Magic Lantern (software)

From Wikipedia, the free encyclopedia

Magic Lantern is keystroke logging software developed by the United States' Federal Bureau of Investigation. Magic Lantern was first reported in a column by Bob Sullivan of MSNBC on 20 November 2001[1] and also by Ted Birdis of the Associated Press.[2]

Unlike previous keystroke logger programs used by the FBI, Magic Lantern can reportedly be installed remotely, via an e-mail attachment or by exploiting common operating system vulnerabilities.[3][4] It has been variously described as a virus and a Trojan horse. It is not known how the program might store or communicate the recorded keystrokes.

In response to a Freedom of Information Act request filed in 2000 by the Electronic Privacy Information Center, the FBI released a series of unclassified documents relating to Carnivore, which included the "Enhanced Carnivore Project Plan". Sullivan's confidential source said that redacted portions of that document mention "Cyber Knight",

a database that sorts and matches data gathered using various Carnivore-like methods from e-mail, chat rooms, instant messages, and Internet phone calls. It also matches files with captured encryption keys.

Spokesmen for the FBI soon confirmed the existence of a program called Magic Lantern. They denied that it had been deployed, and they declined to comment further.[5]


Contents

[edit] Anti-Virus Software Designed to Ignore Magic Lantern Keyloggers

The public disclosure of the existence of Magic Lantern sparked a debate as to whether anti-virus companies could or should detect the FBI's keystroke logger.

[edit] Network Associates, McAfee products

Birdis reported that at least some anti-virus companies, including Network Associates (maker of McAfee anti-virus products), had contacted the FBI following the press reports about Magic Lantern to ensure their anti-virus software would not detect the program.[6]

Network Associates issued a statement denying cooperation with U.S. legal authorities within a week, fueling speculation as to which anti-virus products might or might not detect government trojans. [7] CNET News has surveyed 13 security companies about their contacts with and level of cooperation with law enforcement authorities.[8]

[edit] Symantec, Norton AntiVirus Products

Symantec, the makers of Norton AntiVirus and related products, is reportedly working with the FBI on ways to preclude their products from detecting Magic Lantern. Eric Chien, top researcher at Symantec, has claimed that the Norton AntiVirus products will specifically ignore the Magic Lantern trojan, but aim to identify "modified versions."[9]

Symantec's reported cooperation with the FBI, and stated willingness to ignore tronjans on its customer's computers, has raised concerns among computer industry professionals and commentators. One concern is that when Norton AntiVirus ignores the Magic Lantern program it will have no way to confirm it is being deployed in accordance with law, and that this may allow illegal monitoring by both the police and by malicious hackers and private citizens, precisely the activity Norton products are designed to prevent. Graham Cluley, of Sophos Anti-Virus Inc., said: "We have no way of knowing if it was written by the FBI, and even if we did, we wouldn’t know whether it was being used by the FBI or if it had been commandeered by a third party." [10]

Still another concern is the practice of acceding to governmental desires despite what some say are actions contrary to the interests of consumers by companies that are under no obligation to exempt government-authored spyware. Technology consultant Gram Cluey has raised concerns for users not located in the United States and wondered if Norton would likewise ignore trojans on US computers if they were installed by another country's government: "What if the French intelligence service, or even the Greeks, created a Trojan horse program for this purpose? Should we ignore those too?" [11]

Symantec and Norton AntiVirus products have also received criticism from within the anti-virus industry as well. Marc Maiffret, chief technology officer and cofounder of eEye Digital Security- producer of Blink Personal, has stated: "Our customers are paying us for a service, to protect them from all forms of malicious code. It is not up to us to do law enforcement's job for them so we do not, and will not, make any exceptions for law enforcement malware or other tools."[12]

[edit] See also

[edit] References

  1. ^ Sullivan, Bob. "FBI software cracks encryption wall", MSNBC, 2001-11-20. Retrieved on 2007-11-20. 
  2. ^ Ted Birdis. "FBI Develops Eavesdropping Tools," Washington Post, November 22, 2001.
  3. ^ FBI's Secret Spyware Tracks Down Teen Who Made Bomb Threats July 18, 2007 Wired Magazine
  4. ^ [Threat of Terrorism On U.S. Infrastructure December 31, 2001 The New York Times
  5. ^ Article in the Village Voice, 24 May 2002
  6. ^ AP story about Magic Lantern, 22 November 2001
  7. ^ Article in Wired, 29 November 2001
  8. ^ CNET News - Security firms on police spyware, in their own words, 17 July 2007
  9. ^ http://www.theregister.co.uk/2001/11/27/av_vendors_split_over_fbi/
  10. ^ Jackson, William. "Antivirus vendors are wary of FBI's Magic Lantern." Government Computer News. 8 June 2008 <http://www.gcn.com/online/vol1_no1/17572-1.html>
  11. ^ "AV Vendors Split Over FBI Trojan Snoops.". The Register. June 7th, 2008 <http://www.theregister.co.uk/2001/11/27/av_vendors_split_over_fbi/
  12. ^ "Will Security Firms Detect Police...". Cnet News. June 7th, 2008 <http://news.cnet.com/2100-7348-6197020.html?tag=tb>
  • Amanda So and Christopher Woo. "The Case for Magic Lantern: September 11 Highlights the Need for Increased surveillance," Harvard Journal of Law and Technology. v15, p521. (discusses the legal framework surrounding the use of keystroke loggers in law enforcement)

[edit] External links