[wordup] Symantec pledges to acquiese to FBI backdoor demands

Adam Shand adam at personaltelco.net
Wed Nov 28 15:34:28 EST 2001 

more interesting stuff.

adam.

---------- Forwarded message ----------
Date: Wed, 28 Nov 2001 08:00:20 -0500
From: Declan McCullagh <declan at well.com>
To: politech at politechbot.com
Subject: FC: Symantec pledges to acquiese to FBI backdoor demands

Symantec sells security software including:
  Norton Antivirus
  Symantec Intruder Alert
  Symantec NetProwler 3.5
  Symantec AntiVirus Enterprise Edition
  Symantec AntiVirus Command Line Scanner 1.0
  Symantec Desktop Firewall 2.0
  Symantec Enterprise Firewall 6.5
  Symantec Enterprise VPN 6.5
  Symantec Enterprise Security Manager 5.5
  Symantec NetRecon 3.5

*********

Date: Wed, 28 Nov 2001 12:47:21 +0100
To: declan at well.com
From: Maurice Wessling <maurice at bof.nl>
Subject: Symantec will not detect Magic Lantern

http://www.theregister.co.uk/content/55/23057.html

Eric Chien, chief researcher at Symantec's antivirus research lab, said
that provided a hypothetical keystroke logging tool was used only by the
FBI, then Symantec would avoid updating its antivirus tools to detect such
a Trojan. The security firm is yet to hear back from the FBI on its
enquiries about Magic Lantern but it already has a policy on the matter.

"If it was under the control of the FBI, with appropriate technical
safeguards in place to prevent possible misuse, and nobody else used it -
we wouldn't detect it," said Chien. "However we would detect modified
versions that might be used by hackers."

*********

Date: Wed, 28 Nov 2001 00:57:28 -0500
To: politech at politechbot.com
From: red <red at isr.net>
Subject: FC: McAfee broadens denial: No contact with government of any
   sort
Cc: declan at well.com, tbridis at ap.org

Declan, et al.

I believe it to be impossible that McAfee would build-in some sort of
mechanism that would enable an authority to remotely allow keystroke
logging. Not because this would technically be inconceivable - I believe it
is, and I believe it is done as well -, but merely because of the
international ramifications such construct would bring along. NAI, and
McAfee.com certainly look forward to a more prosperous financial year. And
they do their best to accomplish that. This company simply cannot afford
under its new leadership to see its overseas competition (as F-Secure,
Sophos and others) eat away their international market share. If
McAfee.com/NAI would entertain what was said, this would be quite possibly
the end of the company, as their international revenue would halt almost
instantly. The impact would be felt in all NAI products.  And then with so
many a.v. manufacturers, they'd still only cover those who'd agreed to do
this. The possibility of an embarrassing leak would be a federal disaster.
Come to mind that none of the foreign owned a.v.'s would go along. Although
it might be seen that way by some, this would not be a "home land" security
issue, sec.  It would impact almost all foreign nations. E.g. the EU would
start stripping Mr. Mueller's pants down so fast, he even wouldn't have
known he has 'em on. There's under the current EU regime (after the first
Echelon raid) no-one willing to accept another candid U.S. camera
trick.  Not even the U.K. would accept it.  And mix in that you also need
to row-up all network intrusion vendors. And I simply do not see guys like
Marcus Ranum (Network Flight Recorder) and Christopher Klaus (Internet
Security Systems), just to name my personal pick of the crop, agree with
compromising their product lines and future international sales. To top it
off, look at this from the user side as well. A program like SurfinShield
(Finjan) or Agnitum's Tauscan will take care of almost ANY Trojan. And, it
would be a good idea to start using Evidence Eliminator (the latest version
is here: http://www.evidence-eliminator.com/go.shtml?A660528 ) made by a
real neat Brit, Andy Churchill, who deserves to be complemented for his
efforts to contribute relentlessly to protect privacy of computer use.

On MagicLantern.  MagicLantern, according to my reliable sources is a
derivative of the D.I.R.T. program (see http://www.codexdatasystems.com/
for details). A by no means for the experienced network administrator
unbeatable, but nevertheless nifty pack of sleuth goodies, which do exactly
what is promised: remote keystroke logging.  Codexdatasystems provides the
software free of charge to law enforcement, so it's beyond the likely stage
that the FBI didn't study it, and hence after some de-compilation made it
more tailor-made, so to speak.  You'd be utterly surprised to learn what
can be done and seen if you mix in the latest version of Network
Observations, and use remote installed nodes.  By the way, Jack Valenti (
the movie mogul ) attempted to legally incorporate DIRT applications in the
latest digital music trivia battle.  Not too long ago I saw a remark from
John Young passing by, mentioning this.


  with regards / stringing along

Jack

Jack Ryan, PhD
research editor
Internet Security Review

*********




-------------------------------------------------------------------------
POLITECH -- Declan McCullagh's politics and technology mailing list
You may redistribute this message freely if you include this notice.
Declan McCullagh's photographs are at http://www.mccullagh.org/
To subscribe to Politech: http://www.politechbot.com/info/subscribe.html
This message is archived at http://www.politechbot.com/
-------------------------------------------------------------------------

More information about the wordup mailing list