Posted on 11/20/2001 2:03:16 PM PST by testforecho
The FBI is developing software capable of inserting a computer virus onto a suspect’s machine and obtaining encryption keys, a source familiar with the project told MSNBC.com. The software, known as “Magic Lantern,” enables agents to read data that had been scrambled, a tactic often employed by criminals to hide information and evade law enforcement. The best snooping technology that the FBI currently uses, the controversial software called Carnivore, has been useless against suspects clever enough to encrypt their files.
MAGIC LANTERN installs so-called “keylogging” software on a suspect’s machine that is capable of capturing keystrokes typed on a computer. By tracking exactly what a suspect types, critical encryption key information can be gathered, and then transmitted back to the FBI, according to the source, who requested anonymity.
The virus can be sent to the suspect via e-mail — perhaps sent for the FBI by a trusted friend or relative. The FBI can also use common vulnerabilities to break into a suspect’s computer and insert Magic Lantern, the source said.
Magic Lantern is one of a series of enhancements currently being developed for the FBI’s Carnivore project, the source said, under the umbrella project name of Cyber Knight.
MENTIONED IN UNCLASSIFIED DOCUMENTS
The FBI released a series of unclassified documents relating to Carnivore last year in response to a Freedom of Information Act request filed by the Electronic Privacy Information Center. The documentation was heavily redacted — most information was blacked out. They included a document describing the "Enhanced Carnivore Project Plan,” which was almost completely redacted. According to the anonymous source, redacted portions of that memo mention Cyber Knight, which he described as a database that sorts and matches data gathered using various Carnivore-like methods from e-mail, chat rooms, instant messages and Internet phone calls. It also matches the files with the necessary encryption keys.
MSNBC.com repeatedly contacted the FBI to discuss this story. However, after three business days the FBI was still requesting more time before commenting. MSNBC.com has filed a Freedom of Information Act request with the bureau.
Word of the FBI’s new software comes on the heels of a major victory for the use of Carnivore. The USA Patriot Act, passed last month, made it a little easier for the bureau to deploy the software. Now agents can install it simply by obtaining an order from a U.S. or state attorney general — without going to a judge. After-the-fact judicial oversight is still required.
FBI HAS ALREADY STOLEN KEYS
If Magic Lantern is in fact used to steal encryption keys, it would not be the first time the FBI has employed such a tactic. Just last month, in an affidavit filed by Deputy Assistant Director Randall Murch in U.S. District Court, the bureau admitted using keylogging software to steal encryption keys in a recent high-profile mob case. Nicodemo Scarfo was arrested last year for loan sharking and running a gambling racket. During their investigation, Murch wrote in his affidavit, FBI agents broke into Scarfo’s New Jersey office and installed encryption-key-stealing software on the suspect’s machine. The key was later used to decrypt critical evidence in the case.
Magic Lantern would take the method used in Scarfo one step further, allowing agents to “break in” to a suspect’s office and install keylogging software remotely. But in both cases, the software works the same way.
It watches for a suspect to start a popular encryption program called Pretty Good Privacy. It then logs the passphrase used to start the program, essentially given agents access to keys needed to decrypt files.
Encryption keys are unbreakable by brute force, but the keys themselves are only protected by the passphrase used to start the Pretty Good Privacy program, similar to a password used to log on to a network. If agents can obtain that passphrase while typed into a computer by its owner, they can obtain the suspect’s encryption key — similar to obtaining a key to a lock box which contains a piece of paper that includes the combination for a safe.
BREAKING NEW GROUND
David Sobel, attorney for the Electronic Privacy Information Center and outspoken critic of Carnivore, did not outright reject the notion of a Magic-Lantern-style project, but raised several cautions.
“This is breaking new ground for law enforcement, to be planting viruses on target computers,” Sobel said. “It raises a new set of issues that neither Congress nor the courts have ever dealt with.”
Stealing encryption keys could be touchy ground for federal investigators, who have always fretted openly about encryption’s ability to help criminals and terrorists hide their work. During the Clinton administration, the FBI found itself on the losing side of a lengthy public debate about the federal government’s ability to circumvent encryption tools. The most recently rejected involved so-called key escrow — all encryption keys would have been stored by the government for emergency recall.
LEVELS PLAYING FIELD WITH CRIMINALS
A spokesperson for Rep. Dick Armey (R-Texas), said he thought Magic Lantern, as described to him by MSNBC.com, was considerably more palatable than key escrow.
“Citizens should have ability to keep their files and e-mails safe from bureaucratic prying eyes. But this would only be usable against a limited set of people. It’s not as troubling as saying the government should have all the keys,” said the Armey spokesperson. He also said Magic Lantern didn’t raise the same Fourth Amendment concerns regarding search and seizure as Carnivore, because Magic Lantern apparently targets one suspect at a time. Armey, an outspoken Carnivore critic, has complained about the potential for the FBI’s Internet sniffing software to capture too much data as packets fly by headed for a suspect — known in the legal world as an “overly broad” search.
Sobel was concerned that the keylogging software itself could result in overly broad searches, since it would be possible to observe every keystroke entered by a suspect, even if a court order specified a search only for encryption keys. Developers in the Scarfo case went to some trouble to limit the data stored by the keylogging software installed on Scarfo’s computer, shutting the system on and off in an attempt to comply with the court order, according to Murch’s affidavit. But given the confusion surrounding keylogging and encryption, and the mystery surrounding projects like Carnivore, Sobel said he’s worried about the bureau’s use of software that hasn’t been clearly explained to the public or the Congress.
“It is a matter of what protections are in place. At this point, the best documented case is Scarfo, and that raises concerns,” he said. “The federal magistrate who approved the technology in Scarfo had no understanding of what this thing was. I hope there can be meaningful oversight (for Magic Lantern).”
I give this idiocy a lifetime of four and a half hours after the first antivirus package has caught the FBI with its pants down in a criminal act. I'd also guess that that same AV package (particularly non-Aamerican ones) will enjoy a boost in stock value. What the FBI will enjoy I shudder to even think about.
The "Magic Lantern" concept is so old hat it isn't even interesting - criminals have been trying to get some mileage from this since 1992. At least. And get smacked down every time :).
There was something additional regarding the encryption key or decryption process. I can’t remember the details. (or the source) at this point.
Problem is that LEO's will never be able to hire the best and brightest, and even if they could, there is always a backdoor, what do they think we are anyway, accountants?
Wasn't this issue addressed with the new Patriot Act? As in life imprisonment? Perhaps the FBI should read the bill lest they be considered domestic terrorists. :-)
What is sneakernet?
I'm so proud of myself. Even a dumb blonde figured this one out before getting to the end of the article!
Surely they have a solution to the "cut & paste," ya think?!
Old term. Before we had networked PC's people would exchange files by copying them to a diskette and hand-carrying the diskette to another computer. Hence the name sneaker-net.
It is a method of network communications invented by a guy known only as "Trannie" ;)
IMO, the use of key logging is legitimate if authorized by a specific warrant for the interception of a suspect's e-mail communitcations. The fact that the Feds have to install something on the target's machine (which takes manpower, and could get them caught red-handed if they do it illegally) serves as a check against the sort of secret blanket surveillance which is possible with systems of the Carnivore type.
PBR, Nah. Not the FBI, or any other of godgov's favored alphabets. Only you and me. If "they're" acting "in good faith" {belief}, the criminal bill of the early '90s prohibits "their" prosecution. Or, EVEN being responsible at any level. Criminal Bill indeed. Peace and love, George.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.