FBI's Magic Lantern (updated URL)!

Well folks, for those of you who thought that goverments do not waste their time developing Trojan horses, and viruses, here is a nice eye opener:
http://www.pcworld.com/news/article/0,aid,78070,00.asp
This should make you think twice about not having a some kind of a Trojan defender installed!

 

Thanks for posting that article Godzillex. It was an eye opener!

 

That was some interesting times 2 years ago when that article first came out and many members here may remember the thread here @ Wilders around that time. Since Magic Lantern is over 2 years old....I'm sure the FBI has moved onto big and better things....anonymously ?

Wilders April 2002 thread---> FBI must cough up Carnivore info

 

I had that thread bookmarked (couldn't find it for the life of me though), but that was an *excellent* thread.

Thanks for the link, Bubba. Kinda nice going back and re-reading some of those posts.

snap

 

Are you certain the current breed of Anti-trojans on the market can detect government issue spyware? One might think they would have their best hackers on it, and ensured it would not be detectable by any of the products on the market.

After all if they wish to use it against top cless criminals, their intended victims are likely to be extremly paranoid and use the same defences (or same level at least) as most paranoid wilders people (heck at least these criminals have reasons to be paranoid!). This means people using TDS, BOClean, Ewido, Trojanhunter etc. I'm sure spyware designed by the goverment would be tested against these....

 

Wow, Bubba! Talk about bringing back memories! That was quite a thread. The only problem is that going back and looking at it two years later makes me wonder again who "response" really was.

As for the current status of Magic Lantern: it is real, it is widely used, and I believe is undetectable by any consumer software. There's just too much evidence that precautions taken by some, were somehow fruitless against "Magic Lantern" and its variants. Is that a good/bad thing? That's worthy of a thread in itself. There is no question that free people everywhere are threatened by radical Islam and terrorism. However, I also believe free people everywhere are threatened by those seeking to protect them.

BTW, There is little on Magic Lantern since the FBI admitted its development. See this article.
The entire program is now classified "top secret" and - who knows?

John
Luv2BSecure

 

And what makes you sure that TDS-3 or Boclean etc have to add the defs? How about the government talks to them asking them NOT TO and persuadeing them a bit with whatever means they can. How would you know if either TDS-3 or Boclean or any other company actually adds the definitions for those even if they can be detected they might not be.

 

Bubba,
I beleive that Magic Lantern and Carnivore refer to two different projects. The first is a Trojan installed on users' systems to log keystrokes, the other is a scanner which sits at ISP level to passively monitor and save all *interesting* e-mails.

Cheers!

 

You mean you still don't know who 'response' was?

(I do, but I'll never tell)

I thought we had another thread on Magic Lantern too, but I'm not finding that one. Didn't spy1 have a thread about that? (it's been too long to remember.)

snap

 

As noted in the link I posted, the links within that long thread and the 2001 article link that luv2bsecure posted....Magic Lantern and Carnivore are one in the same.

In any case....Please do not take my posts wrongly....I am still searching myself for some more up to date info concerning Magic Lantern\Carnivore....but as of yet I haven't stumbled across any.

 

John Little, I am "response" and it is nice to have you back

 

Well blow me away....Name Game, Backstroke, New Years....you ever been to the Ozarks man

 

Yup..one of my favorite places for air and not much traffic lately. Even for a Hunter

Or an Old Crow

But we could all watch out for those TEMPEST attacks.

http://www.dslreports.com/forum/remark,2051870~root=security,1~mode=flat

 

After all this time...............



Reading back through that thread, I am glad "response" is here with us and on our side!

Just one more thing. (Enter Lt. Colombo here).....

Were there two "response" posters in that thread as speculated by several at the time? Curiosity has got the best of me.

Thanks for the welcome back, Primrose....

John
Luv2BSecure

.

 

No you can pin the tail on me for all..in fact were there two, I would have told you then and BTW..I did not hold another membership at the Wilders forum under any other name at that time when I made those posts.. but then I never used Response for any other thread except that one..and never have posted as a guest when I was an active member at Wilders.

 

Hi Bubba,

Unfortunately, there is very little information. FOIA requests have come back time and again as DENIED/NS. This is a request that is denied on basis of National Security. The entire program is, in fact, classified.

A lot of speculation though.....

1. There have been reports that the Magic Lantern program is nothing more than a keylogger that we already identify and remove when found. "Hiding in the open" as they say.

2. A highly sophisticated trojan keylogger that uses technology and (possibly) Windows exploits known only to a select few.

One thing is for certain: It has been used, cited in federal criminal filings in several cases (and some that have nothing to do with terrorism). It is said by some that in some of these cases, the information was extracted from computers hardened with all of the software - and more - that we all discuss here. The consensus among those I talk with believe it is simply not detectable by consumer AT/AS software and is in fact "magic"......Sorry, I couldn't resist.

John
Luv2BSecure

.

 

John,
You mentioned that you've talked with others about this keylogger. Like most people here at Wilders, I'm interested. Can you point me to the boards where you've discussed this? How can I learn more?
Thanks.

 

To be quite honest, I have been "out-of-the-loop" with message boards, etc. for quite some time due to illness. Another thing - there's not a lot of places online to discuss things like this. When I refer to talking to others, I mean that literally as in "talking" to others. My professional work has been in academia/non profit and centered around privacy issues.
EPIC is a good resource for keeping up with privacy in the digital world.

John
Luv2BSecure

.

 

Interesting stuff being discussed here...
In the article it speaks mostly of the FBI and the government, so I assume they are talking about American Government. So what would an AT developer like TDS (for example) which is not based in the United States, have anything to do with the workings of the American Government? Or is the use of these types of keylogger/programs something that is some how internationally agreed upon? Sorry if I could not phrase that any better.

Signature detection is one thing but how about a more "generic" way of stopping keyloggers. Lets say what ProcessGuard does. Or other kernal mode protection like the one being implemented by SSM (I believe). Both of these developers I admire very much, it is hard to imagine the creators of such keylogger/programs might know something they dont. But then again anything is possible in this world...

Going along with my thought from above, maybe it is more possible if the creators of the keylogger/programs knew the source in Windows and exploit it as John mentioned. But how about Linux (non-proprietary versions), FreeBSD, and OpenBSD that are open source?

Didn't mean to call you out John by quoting you, I just thought you brought up some very good points here

 

I would think that Diamond CS would be *very* interested in Magic Lantern. First, the gratification of knowing that they have made a trojan detector which can snoop out FBI's vermin (supposedly the best code writers in the world) is reason enough.

Also, the technology used in this goverment-made key logger has potential to be shared among the goverments of the world. Remember, Australia is also part of the Echelon Network which includes: U.S.A., U.K., New Zealand, and Canada.

Lastly, there is a good deal of TDS customers residing in the U.S.A., so let's not discount the sales incentive for Diamond CS.

And yes, if you want to have a more secure computing environment, FreeBSD and or other UNIX-derivatives will do an excellent job (they also have the advantage of being free, and open source). I think if you're to give the bozos in Micro$oft enough rope, one of these days they'll hang themselves. Their code is getting more bloated with each release of Windows: there isn't a day that goes by where some *major* security issue isn't discovered. It's become a dangerous joke!

 

What if Micro$oft is in on the game as well? Couldn't M$ agree to put some kind of backdoor in Windows? It could even possibly be downloaded with Windows updates, so no version of Windows could escape it.

But if the world governments were in on some kind of plot to spy on us there has got to be some way to monitor the outgoing traffic (keylogs) from your computer, unless they use a similar technology like some of the latest CIA type burst bugs. These are audio bugs that record conversations, store it and then periodically release a quick burst of the recorded data, in random digital spread spectrum frequencies, instead of a constant radio signal like one would assume a bug would. And they often use frequencies above the range most commerical spectrum analyzers could pick up anyway. These types of bugs are very difficult to find, even with a spectrum analyzer.

So why couldn't some type of software program be designed in a similar way? To periodically release recorded data, in such a way, as to be undetectable by most currently known techniques/programs used to find these threats.

 

Great point! I've always been weary of Windows "updates".

 

LIFE RULE #1
At the end of the day nothing is what it appears to be

 

The FBI (or any other three-letter agency) doesn't HAVE to put anything ON or IN your computer - all they have to do is simply "request" (even verbally) that your ISP turn over all logs of your web-traffic.

Unless everything you're doing is totally encrypted and tunneled, you're all theirs.

You'll never see it - and no software on your computer will ever detect it.