Does anyone know if this software sends the logged traffic in clear-text or does it use encryption to protect it from being intercepted? (If not, unauthorized persons and hackers can sniff it and abuse it.) What if the security is weak and breakable? Has the software been validated to be secure and work correctly under all circumstances?
Does the FBI-virus come with multi-language support, or does it just crash the computers (like IE does for the Finnish version of Windows computers) and make them inoperable? (Lots of Microsoft software does this if you install the wrong language version and you have to reinstall everything. -> Can be several days of work.) Also, now that the FBI has assumed global jurisdiction (can legally hack foreigners), do they cover damages if the software in question causes the computers to malfunction, become inoperable, destroys data, leaks confidential data to outsiders, compromises the security of computers or by malfunction just causes people not being able to work? A lot of damage and error issues are possible, especially in situations where computers need to have all their software validated. Does the FBI cover the costs of rebuilding the security infrastructure for example a company who's employee's user passwords were logged? What about the loss of face for a security company, if FBI-virus has breached their security, and FBI publishes that someone in the company was logged? Notable is also what kind of copyright does the FBI acknowledge for the captured keys-strokes? Can they publish the information somewhere? I just think that these issues need to be covered and answered clearly to the general public. Thanks. http://www.washingtonpost.com/wp-dyn/articles/A1436-2001Nov22.html At least one antivirus software company, McAfee Corp., contacted the FBI on Wednesday to ensure its software wouldn't inadvertently detect the bureau's snooping software and alert a criminal suspect. >http://www.msnbc.com/news/660096.asp?cp1=1 > >FBI software cracks encryption wall > >'Magic Lantern' part of >new 'Enhanced Carnivore Project' > >By Bob Sullivan >MSNBC > >Nov. 20 - The FBI is developing software capable of >inserting a computer virus onto a suspect's machine and >obtaining encryption keys, a source familiar with the >project told MSNBC.com. The software, known as "Magic >Lantern," enables agents to read data that had been >scrambled, a tactic often employed by criminals to hide >information and evade law enforcement. The best snooping >technology that the FBI currently uses, the controversial >software called Carnivore, has been useless against suspects >clever enough to encrypt their files. > >MAGIC LANTERN installs so-called "keylogging" > >software on a suspect's machine that is capable of capturing >keystrokes typed on a computer. By tracking exactly what a >suspect types, critical encryption key information can be >gathered, and then transmitted back to the FBI, according to >the source, who requested anonymity. > >The virus can be sent to the suspect via e-mail - perhaps >sent for the FBI by a trusted friend or relative. The FBI >can also use common vulnerabilities to break into a >suspect's computer and insert Magic Lantern, the source >said. > >Magic Lantern is one of a series of enhancements currently >being developed for the FBI's Carnivore project, the source >said, under the umbrella project name of Cyber Knight. > .... --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
