McAfee Will Ignore FBI Spyware

Drew writes: "The Washington Post is reporting on the FBI's new spyware called 'Magic Lantern.' According to their article, 'At least one antivirus software company, McAfee Corp., contacted the FBI on Wednesday to ensure its software wouldn't inadvertently detect the bureau's snooping software and alert a criminal suspect.' It is ridiculous that the software companies that are supposed to help us protect computers purposefully leave in loopholes for the FBI to operate their spyware."

Fucking Great

[Breakfast+Pants]

Now anyone can craft their virii to look like the FBI's brood and avoid detection alltogether.

Fabulous, I hope everyone feels safer already.

Is There a Difference?

[Knunov]

"McAfee Will Ignore FBI Spyware"

They've been ignoring viruses for years. Why change now?

;)

Knunov

Interesting Situation

[gibara]

This creates an interesting situation. As I understand it, virus detection programs use:

1) signatures -specific byte patterns which are searched for in files, and

2) heuristics - in this case algorithms which seek unlikely looking data to determine whether the user should be alerted to a possible intrusion attempt.

McAfee can of course omit signatures for this 'Magic Lantern' (ML) software from their database. However, in the case of the heuristics, avoiding user notification of ML requires either:

a) a weakening of the heuristic(s), presumably to such an extent that other viruses may penetrate the system or

b) the presence of a special signature in the McAfee software which (on recognizing ML) can 'override' the heuristic

Case (b) is interesting. If McAfee do this with a simple byte pattern search this will immediately provide viruses with a neat little 'binary tag' which permits them to evade McAfee's software

The alternative must be to use a cryptographic hash which can be used to identify ML but which cannot be readily forged by other virus code. Using this checksum technique also demands that the ML 'payload' remain unchanged. Very restrictive for code which needs to be stealthy.

But the most important side-effect of both of these techniques - and any others McAfee might choose to use, would be that it provides an easy route for developers to produce software which can check for ML.

In other words, McAfee cannot both provide useful levels of virus detection and avoid alerting the user to Magic Lantern without giving other developers a blueprint to locate it.

I'm going to vote with my dollars....

[Lawmeister]

and not purchase, nor recommend to anybody including my employer (2000+ PCs) McAfee's products. Or any other product that doesn't jive with what I want it to do.

Will be interesting to see what the marketplace thinks of this move when their stocks start trading again on Monday.

F-Prot isn't based in the States, and maybe they will provide the protection users want.

Trust is absolutely necessary to have democracy.

[Futurepower(tm)]

We need to protect ourselves vigorously from crime. However, creating secret agencies who are able to commit crimes themselves is not the way to protect ourselves.

Already there is a serious problem with people committing some destructive act and claiming it was done by the CIA or other U.S. government secret agency. There is no good defense against this, because people worldwide know that the U.S. government secret agencies routinely break the law. How could it be proven that the FBI, CIA, or NSA, or some other secret agency didn't do a particular crime?

The U.S. FBI, CIA, and NSA are now worldwide surveillance agencies. They are supported by Americans who are not allowed to know how much of their money is spent on surveillance. United States citizens are not allowed to know what the U.S. government secret agencies are doing, so they don't know if the agencies are doing things they would now support.

The people who work for the FBI are often not smart people. They don't realize that trust is absolutely necessary in a democracy. They have often in the past not shown understanding of the other needs of democracy. They have often acted like secret police. They often believe in killing or other ways of being destructive as a way of curing some ill in society.

Now they will be attacking computers like the criminals. They will say that they are doing it only to solve crimes, but it is socially impossible to control this kind of thing. Once the principle is established that a secret agency can break the law, there is in practice no limit to what some people in that agency might feel "justified" in doing. Consider your own experience. When has the boss had complete knowledge and complete control over the actions of employees? Never. A company's only good policy is to hire open and honest people and to encourage honesty and genuine caring.

The FBI's influence will mean that the U.S. taxpayer's money will become a powerful force in preserving security holes, instead of closing them. Generally, this kind of software has had holes of its own. You may be attacked by a cracker exploiting a security hole created by FBI software. Governments will detect FBI snooping software and feed the FBI erroneous information.

This is all support for people who like snooping and sneaking. It is not actually a way to reduce crime. It is for adults who like to treat the whole world as a video game. It is for the kind of people who think of themselves as James Bond, who like the idea of being able to kill other people legally.


How U.S. government policy contributed to terrorism: What should be the Response to Violence?