[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FYI] (Fwd) FC: Symantec pledges to acquiese to FBI backdoor demands


------- Forwarded message follows -------
Date sent:      	Wed, 28 Nov 2001 08:00:20 -0500
To:             	politech@politechbot.com
From:           	Declan McCullagh <declan@well.com>
Subject:        	FC: Symantec pledges to acquiese to FBI backdoor demands
Send reply to:  	declan@well.com

Symantec sells security software including:
  Norton Antivirus
  Symantec Intruder Alert
  Symantec NetProwler 3.5
  Symantec AntiVirus Enterprise Edition
  Symantec AntiVirus Command Line Scanner 1.0
  Symantec Desktop Firewall 2.0
  Symantec Enterprise Firewall 6.5
  Symantec Enterprise VPN 6.5
  Symantec Enterprise Security Manager 5.5
  Symantec NetRecon 3.5

*********

Date: Wed, 28 Nov 2001 12:47:21 +0100
To: declan@well.com
From: Maurice Wessling <maurice@bof.nl>
Subject: Symantec will not detect Magic Lantern

http://www.theregister.co.uk/content/55/23057.html

Eric Chien, chief researcher at Symantec's antivirus research lab,
said that provided a hypothetical keystroke logging tool was used only
by the FBI, then Symantec would avoid updating its antivirus tools to
detect such a Trojan. The security firm is yet to hear back from the
FBI on its enquiries about Magic Lantern but it already has a policy
on the matter.

"If it was under the control of the FBI, with appropriate technical
safeguards in place to prevent possible misuse, and nobody else used
it - we wouldn't detect it," said Chien. "However we would detect
modified versions that might be used by hackers."

*********

Date: Wed, 28 Nov 2001 00:57:28 -0500
To: politech@politechbot.com
From: red <red@isr.net>
Subject: FC: McAfee broadens denial: No contact with government of any
   sort
Cc: declan@well.com, tbridis@ap.org

Declan, et al.

I believe it to be impossible that McAfee would build-in some sort of
mechanism that would enable an authority to remotely allow keystroke
logging. Not because this would technically be inconceivable - I
believe it is, and I believe it is done as well -, but merely because
of the international ramifications such construct would bring along.
NAI, and McAfee.com certainly look forward to a more prosperous
financial year. And they do their best to accomplish that. This
company simply cannot afford under its new leadership to see its
overseas competition (as F-Secure, Sophos and others) eat away their
international market share. If McAfee.com/NAI would entertain what was
said, this would be quite possibly the end of the company, as their
international revenue would halt almost instantly. The impact would be
felt in all NAI products.  And then with so many a.v. manufacturers,
they'd still only cover those who'd agreed to do this. The possibility
of an embarrassing leak would be a federal disaster. Come to mind that
none of the foreign owned a.v.'s would go along. Although it might be
seen that way by some, this would not be a "home land" security issue,
sec.  It would impact almost all foreign nations. E.g. the EU would
start stripping Mr. Mueller's pants down so fast, he even wouldn't
have known he has 'em on. There's under the current EU regime (after
the first Echelon raid) no-one willing to accept another candid U.S.
camera trick.  Not even the U.K. would accept it.  And mix in that you
also need to row-up all network intrusion vendors. And I simply do not
see guys like Marcus Ranum (Network Flight Recorder) and Christopher
Klaus (Internet Security Systems), just to name my personal pick of
the crop, agree with compromising their product lines and future
international sales. To top it off, look at this from the user side as
well. A program like SurfinShield (Finjan) or Agnitum's Tauscan will
take care of almost ANY Trojan. And, it would be a good idea to start
using Evidence Eliminator (the latest version is here:
http://www.evidence-eliminator.com/go.shtml?A660528 ) made by a real
neat Brit, Andy Churchill, who deserves to be complemented for his
efforts to contribute relentlessly to protect privacy of computer use.

On MagicLantern.  MagicLantern, according to my reliable sources is a
derivative of the D.I.R.T. program (see
http://www.codexdatasystems.com/ for details). A by no means for the
experienced network administrator unbeatable, but nevertheless nifty
pack of sleuth goodies, which do exactly what is promised: remote
keystroke logging.  Codexdatasystems provides the software free of
charge to law enforcement, so it's beyond the likely stage that the
FBI didn't study it, and hence after some de-compilation made it more
tailor-made, so to speak.  You'd be utterly surprised to learn what
can be done and seen if you mix in the latest version of Network
Observations, and use remote installed nodes.  By the way, Jack
Valenti ( the movie mogul ) attempted to legally incorporate DIRT
applications in the latest digital music trivia battle.  Not too long
ago I saw a remark from John Young passing by, mentioning this.


  with regards / stringing along

Jack

Jack Ryan, PhD
research editor
Internet Security Review

*********




----------------------------------------------------------------------
--- POLITECH -- Declan McCullagh's politics and technology mailing
list You may redistribute this message freely if you include this
notice. Declan McCullagh's photographs are at
http://www.mccullagh.org/ To subscribe to Politech:
http://www.politechbot.com/info/subscribe.html This message is
archived at http://www.politechbot.com/
----------------------------------------------------------------------
---

------- End of forwarded message -------

-- 
To unsubscribe, e-mail: debate-unsubscribe@lists.fitug.de
For additional commands, e-mail: debate-help@lists.fitug.de