Slashback: Petdom, Denial, Confusion

Slashback tonight features updates (below) on Aibo hacking (a rare bit of good news on the technical freedom front), some not-great information for excite@home users concerned about the looming darkness, a strange update in the FBI/Magic Lantern story, and more. Only Carnivore operators will know the truth. elem writes "McAfee has now come on the record and has denied contact with the FBI about the 'Magic Lantern' Project.

In an e-mail to Declan McCullagh which has also been posted on his PoliTech mailing list McAfee said the following:

"Dear Sir/Madam:

1. Network Associates/McAfee.com Corporation has not contacted the FBI, nor has the FBI contacted NAI/McAfee.com Corp., regarding Magic Lantern.
2. We do not expect the FBI to contact Network Associates/McAfee.com Corporation regarding Magic Lantern.
3. Network Associates/McAfee.com Corp. is not going to speculate on Magic Lantern as its existence has not even been confirmed by the FBI or any government agency.
4. Network Associates/McAfee.com Corporation does and will continue
   to comply with any and all U.S. laws and legislation.

Regards,
Marisa Lewis
Investor Relations Manager
McAfee.com Corporation
NASDAQ: MCAF
535 Oakmead Parkway
Sunnyvale, CA 94085
408-992-8100 phone
408-720-8450 fax
www.mcafee.com"

In a subsquent post AP reporter Ted Bridis responed by saying: "I stand by my reporting for the AP. This information came from a senior company officer. I won't identify this person in this post because I've been unable to reach this person by phone or e-mail since the flap erupted."

He also noted that McAfee never specificly denied that they might write such allowances (for Magic Lantern) into their software, it just says that they have yet to have been asked to.

Original story on slashdot and Politech with follow ups

McAfee's Response and Ted Bridis' response"

Rethinking is always a good idea. javester writes: "Sony has come to its senses and has struck a deal with AIBOPET, after the fan site was shut down when Sony's lawyers came calling last week of October.

Way to go Sony and AIBOPET!!!! More power to both of you for finding a compromise where everybody wins! Hopefully, other parties having DMCA tussles follow Sony's and AIBOPET's example, and have more constructive discussions instead of legal suits galore."

Penguin cause pollution. x136 writes "I saw this on my local Fox affiliate, but found a link on LinuxWorld. IBM has been fined again for spraypainting their blue "Peace, Love & Linux" logo, this time on the streets of San Francisco. The bill? $120,000. First Chicago, then San Francisco ... Who thought this was a good idea in the first place?"

Well, I thought the giant murals in NYC were great, but the sidewalk idea strikes me as IBM playing Brewster's Millions with the billion dollars they pledged to spend on Linux.

Out of the freezer and into the blizzard ... An Anonymous Coward writes "Comcast has decided to offer a backup plan in case their cable modem's die due to Excite@Home's bankruptcy. Good thought but the backup is NetZero. Gee thanks Comcast. Here is a link to their Service Interruption FAQ. http://www.comcastonline.com/info.htm"

Make it obfuscated, but make it snappy. Rosco P. Coltrane writes "If you haven't submitted your program(s) to the International Obfuscated C Code Contest, now is the time : the deadline is December 1st, 2001, there is only two days left !"

Comcast should know better.

[thesolo]

Although I recently posted about the fact that Comcast has been ready for the switch for some time now, they of all people should know better than to try to force their users onto NetZero.

The worst part of the whole deal is that you STILL only have 10 free hours of usage, despite NetZero being their backup. You would think that Comcast would at least have struck a deal so you would get more than 10 hours of time. If their network goes down, I doubt it will be back up in 10 hours. They have had individual outages that lasted longer. On top of that, many @Home users don't have standard modems in their computer--why should they? They never needed them with their nifty cable service!

I'm still hoping that Comcast will be up and running tomorrow (they have been trying to run the show on their own for some time), but who knows? At this point, I'll just hope for the best. If I'm posting tomorrow, all is well in Comcast Cable Land. :)

Re:Magic Lantern: Big effing deal.

[Matthew+Weigel]

The big deal, really, is that the FBI shouldn't be writing virii. Either they politely ask, 'can we violate your security,' or they politely ask, 'can we break into your home.' "Cloak and dagger" should not be their MO, "implicit permission" is unacceptable.

Carefully worded denial?

[Ldir]

Network Associates/McAfee.com Corporation has not contacted the FBI, nor has the FBI contacted NAI/McAfee.com Corp., regarding Magic Lantern.

Note that this doesn't deny that another US agency has contacted Network Associates, nor does it deny that the FBI has contacted them about software named something other than "Magic Lantern" (a bug by any other name would still capture your keystrokes, or something like that). NAI may be telling the truth, strictly speaking. One can only speculate whether they're telling the whole truth.

----

I didn't used to be so cynical, but then I learned to read, and to watch the news. The US government has earned our distrust through years of deception and denial. The sad part is that the good, honest, hard-working law enforcement people (which is most of them) are tainted by the abuses of the few.

Re:Magic Lantern: Big effing deal.

[Silver222]

Of course "implicit permission" is enough. After all, we are fighting terroists here. They use the internet to communicate. Those filthy bastards are even using porno to communicate, and we can't see it! Every red blooded American should be proud of the FBI.

There, I've just taken care of the stupid argument. Can everyone else please refrain from saying, "If you've got nothing to hide, what are you worried about?" This system will be abused by the FBI. It's just a matter of time.

the big deal is

[vscjoe]

This is a slippery slope. The problem isn't that the government is using a virus, the problem is that they may be seeking accomodation from commercial software. If that thinking prevails, you may eventually not be permitted to run other security software, or you may be required to run an operating system with a back door.

So, the FBI can hack all they want. It is at specifially accomodating that hacking where we need to draw the line.

McAffee or PGP or BlackICE?

[RobertGraham]

It would be pointless for the FBI to contact anti-virus vendors: anti-virus programs cannot detect Magic Lantern, they can only detect widespread viruses.

On the other hand, the FBI would be interested in contacting the PGP division. PGP 6.0.2 (and above) defeats keyloggers. E.g. if you were infected with the BadTrans.B virus/worm and you used PGP to encrypt your files, the h4x0r would not discover your passwords. (And yes, I've tried it.). [BTW, this is why 6.0.2 didn't work well on Win2k, PGP installs a keybaord sniffing driver to accomplish this trick, and it wasn't compatible with Win2k power management].

Host-based IDS (e.g. BlackICE) will likely detect Magic Lantern. The next version of BlackICE will detect the keyloggers like that in BadTrans or trojans like SubSeven. Unless Magic Lantern is a complete departure from today's technology, such an IDS will likely pick it up. I've already got a keylogger detection system up and running on my machine (now I need to test the darn thing on all versions of Windows).

An interesting sidenote, BadTrans is exactly what Magic Lantern wants to be. It could be a worm created by the FBI in order to hopefully catch some info about the 9/11 terrorists. Maybe it's an evil corporation out to find info on competitors.

Re:Excite@Home Customer Communication

[/dev/trash]

I am not happy about the current situtation since a fast (or somewhat fast) internet connection is now a necessary part of life.

Wow I wonder how my life is going on since I have a measly 56k.

Freedom dies a little at a time.

[Chasing+Amy]

The point is, NO YOU DON"T HAVE TO CLICK ON WHATEVER THE FBI SENDS YOU. Why don't you READ the bloody USA/PATRIOT stuff and what has been released so far of the FBI's "evil plans" before you waste our time?

The FBI is given carte-blanche to install spyware on your machine in any way they wish, without needing a search warrant (which takes a relatively high measure of cause to get) from a Court in your jurisdiction, but rather by getting a wiretap order (much lower showing of cause) from Any Court ANYWHERE. They don't even need to go to your jurisdiction to a real Court--they can go to any Court whatsoever, like for example a Mickey Mouse Court right down the street from FBI HQ where there's a judge who hands out orders like they're Tick-Tacs.

That in itself is troubling. They can pick any judge anywhere to ask for permission to hack anyone's box. I'm sure they already have a good working relationship with judges who'd give them anything. Jurisdiction is there to protect you from judges like that. But not any more.

And the FBI can get their spyware onto your machine by any electronic means, including by exploiting any security vulnerability there is to get the conde on your box. Remember the bad root exploit that was revealed a few days ago for Linux? You can bet the FBI is subscribing to every bug track list and logging exploits they can use as they come up, so that they'll know how to break into your computer before you even know what the security flaw is and how to patch it. So, it isn't just stupid people who run foreign executables who are hackable. It's everyone.

Now, combine all that with what the FBI has done in the recent past, like getting a warrant and a gag order against the Independent Media Center to seize all their logs so that they could trace users who reported on the Canadian police report on how to deal with WTO protestors that someone had lifted from an unattended car in Canada, and interrogate them for the Mounties to try to find the guy who did it. Oh, and the IMC would have been unable to inform anyone of the order, and that visitors to the site were being logged and monitored by the FBI.

Now, that order was reversed the very next day by a real judge who actually knew what the Bill of Rights means. But with these new laws and regs, the FBI doesn't even have to tell anyone that an order ever existed in the first place. There's no real oversight, and no chance for an order to be overturned or deemed fraudulent or unconstitutionally vague or overbroad or just plains wrong. Today, the FBI would simply handle the above IMC freedom of press/speech "problem" like this: they'd go to the chambers of Judge Unconstitutional next door, get an order to install spyware on the IMC web server so that they can retrieve the logs they want and monitor any connections which might be from the user they want, and then go down a list of known exploits--some of which probably won't have been announced yet and won't have patches at all--until they get their software onto the IMC's server. Then they get their logs, and monitor connections--and of course if anyone talks about any protest plans that may be questionable to the FBI while the spyware is installed, then hey, it's in plain sight during an investigation which required them to view server logs. And even if it isn't, who cares--the FBI isn't known for their oppenness and honesty; they'll use the information to find or manufacture a legally more acceptable excuse for going after their new suspect. Their new suspect who was just exercising his right to free speech and his right to peaceably assemble to ask the government for redress, BTW.

As you can see, the potential for this legislation goes far beyond just logging keystrokes to get PGP passwords of terrorist suspects. Right now, that's what the FBI has publicly disclosed about Magic Lantern. What they haven't disclosed could well be the cababilities to remotely access the whole system to do things like what I outlined above. Remember that when the Carnivore documents were initially released, the parts about Magic Lantern were blacked out. What makes you therefore think the FBI has told us everything about Magic Lantern now that its existence is no longer blacked out?

At any rate, if you read the new laws, they give the FBI the chance to do far more than sniff PGP keys. Knowing what we all know about the FBI, they are planning to exploit the law to its fullest. If Magic Lantern really is only a key logger, then you can bet they have another piece of software that's still classified to do the rest. And isn't a key logger bad enough as it is, since they now have the ability to get secret installation orders from any judge they choose at any kangaroo Court? That in itself can be used to access a lot more than your PGP keys, which is already an invasion. Every word you ever write on your computer could be theirs, and you'd never know it if they disguise their program well enough--have it replace your networking layer, let's say, so that for all intents and purposes it's indistinguisable from the processes that run whenever you're net-connected. What might any of us be suspect for? Going to the IMC website and posting our opinions or protest experiences? Running a site like the IMC, which might itself get bugged and logged thanks to a sympathetic judge? Again, the orders can be secret, so there's no real oversight.

We're on dangerous ground. I visit forums where people sometimes talk about illegal things, like borderline protest activities, or illicit datastreams, though I never do so and never do any illegal things (except maybe smoke cigars in public--what a country) myself. Does that mean my PC should be tagged, bagged, and monitored? The FBI probably thinks so. Anyone who'd even think of protesting must be a communist--if only we could tap 'em all like we did with the civil rights leaders in the 60s. Oh wait, now we can! Who needs J. Edgar Hoover, when you have thousands of FBI agents who are trained according to the methods he set up himself?

Re: 24000 dialup

[No+Such+Agency]

I dial up at 28.8 and it's not so bad. Granted, you have to do without seeing the latest movie trailers/Flash vids/pr0n clips, and _no_ Counterstrike, but overall it's remarkably tolerable. Still entirely possible to check web mail, telnet, surf the web with little frustration. You tend to be a little more picky about which web sites you visit: simple clean site design and minimal/no Flash or Javascript become definite merits. You _do_ end up watching a bit more TV, and even reading books. It's not so bad. Repeat after me, "fast internet access is not oxygen, I can do without it"... :-)

Re:Magic Lantern: Big effing deal.

[Zero__Kelvin]

"In the case of Magic Lantern, they'll do it from their office. It'll be up to the target to do the st00pid thing and run the executable. I can see an argument that by voluntarily running trojanned code, he gives up his right to security. "

You state earlier in the post that you don't see. I'm glad you understand that much. Now, by logical inference, I don't see why people think Osama bin Laden did anything wrong. After all, he just had his people enter the plane and hijacked them. I mean, we were the ones stupid enough to have the lapse security that allowed it, right?

Furthermore, do you think the government should cease prosecuting people who distribute trojan horses? What about rapists who enter unlocked dwellings to have their way with innocent woman? Aren't we all just asking for it?

"This is *not* a worm, nor is it a virus. That is, it doesn't try to spread to other computers over a network, nor through infecting files (remember, its goal is to *avoid* changing anything on the target system, to preserve the integrity of the evidence), so there's no risk of collateral damage."

Nope. It's a trojan horse, and the collateral damage done is to the US constitution. They clearly do want to change something on the target system, or else how would the program exist on it. The very act of installing the software changes the target system, and who is to say it won't also act as an agent for evidence planting? All of your arguments assume that the government is a benevolent system always out for the good of the people. This is a very dangerous minset in which to be. It is a danger not just to yourself, but to US all!