Rupert Goodwins' Diary 30.11.2001

Wednesday 28/11/2001

Now here's scary. Symantec has said that its antivirus software will not scan for the FBI's Magic Lantern keylogging software. This is a hidden program that the Feds can leave on your machine to report your keystrokes back to them, and since there's no conceptual difference between a hidden program doing naughty things for the Government and a Trojan reporting your passwords back to the hackers there's no reason your antivirus software shouldn't find it.

But if Symantec is going to deliberately stymie its software to not report it, then hackers -- who, one presumes, will be smart enough to spot Magic Lantern no matter what the powers that be do -- can immediately take advantage of the loophole and make their own invisible keylogger. Oh, no, says Symantec, we'll spot that. How? Of course, they can't say. It's secret. And, these days, any discussion of such things will probably result in you going to jail in the US.

So, the hackers are being given a free ride onto our computers courtesy of the spies. I would investigate this further, but as a non-US national I now have no rights in that country. It's now perfectly legal for me to be arrested, tried and executed entirely in secret by a US military tribunal, without any right to my choice of legal representative. And, of course, there is no free speech when it comes to discussing security issues, even if you do it in another county -- as Dmitry Sklyarov has found.

Scared yet? There's going to be more...