at http://www.politechbot.com/

Enter your email address to join Politech, Declan McCullagh's moderated technology and politics announcement list:

Return to politechbot.com