Slashdot Mirror

← Back to Stories (view on slashdot.org)

Enhanced Carnivore To Crack Encryption Via Virus

Posted by timothy on from the trust-us-once-again-ma'am dept.

suqur writes: "MSNBC has a story about a new Carnivore feature, dubbed 'Magic Lantern,' which arrives on a victim's computer in the form of a virus through email or well-known vulnerabilities. Magic Lantern uses keylogging to extract keys typed in, and sends them off to the FBI. This is similar to a story reported on previously, but taken one step further, allowing computers to be compromised remotely."

17 of 522 comments (clear)

  1. Legal? by aridhol · · Score: 5, Insightful

    Does this mean it will now be illegal to use a secure system? Having any type of security/virus protection will be circumvention of law-enforcing software.

    And what happens if this "happens" to get installed on a foreign government's computer? Can we say "espionage"?

    --
    I can't say that I don't give a fuck. I've just run out of fuck to give.
    1. Re:Legal? by statusbar · · Score: 5, Insightful

      More importantly, will it be illegal for Symantec to modify Norton Anti-Virus to block it?

      IF they do eventually make it illegal to block the virus then 'terrorist virus writers' can be guaranteed a hole in every system.

      And it is not far-fetched that they would make it illegal to block it. For instance, it is illegal to wear a bullet-proof vest if you are in a situation where the police want to shoot you.

      --jeff

      --
      ipv6 is my vpn
    2. Re:Legal? by Felinoid · · Score: 5, Insightful

      Additionally what happends to ISPs and SysAdmin who automaticly filter e-mail viruses.
      Could someone go to jail simply for NOT running an e-mail virus?
      Could Microsoft, RedHat, Apple or Sun get in trubble for fixing a defect?
      Could the government ask Microsoft to install a back door then on descovery when Symantic patches Windows to CLOSE the back door or if BugTrap discovers it and a third party patches it.. Would the government sue for discovery or patch?

      And Linux hacks have been known to exist that (for security reasons) pretend to be known Windows back doors to employ known defects in script kiddy toolkits.
      The defects themselfs could be easy to discover just in the way the backdoor works.. "Ahh here the script kiddy has a file reception system were I can send ANY file I want... any size.. oh and a typical redundency compression system.... Let's see compression code.. repeate "0" for 16 gig.. ok thats 6 bytes than expand into 16 gig.. He's dead.."

      On the inverse...
      "In todays news known terrorist Al Be Dumbby was set free on a legal technicallity.
      The terrorist group 'born stupid' is now counter suing for infecting Al Be Dumbbys computer...
      Many suggest this lawsute is an act of intelegence and disproves the groups contention that the terrorists have an inherent right to be stupid.
      Others point out had Al Be Dumbby not clicked on the virus or used Windows to start with this wouldn't be an issue"

      --
      I don't actually exist.
    3. Re:Legal? by trilucid · · Score: 5, Interesting


      I don't think it'll be illegal to use a secure system due to this, but I *do* think they're really asking for trouble if this thing "flies".

      WARNING: The remainder of this post may in fact be advocating "terrorism" under the new definitions put forth by the U.S. gov with respect to "computer crimes". Why am I logged in? Because, quite simply, they can kiss my A$$.

      Do you really think tens thousands of server admins would let this go without retribution? I for one sure as hell wouldn't. Invasion of my servers is, in my book, precisely the same as invading my home (maybe even worse). Okay, so how do we fix their little red wagon?

      Go HoneyPot on their asses. Set up a bunch up of machines all over the place to get compromised, and have firewall software monitoring the destination of the nasty outgoing packets. From there, use a P2P model to distribute the destinations of such data, and D-E-N-Y the living hell out of their servers. For added flair, you could always include repetitious, highly profane strings in your denial actions (use your imagination).

      I would especially advocate this concept for all technies living in various foreign nations whose citizens might get "bugged" by the our wonderful boys in blue. Yes, I am openly advocating retaliatory strikes against this sort of disgusting behavior.

      And I think it's damned well warranted. :(

      Web hosting by geeks, for geeks. Now starting at $4/month (USD)!
      Yes, this is my protest to the sig char limit :).

  2. AV software. by nate1138 · · Score: 5, Insightful

    What are the odds that antivirus software could be updated to find this virus? It obviously couldn't be cross-platform either. And if the gov't somehow manages to pressure a/v companies into not including it in virus defs, what would happen if some malicious kiddie got hold of the code, and unleashed a much more destructive version, knowing full well that most machines were not protected? Who would be liable in that case?

    --
    Where's my lobbyist? Right here.
  3. In other news... by Violet+Null · · Score: 5, Funny

    In other news today, the FBI was arrested en masse for violating numerous newly legislated anti-terrorist laws prohibiting compromising remote computers...

  4. This only works if.... by intensity · · Score: 5, Funny

    a) The FBI kicks in your door and installs Outlook

    b) You always open email with the subject "Snow White and the 7 FBI Agents"

    c) You run the attachment called "FBILOVESYOU.VBS" (and you run Windows, Outlook, etc)

    Blah, dumb communist FBI

    --
    Abuse my rationalization of rhetoric as either metaphor or monotomy.
  5. Way to go, FBI! by fobbman · · Score: 5, Funny

    Thanks to the FBI, a whole new market is now being pushed into exploring the world of alternative operating systems.

    Talk about a boon to the Open Source movement! Show the people (not just the bad guys) that Microsoft's numerous vulnerabilities can be used by Big Brother to monitor them. I can't think of a better way to boost Linux distro sales.

  6. DCMA violation? by Anonymous Coward · · Score: 5, Funny

    The first thing that comes to mind is a flagrant violation of the DCMA.
    How does the government expect to work around this one? There are so many things that can go wrong...

    1. Probably OS-dependent. Remember: virii for one platform (i.e., Win) will probably not work for others. That was not hard to get around

    2. Human link involved. This virus will presumably be propagated via email, or some other form of trojan. Those who tend to use encryption tend to block this type of thing from happening to their machine anyway. Yet another reason not to open email/attachments from an addresser named "CIA" :P. That was easy to get around.

    3. Network link involved. Those who use encryption are usually savvy enough to detect extra packets flying from their machine to some unknown address, which would easily be identified in a reverse-lookup.

    My goodness, they are getting desperate, aren't they.

  7. Virus Email by mESSDan · · Score: 5, Funny
    The virus can be sent to the suspect via e-mail -- perhaps sent for the FBI by a trusted friend or relative. The FBI can also use common vulnerabilities to break into a suspect's computer and insert Magic Lantern, the source said.
    Email Template:

    From: Bill@Slashdot.org
    To: Fred@Slashdot.org

    Subject: Magic Lantern.doc.pif

    Hi! How are you?

    I send you this file in order to have your advice.

    See you later. Thanks
    --

    -- Dan
  8. Re:Encryption program name by mikeee · · Score: 5, Funny

    Better yet, rename it 'Quake', so you'll get better 3D acceleration for your PGP.

  9. You have got to be kidding. by Elwood+P+Dowd · · Score: 5, Funny
    I'm sure that this is (-1, Redundant) by now, but...

    Are there any cases involving damage done to personal property in eavesdropping operations? That is, legal taps? Any lawyers here? I gotta imagine that this would be a very very dangerous thing for the government to get into. Not only could it cause damage to personal property, but if the suspect is smart enough to encrypt their stuff, they're going to be smart enough to know when they've been h4x0red by an email virus.

    This story makes a lot more sense if you remove every reference to "our sources" and replace it with "my little brother."
    "The FBI is developing software capable of inserting a computer virus onto a suspect's machine and obtaining encryption keys, my little brother told MSNBC.com."
    I believe *that*.
    --

    There are no trails. There are no trees out here.
  10. Re:Encryption Security by Tackhead · · Score: 5, Insightful
    > Extra bonus points if the entire operating system and software suite on the encryption machine lives on read only media, such as a CD-Rom.

    Remember Ken Thompson's hack! You only get the bonus points if you compiled the OS (and CD-ROM burning software) from source on a compiler you wrote yourself ;-)

  11. Don't rename it Quake! by roystgnr · · Score: 5, Funny

    After it's renamed and loaded with the ATI drivers, PGP will encrypt things twice as fast, but side-by-side inspection will reveal it's algorithm to have switched to XOR.

  12. They sent it to me! by camusflage · · Score: 5, Funny

    I received an email with the subject "Good Times", and I opened it. My browser popped open, and sent me to a site that had the headline, "See what really happens 'behind closed doors' when John Ashcroft and George Bush get together." My firewall picked up something weird, but I don't know anything about that, because I was already getting ready to format my disk.

    --
    The truth about Scientology, Xenu, and you: Operation Clambake
  13. Re:Short Answer: Yes by interiot · · Score: 5, Interesting

    Even easier: use an encryption program that their virus doesn't know how to sniff yet. Their virus doesn't sniff all keystrokes (yet), just for specific encyrption programs. You don't even necessary need to change encryption schemes, just use a different front-end for typing in your password.

  14. Easier Than I Thought by Puk · · Score: 5, Insightful

    At first I thought that this was just stupid, because no one running a reasonably secure system, keeping up to date with the latest patches, etc, would be caught by it. But then I thought: why rely on already known (and fixed) and other yet undiscovered holes, when you can roll your own?

    recently seen in #anti-trust:
    *** BillG is now known as GMoney ***
    <GMoney> How can we get out of this DOJ crap?
    <FBI> I have this "security patch" I'd like you to distributed through Windows Update. Say it fixes some hole using malformed URLs in IE5 and IE6. No one will blink twice. I'm not even sure most XP users can read.
    <GMoney> Will you put in a good word for me with the DOJ?
    <FBI> Sure.
    <FBI> DOJ: Let Microsoft go scott-free, or I post incriminating pictures of John Ahscroft and Hilary Rosen to usenet.
    <DOJ> Rokie dokie, baws.
    GMoney laughs maniacally.
    FBI laughs maniacally.
    DOJ tries to laugh maniacally, but chokes on the pencil eraser he was chewing.

    *poof*. Insta-hole. Security patches are worthless if you can't trust the source. And yes, this wouldn't work with non-MS OSes, especially decentralized open source ones. I hope.

    -Puk