FBI's 'Magic Lantern'
By Paul Eng ABCNEWS.com 2001/12/22
In order to stop criminals and terrorists who may be plotting evil deeds
using computers and the Internet, the FBI is developing a tool that is more
commonly associated with computer hackers.
According to the FBI and other law enforcement agencies, computer- savvy
criminals are increasingly turning to encryption software to protect their
sensitive data from prying eyes. Programs such as Pretty Good Privacy, or
PGP, scramble computer files so well that it takes years for even the most
powerful supercomputer to crack them without the appropriate "key."
But instead of trying to "pick" open any locked files, the FBI hopes agents
could one day just copy the criminals' keys by using a program currently
code-named "Magic Lantern."
The FBI recently confirmed that the agency did indeed have a computer
project called "Magic Lantern" underway. But since the project was still
"under development," the bureau declined to reveal further details about its
design or capabilities.
Copying Keys by Logging Keystrokes
But according to news reports, the program may be a powerful version of a
hacking tool known as a key-logging program. Such a program, when installed
on a computer, monitors and stores copies of what is typed by the user " say
a password that starts an encryption program.
The FBI had used such a key-logging program last year in a criminal
investigation against Nicodemo Scarfo Jr., son of a convicted Philadelphia
Mafia boss. FBI agents had broken into Scarfo's office in New Jersey and
installed a key-logging program to capture Scarfo's software encryption key,
which later revealed vital evidence against the alleaged loan shark.
(Scarfo's case is still being tried in federal court.)
But more than just an electronic surveillance tool, experts believe Magic
Lantern may also be able to secretly install itself on an unsuspecting
user's computer, much like a computer virus.
The program could be disguised as a harmless computer file " a so-called
"Trojan horse" program " and sent as an attachment to a benign computer
e-mail.
Mark Rasche, a former prosecutor with the Justice Department, says that such
a capability wouldn't be impossible. Such Trojan horse attacks have been
used in recent computer attacks such as last month's Badtrans worm. "We know
that 19-year-old teens from the Philippines can do this," says Rasche, now a
vice president of cyberlaw at Predictive Systems in Reston, Va.
Critics Already Crying Foul
Whether or not the FBI's latest cybersnooping tool is truly the ultimate
cyberspy is still questionable. But one thing is for sure: critics are
already crying foul over the still-secret FBI program and it's hypothetical
potential.
Although the FBI says that Magic Lantern would only be used "pursuant to the
appropriate legal process" " i.e. under a court- approved search warrant "
privacy and legal experts worry that the program could violate citizens'
civil right to be free from unreasonable searches and seizures. Lawyers for
Scarfo, for example, have petitioned the courts to review the legality of
the evidence gathered by the FBI's previous key-logging program.
What's more, security experts suggest that like other Trojan horse viruses,
the FBI's Magic Lantern may be discovered by anti- virus programs. And
security software makers such as Symantec and Sophos have already taken the
position that they won't treat a Magic Lantern bug any differently than any
other computer virus.
"Malicious code is malicious code," said Graham Cluely, senior technology
consultant for Sophos Anti-Virus, in a statement last month. "If a customer
suspects they may be under surveillance and sends a Trojan horse to us,
we're going to provide protection against it."
|