Slashback: Petdom, Denial, Confusion

Slashback tonight features updates (below) on Aibo hacking (a rare bit of good news on the technical freedom front), some not-great information for excite@home users concerned about the looming darkness, a strange update in the FBI/Magic Lantern story, and more. Only Carnivore operators will know the truth. elem writes "McAfee has now come on the record and has denied contact with the FBI about the 'Magic Lantern' Project.

In an e-mail to Declan McCullagh which has also been posted on his PoliTech mailing list McAfee said the following:

"Dear Sir/Madam:

1. Network Associates/McAfee.com Corporation has not contacted the FBI, nor has the FBI contacted NAI/McAfee.com Corp., regarding Magic Lantern.
2. We do not expect the FBI to contact Network Associates/McAfee.com Corporation regarding Magic Lantern.
3. Network Associates/McAfee.com Corp. is not going to speculate on Magic Lantern as its existence has not even been confirmed by the FBI or any government agency.
4. Network Associates/McAfee.com Corporation does and will continue
   to comply with any and all U.S. laws and legislation.

Regards,
Marisa Lewis
Investor Relations Manager
McAfee.com Corporation
NASDAQ: MCAF
535 Oakmead Parkway
Sunnyvale, CA 94085
408-992-8100 phone
408-720-8450 fax
www.mcafee.com"

In a subsquent post AP reporter Ted Bridis responed by saying: "I stand by my reporting for the AP. This information came from a senior company officer. I won't identify this person in this post because I've been unable to reach this person by phone or e-mail since the flap erupted."

He also noted that McAfee never specificly denied that they might write such allowances (for Magic Lantern) into their software, it just says that they have yet to have been asked to.

Original story on slashdot and Politech with follow ups

McAfee's Response and Ted Bridis' response"

Rethinking is always a good idea. javester writes: "Sony has come to its senses and has struck a deal with AIBOPET, after the fan site was shut down when Sony's lawyers came calling last week of October.

Way to go Sony and AIBOPET!!!! More power to both of you for finding a compromise where everybody wins! Hopefully, other parties having DMCA tussles follow Sony's and AIBOPET's example, and have more constructive discussions instead of legal suits galore."

Penguin cause pollution. x136 writes "I saw this on my local Fox affiliate, but found a link on LinuxWorld. IBM has been fined again for spraypainting their blue "Peace, Love & Linux" logo, this time on the streets of San Francisco. The bill? $120,000. First Chicago, then San Francisco ... Who thought this was a good idea in the first place?"

Well, I thought the giant murals in NYC were great, but the sidewalk idea strikes me as IBM playing Brewster's Millions with the billion dollars they pledged to spend on Linux.

Out of the freezer and into the blizzard ... An Anonymous Coward writes "Comcast has decided to offer a backup plan in case their cable modem's die due to Excite@Home's bankruptcy. Good thought but the backup is NetZero. Gee thanks Comcast. Here is a link to their Service Interruption FAQ. http://www.comcastonline.com/info.htm"

Make it obfuscated, but make it snappy. Rosco P. Coltrane writes "If you haven't submitted your program(s) to the International Obfuscated C Code Contest, now is the time : the deadline is December 1st, 2001, there is only two days left !"

A *real* ISP

[theantix]

Here is why my ISP is doing about the situation.

Excite @Home is the corporation that supports @home.com e-mail. It is operating in bankruptcy and it is unknown how long it will continue to support the @home.com e-mail. Over the last year Shaw has been building its own Data Centre to support e-mail, provisioning web space, etc. and given, the circumstances with Excite @Home, we are accelerating the migration of our customers over to our Shaw infrastructure which includes transitioning email addresses to @shaw.ca. We are asking our customers to complete an Email Quickstep process and then begin using their new @shaw.ca email address to ensure that impact is minimized in the event that the Excite@Home corporation is unable to continue supporting their @home email service.

Not only will there be no service downtime, but they took preventative measures to avoid this in advance of any problem. Don't you wish you live in Canada?

Re:Magic Lantern: Big effing deal.

[Tackhead]

> The big deal, really, is that the FBI shouldn't be writing virii. Either they politely ask, 'can we violate your security,' or they politely ask, 'can we break into your home.' "Cloak and dagger" should not be their MO, "implicit permission" is unacceptable.

"Hello! We send you this file in order to have your PGP passphrase!".

C'mon, what could be more polite than that? ;-)

It IS a big deal. Because...

[hillct]

First McAffee and now Symantec are willing to ignore the presence of this virus. This article describes Symantec's position on the issue:

Eric Chien, chief researcher at Symantec's antivirus research lab, said that provided a hypothetical keystroke logging tool was used only by the FBI, then Symantec would avoid updating its antivirus tools to detect such a Trojan.

Symantec is yet to hear back from the FBI on its enquiries about Magic Lantern.

"If it was under the control of the FBI, with appropriate technical safeguards in place to prevent possible misuse, and nobody else used it - we wouldn't detect it," said Chien. "However we would detect modified versions that might be used by hackers."

The bigger problem here, though is that these antivirus vendors are violating the public trust and esentially providing faulty products (nothing new in the software industry) intentionally (which is a new prescident).

Furthermore, if antivirus vendors can be currupted this ay in the name of national security, does this mean that OS vendors will do the same, to accomodate the delivery methods chosen by the FBI? Will there be un-closed security holes intentionally left open as delivery vectors (like buffer overflow problems etc.) for 'Magic Lantern'? And regardless of the position of Stmantec that they will try to detect variants of Magic Lantern, what happens when a virus writer succeeds in writing a piece of code with a signature sufficiently similar to the FBI code as to be indestinguishable? the risk introduced here is too great to justify through the promise of improved crime fighting capabilities.

--CTH

More information on the @Home status

[VP]

This story on Wired sheds some light on what is going on with the @Home service. Seems like the debt holders are the ones who want the service shut down, while @Home has drawn plans (according to their chapter 11 filing) showing that they can pay all their debts and be profitable by 2010. It also seems that all cable companies which are currently providing the @Home service are on the debt holders side, since none of them are explaining this part. So make sure your cable companies hear from the @Home users who stand to lose their service - almost all of the cable companies are regulated local monopolies, which have to answer to a city/municipality board.

The Cox contingency plan.

[jabber]

Click HERE

In case that gets swamped, here's a reprint:

Cox Communications @Home Service Update:

Following you will find some information to address questions you might have about the email communication that you recently received from us.

Q1. What should I do today?
A1. Cox recommends that you use the following precautionary backup procedures.

Check your @Home email daily. Opened messages will be saved automatically to your hard drive.

Download software from a free dial-up Internet service provider. We recommend that you do not install the software unless service is interrupted.

Back up your personal web page.

Watch for more information from Cox on the transition of your service to Cox High Speed Internetsm. At such time that you can make the transition to our new service, Cox will be providing you with all of the information you need so that your transition is as smooth as possible.

In the unlikely event that there is a disruption in service, keep your cable modem connected to your PC until service is restored.

Q2. I need my e-mail; what am I going to do?
A2. Cox is doing everything that we can to ensure that you are never without your email. If our plans are successful, your service will not be interrupted and you will have a comfortable transition period in which you can convert your service to a new Cox-managed network.

Q3. What about my modem?
A3. In the unlikely event that there is a service interruption, you should leave your modem connected to your PC until service is restored.

Q4. What is this dial-up, temporary service?
A4. In the unlikely event that your service is temporarily interrupted, we recommend that you set up Internet access via one of the free dial-up Internet services that are available. We have arranged for temporary, dial-up access to the Internet via NetZero. You may download this software by clicking here. This dial-up access is meant to be a temporary alternative to provide email and connectivity. The free service offers ten hours per month, which should be sufficient to get you through any short-term outages. This service does not currently support MAC, Windows 2000 or XP. If you are a Roanoke or Hampton Roads resident and a NetZero local access number is not available, please visit www.juno.com as a potential alternative.
We do not recommend that you install the software at this time, just download the software and save it so that it may be installed should you have an interruption in service. This is a precautionary measure that would give you access to the Internet via a phone line plugged into your computer.

Q5. What will I get with this service and is it Cox supported?
A5. Unfortunately, Cox cannot speak to the features and benefits of the free dial-up Internet services that are available, nor can we guarantee or support it. We recommend that you explore this temporary backup plan simply as a precautionary measure. We are taking all necessary steps to ensure that your service is uninterrupted, but we thought that you might be interested in a temporary, although not ideal, solution for Internet access in the unlikely event that your service is shut down.

Q6. Will you credit my bill? When will I see a credit?
A6. Cox will credit you for any time that you are without service. This includes reimbursement for equipment leasing fees if you are leasing your cable modem from Cox. Should your service be interrupted, you would see an appropriate credit on the next statement that you next receive from Cox.

Q7. How do I get updates quickly?
A7. You have two ways of getting the latest accurate information quickly.

We've established a special number (1-877-832-4751). When you call this number, you will hear a recording that provides the latest information.
You can also get updated information by visiting www.cox.com/info.
These are the most accurate and up-to-date sources for information on your Cox Internet service.
Q8. How will you communicate with me if my service is down?
A8. Cox will contact you via mail or courier to provide important status updates and service information concerning the new Cox-managed high speed Internet service that will replace your @Home service. You can also call 1-877-832-4751 to hear a recorded message with the latest, accurate and up-to-date information.

Q9. What will happen to my personal Web page?
A9. As a safety precaution, you should always backup your personal Web page to a CD or hard drive. To Transfer Files from WebSpace to your hard drive using the File Manager:

Download the files from WebSpace to your computer by logging in to the WebSpace login page at http://home-members.excite.com/m_webspace/ and clicking File Manager, located at the top-right corner of the screen.
Select Transfer from the File Manager navigation bar. In the window that appears, select the files you want to transfer from your WebSpace account to your computer, and the location to which you want them transferred, then click Transfer.
A window appears telling you when your file has been downloaded.
Click OK to return to the File Manager page.
Once you are finished with File Manager, log out by clicking Logout on the navigation bar. If you do not log out, and you share a computer with other people in your household, they may have access to your files.

Obsfucated deadline

[nytes]

If you haven't submitted your program(s) to the International Obfuscated C Code Contest, now is the time : the deadline is December 1st, 2001, there is only two days left

You mean there's only 'Z' ^ 'J' ^ 18 days left?

Freedom dies a little at a time.

[Chasing+Amy]

The point is, NO YOU DON"T HAVE TO CLICK ON WHATEVER THE FBI SENDS YOU. Why don't you READ the bloody USA/PATRIOT stuff and what has been released so far of the FBI's "evil plans" before you waste our time?

The FBI is given carte-blanche to install spyware on your machine in any way they wish, without needing a search warrant (which takes a relatively high measure of cause to get) from a Court in your jurisdiction, but rather by getting a wiretap order (much lower showing of cause) from Any Court ANYWHERE. They don't even need to go to your jurisdiction to a real Court--they can go to any Court whatsoever, like for example a Mickey Mouse Court right down the street from FBI HQ where there's a judge who hands out orders like they're Tick-Tacs.

That in itself is troubling. They can pick any judge anywhere to ask for permission to hack anyone's box. I'm sure they already have a good working relationship with judges who'd give them anything. Jurisdiction is there to protect you from judges like that. But not any more.

And the FBI can get their spyware onto your machine by any electronic means, including by exploiting any security vulnerability there is to get the conde on your box. Remember the bad root exploit that was revealed a few days ago for Linux? You can bet the FBI is subscribing to every bug track list and logging exploits they can use as they come up, so that they'll know how to break into your computer before you even know what the security flaw is and how to patch it. So, it isn't just stupid people who run foreign executables who are hackable. It's everyone.

Now, combine all that with what the FBI has done in the recent past, like getting a warrant and a gag order against the Independent Media Center to seize all their logs so that they could trace users who reported on the Canadian police report on how to deal with WTO protestors that someone had lifted from an unattended car in Canada, and interrogate them for the Mounties to try to find the guy who did it. Oh, and the IMC would have been unable to inform anyone of the order, and that visitors to the site were being logged and monitored by the FBI.

Now, that order was reversed the very next day by a real judge who actually knew what the Bill of Rights means. But with these new laws and regs, the FBI doesn't even have to tell anyone that an order ever existed in the first place. There's no real oversight, and no chance for an order to be overturned or deemed fraudulent or unconstitutionally vague or overbroad or just plains wrong. Today, the FBI would simply handle the above IMC freedom of press/speech "problem" like this: they'd go to the chambers of Judge Unconstitutional next door, get an order to install spyware on the IMC web server so that they can retrieve the logs they want and monitor any connections which might be from the user they want, and then go down a list of known exploits--some of which probably won't have been announced yet and won't have patches at all--until they get their software onto the IMC's server. Then they get their logs, and monitor connections--and of course if anyone talks about any protest plans that may be questionable to the FBI while the spyware is installed, then hey, it's in plain sight during an investigation which required them to view server logs. And even if it isn't, who cares--the FBI isn't known for their oppenness and honesty; they'll use the information to find or manufacture a legally more acceptable excuse for going after their new suspect. Their new suspect who was just exercising his right to free speech and his right to peaceably assemble to ask the government for redress, BTW.

As you can see, the potential for this legislation goes far beyond just logging keystrokes to get PGP passwords of terrorist suspects. Right now, that's what the FBI has publicly disclosed about Magic Lantern. What they haven't disclosed could well be the cababilities to remotely access the whole system to do things like what I outlined above. Remember that when the Carnivore documents were initially released, the parts about Magic Lantern were blacked out. What makes you therefore think the FBI has told us everything about Magic Lantern now that its existence is no longer blacked out?

At any rate, if you read the new laws, they give the FBI the chance to do far more than sniff PGP keys. Knowing what we all know about the FBI, they are planning to exploit the law to its fullest. If Magic Lantern really is only a key logger, then you can bet they have another piece of software that's still classified to do the rest. And isn't a key logger bad enough as it is, since they now have the ability to get secret installation orders from any judge they choose at any kangaroo Court? That in itself can be used to access a lot more than your PGP keys, which is already an invasion. Every word you ever write on your computer could be theirs, and you'd never know it if they disguise their program well enough--have it replace your networking layer, let's say, so that for all intents and purposes it's indistinguisable from the processes that run whenever you're net-connected. What might any of us be suspect for? Going to the IMC website and posting our opinions or protest experiences? Running a site like the IMC, which might itself get bugged and logged thanks to a sympathetic judge? Again, the orders can be secret, so there's no real oversight.

We're on dangerous ground. I visit forums where people sometimes talk about illegal things, like borderline protest activities, or illicit datastreams, though I never do so and never do any illegal things (except maybe smoke cigars in public--what a country) myself. Does that mean my PC should be tagged, bagged, and monitored? The FBI probably thinks so. Anyone who'd even think of protesting must be a communist--if only we could tap 'em all like we did with the civil rights leaders in the 60s. Oh wait, now we can! Who needs J. Edgar Hoover, when you have thousands of FBI agents who are trained according to the methods he set up himself?