FBI-virus software cracks encryption wall

Gilles Gravier Gilles.Gravier at Sun.com
Tue Nov 27 11:54:43 EST 2001 

Jetico ( http://www.jetico.com/ ) has a hard disk encryption software
called BestCrypt, which can actually intercept the keystrokes at BIOS
level, get the correct keys and re-maps them to random for upper layers...
like keystroke loggers.

I'd be interested to see how the FBI horror fares with something like
BestCrypt.

By the way... BestCrypt also encrypts on the fly with a random key
the windows SWAP file... so after system crash, nothing useful can
be recovered from SWAP leftovers... Next thing is to encrypt
$TEMP :)

Oh... FBI thing... so do they expect to have a version working for
Linux, NetBSD, OpenBSD, Solaris (had to name that one), Mac, Palm,
BeOS (OK... they're dead)... and who knows what else?

If they only cover Windoze (which is likely) the result will be that
the criminal / paranoid / privacy freak / hacker community will just
plain migrate to another OS... Which would be good for the world,
don't you think?

Gilles.

Jei wrote:
> 
> Does anyone know if this software sends the logged traffic in clear-text
> or does it use encryption to protect it from being intercepted? (If not,
> unauthorized persons and hackers can sniff it and abuse it.) What if the
> security is weak and breakable? Has the software been validated to be
> secure and work correctly under all circumstances?
> 
> Does the FBI-virus come with multi-language support, or does it just crash
> the computers (like IE does for the Finnish version of Windows computers)
> and make them inoperable? (Lots of Microsoft software does this if you
> install the wrong language version and you have to reinstall everything.
> -> Can be several days of work.)
> 
> Also, now that the FBI has assumed global jurisdiction (can legally hack
> foreigners), do they cover damages if the software in question causes the
> computers to malfunction, become inoperable, destroys data, leaks
> confidential data to outsiders, compromises the security of computers or
> by malfunction just causes people not being able to work? A lot of damage
> and error issues are possible, especially in situations where computers
> need to have all their software validated.
> 
> Does the FBI cover the costs of rebuilding the security infrastructure
> for example a company who's employee's user passwords were logged?
> 
> What about the loss of face for a security company, if FBI-virus has
> breached their security, and FBI publishes that someone in the company
> was logged?
> 
> Notable is also what kind of copyright does the FBI acknowledge for
> the captured keys-strokes? Can they publish the information somewhere?
> 
> I just think that these issues need to be covered and answered clearly
> to the general public.
> 
> Thanks.
> 
> http://www.washingtonpost.com/wp-dyn/articles/A1436-2001Nov22.html
> 
>     At least one antivirus software company, McAfee Corp., contacted the
>     FBI on Wednesday to ensure its software wouldn't inadvertently detect
>     the bureau's snooping software and alert a criminal suspect.
> 
> >http://www.msnbc.com/news/660096.asp?cp1=1
> >
> >FBI software cracks encryption wall
> >
> >'Magic Lantern' part of
> >new 'Enhanced Carnivore Project'
> >
> >By Bob Sullivan
> >MSNBC
> >
> >Nov. 20 - The FBI is developing software capable of
> >inserting a computer virus onto a suspect's machine and
> >obtaining encryption keys, a source familiar with the
> >project told MSNBC.com. The software, known as "Magic
> >Lantern," enables agents to read data that had been
> >scrambled, a tactic often employed by criminals to hide
> >information and evade law enforcement. The best snooping
> >technology that the FBI currently uses, the controversial
> >software called Carnivore, has been useless against suspects
> >clever enough to encrypt their files.
> >
> >MAGIC LANTERN installs so-called "keylogging"
> >
> >software on a suspect's machine that is capable of capturing
> >keystrokes typed on a computer. By tracking exactly what a
> >suspect types, critical encryption key information can be
> >gathered, and then transmitted back to the FBI, according to
> >the source, who requested anonymity.
> >
> >The virus can be sent to the suspect via e-mail - perhaps
> >sent for the FBI by a trusted friend or relative. The FBI
> >can also use common vulnerabilities to break into a
> >suspect's computer and insert Magic Lantern, the source
> >said.
> >
> >Magic Lantern is one of a series of enhancements currently
> >being developed for the FBI's Carnivore project, the source
> >said, under the umbrella project name of Cyber Knight.
> >
> ....
> 
> ---------------------------------------------------------------------
> The Cryptography Mailing List
> Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com

-- 
Gilles Gravier  -  Platform Infrastructure - SDN  -  EMEA
Email: Gilles.Gravier at Sun.com            Sun Microsystems
Phone: +41 22 7077856                 2 rue de Jargonnant
Fax: +41 79 4351052                        CH-1207 Geneva
PGP Key ID: 0xF5F60C45                        Switzerland
My Current Location is:   N:046°12'03.8" - E:006°09'31.9"



---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com

More information about the cryptography mailing list