Slashdot Mirror

← Back to Stories (view on slashdot.org)

FBI Confirms Magic Lantern Existence

Posted by chrisd on from the aldous-would-be-proud dept.

The_THOMAS (and many others) writes: "A day after major anti-virus firms waffle on their support for 'Magic Lantern', and nine days after Thomas C Greene of The Register tried to throw cold water on it's existence, the FBI Confirms the 'Magic Lantern' Project Exist. Welcome to a Brave New World!"

5 of 461 comments (clear)

  1. Re:They can get us Linux users too by ShaunC · · Score: 5, Informative
    The first time I went to Windows Update, I checked the box that said "always trust content from Microsoft Corporation." Therefore, only Microsoft's real certificate will be accepted by my machine.
    So what happens if Microsoft allows Magic Lantern to be bundled inside the next .cab you get from windowsupdate.com - which, of course, is signed by Microsoft? You raised the point that ISPs tend to bend over, so you can't rule out the possibility that Microsoft might do the same.

    Shaun
    --
    Thanks to the War on Drugs, it's easier to buy meth than it is to buy cold medicine!
  2. Why FBI came out with this news NOW by webwench_72 · · Score: 5, Informative

    Why were they honest about it now? Simple: this is the best political climate the FBI could have asked for to reveal something like this.

    Surveys show that most people, given the 9-11 attacks, are more than willing to trade freedom for security.

    "A recent ABC/Post survey found two out of three people expressing willingness to surrender 'some of the liberties we have in this country to crack down on terrorism.' Cole attributes this not only to a heightened concern for safety, but to the fact that the majority are not generally affected--that is, it's not their relatives being detained and questioned." (Taking Liberties: Fear and the Constitution)

    "At times like this, a democracy must balance its need to protect itself with the freedoms that define it. Last week's terrorist attacks have raised the debate pitting homeland defense against civil liberties to a level not seen since World War II." (For now, security trumps liberties)

    "From the very first surveys after the World Trade Center and Pentagon attacks, most Americans told pollsters that the country would have to give up some rights to fight terrorism (79 percent in a CBS/New York Times poll in September). A Gallup survey conducted Nov. 26-27 found six in 10 Americans who said the Bush administration has been 'about right' in its limits on civil liberties, as opposed to 10 percent who said the administration had gone too far and 26 percent who think it hasn't gone far enough." (Public Supports Domestic Crackdown on Terror)

    After all, if you're innocent, what do you have to worry about anyway? :grin:

    --

  3. Re:They can get us Linux users too by seifried · · Score: 5, Informative

    Most major vendors (with the notable exception of Debian =( ) sign packages using GNuPG. You can check these signatures using rpm. There is no need to get Eric raymond to sign stuff (and he's supposed to read all the source code, then build all the packages on his own machines? excuse me?). I suggest reading the following two security advisories, which point out some mistakes that have been made, and one possible attack, but also largely corrected by vendors, and can be easily verified by users with minimal effort.

    Devil in the details - why package signing matters

    Red Hat 7.2 GnuPG signed RPM verification fails on distribution files

    RPM PGP/GnuPG verification bug

  4. Re:They can get us Linux users too by Tackhead · · Score: 5, Informative
    > I checked the box that said "always trust content from Microsoft Corporation." Therefore, only Microsoft's real certificate will be accepted by my machine. Even if the FBI forces Verisign to issue an impostor certificate, it will be detected and thwarted.

    You, sir, are not merely a troll, but an expert troll, and I applaud you for a job well done! Thanks for the best laugh I've had this thread.

    References: Slashdot article: Don't Trust Code Signed by 'Microsoft Corporation'

    Microsoft bulletin detailing story of VeriSign issuing two Class 3 code-signing digital certificates to an individual fraudulently claiming to be a Microsoft employee: Erroneous VeriSign-Issued Digital Certificates Post Spoofing Hazard

  5. "Welcome to a Brave New World" by Anonymous Coward · · Score: 5, Informative

    I wish more people would actually read Huxley's "Brave New World" before applying that phrase everytime government gets a little out of control.

    Seriously, "Magic Lantern" and all the other privacy-invasive technologies used to snoop on private citizens are still a far cry away from the world of "Brave New World." After all, we still possess enough of our wits to question whether these steps are necessary, legal, and ethical. The folks in "Brave New World" didn't even go that far.

    We are much closer to Orwell's "1984" then we are to "Brave New World." And I'm not sure which is the more frightening.

    In 1984, the government had to force people to behave using the classic methods of tyranny. In Brave New World, the citizens were kept so damn happy that they would never question that the government didn't have their best interest in mind, regardless of what it did.

    Remember: in 1984, our protagonist was someone from withen the society who began to realize what a living hell he was in and began to try to do something to better his condition. In brave new world, our protagonist was someone how came from outside of the society, having been raised on a "reservation". It was only because of this distance from the reality of the "Brave New World" society that he was able to see how awful it truly was.