IP: FBI software cracks encryption wall

[David Farber <dave () farber net>]

> From: David Lesher <wb8foz () nrk com>
>
> http://www.msnbc.com/news/660096.asp?cp1=1
>
> FBI software cracks encryption wall
>
> 'Magic Lantern' part of
> new 'Enhanced Carnivore Project'
>
> By Bob Sullivan
> MSNBC
>
> Nov. 20 - The FBI is developing software capable of
> inserting a computer virus onto a suspect's machine and
> obtaining encryption keys, a source familiar with the
> project told MSNBC.com. The software, known as "Magic
> Lantern," enables agents to read data that had been
> scrambled, a tactic often employed by criminals to hide
> information and evade law enforcement. The best snooping
> technology that the FBI currently uses, the controversial
> software called Carnivore, has been useless against suspects
> clever enough to encrypt their files.
>
> MAGIC LANTERN installs so-called "keylogging"
>
> software on a suspect's machine that is capable of capturing
> keystrokes typed on a computer. By tracking exactly what a
> suspect types, critical encryption key information can be
> gathered, and then transmitted back to the FBI, according to
> the source, who requested anonymity.
>
> The virus can be sent to the suspect via e-mail - perhaps
> sent for the FBI by a trusted friend or relative. The FBI
> can also use common vulnerabilities to break into a
> suspect's computer and insert Magic Lantern, the source
> said.
>
> Magic Lantern is one of a series of enhancements currently
> being developed for the FBI's Carnivore project, the source
> said, under the umbrella project name of Cyber Knight.
>
> MENTIONED IN UNCLASSIFIED DOCUMENTS
>
> The FBI released a series of unclassified documents relating
> to Carnivore last year in response to a Freedom of
> Information Act request filed by the Electronic Privacy
> Information Center. The documentation was heavily redacted -
> most information was blacked out. They included a document
> describing the "Enhanced Carnivore Project Plan," which was
> almost completely redacted. According to the anonymous
> source, redacted portions of that memo mention Cyber Knight,
> which he described as a database that sorts and matches data
> gathered using various Carnivore-like methods from e-mail,
> chat rooms, instant messages and Internet phone calls. It
> also matches the files with the necessary encryption keys.
>
> MSNBC.com repeatedly contacted the FBI to discuss this
> story. However, after three business days the FBI was still
> requesting more time before commenting. MSNBC.com has filed
> a Freedom of Information Act request with the bureau.
>
> Word of the FBI's new software comes on the heels of a major
> victory for the use of Carnivore. The USA Patriot Act,
> passed last month, made it a little easier for the bureau to
> deploy the software. Now agents can install it simply by
> obtaining an order from a U.S. or state attorney general -
> without going to a judge. After-the-fact judicial oversight
> is still required.
>
> FBI HAS ALREADY STOLEN KEYS
>
> If Magic Lantern is in fact used to steal encryption keys,
> it would not be the first time the FBI has employed such a
> tactic. Just last month, in an affidavit filed by Deputy
> Assistant Director Randall Murch in U.S. District Court, the
> bureau admitted using keylogging software to steal
> encryption keys in a recent high-profile mob case. Nicodemo
> Scarfo was arrested last year for loan sharking and running
> a gambling racket. During their investigation, Murch wrote
> in his affidavit, FBI agents broke into Scarfo's New Jersey
> office and installed encryption-key-stealing software on the
> suspect's machine. The key was later used to decrypt
> critical evidence in the case.
>
> Magic Lantern would take the method used in Scarfo one step
> further, allowing agents to "break in" to a suspect's office
> and install keylogging software remotely. But in both cases,
> the software works the same way.
>
> It watches for a suspect to start a popular encryption
> program called Pretty Good Privacy. It then logs the
> passphrase used to start the program, essentially given
> agents access to keys needed to decrypt files.
>
> Encryption keys are unbreakable by brute force, but the keys
> themselves are only protected by the passphrase used to
> start the Pretty Good Privacy program, similar to a password
> used to log on to a network. If agents can obtain that
> passphrase while typed into a computer by its owner, they
> can obtain the suspect's encryption key - similar to
> obtaining a key to a lock box which contains a piece of
> paper that includes the combination for a safe.
>
> BREAKING NEW GROUND
>
> David Sobel, attorney for the Electronic Privacy Information
> Center and outspoken critic of Carnivore, did not outright
> reject the notion of a Magic-Lantern-style project, but
> raised several cautions.
>
> "This is breaking new ground for law enforcement, to be
> planting viruses on target computers," Sobel said. "It
> raises a new set of issues that neither Congress nor the
> courts have ever dealt with."
>
> Stealing encryption keys could be touchy ground for federal
> investigators, who have always fretted openly about
> encryption's ability to help criminals and terrorists hide
> their work. During the Clinton administration, the FBI found
> itself on the losing side of a lengthy public debate about
> the federal government's ability to circumvent encryption
> tools. The most recently rejected involved so-called key
> escrow - all encryption keys would have been stored by the
> government for emergency recall.
>
> LEVELS PLAYING FIELD WITH CRIMINALS
>
> A spokesperson for Rep. Dick Armey (R-Texas), said he
> thought Magic Lantern, as described to him by MSNBC.com, was
> considerably more palatable than key escrow.
>
> "Citizens should have ability to keep their files and
> e-mails safe from bureaucratic prying eyes. But this would
> only be usable against a limited set of people. It's not as
> troubling as saying the government should have all the
> keys," said the Armey spokesperson. He also said Magic
> Lantern didn't raise the same Fourth Amendment concerns
> regarding search and seizure as Carnivore, because Magic
> Lantern apparently targets one suspect at a time. Armey, an
> outspoken Carnivore critic, has complained about the
> potential for the FBI's Internet sniffing software to
> capture too much data as packets fly by headed for a suspect
> - known in the legal world as an "overly broad" search.
>
> Sobel was concerned that the keylogging software itself
> could result in overly broad searches, since it would be
> possible to observe every keystroke entered by a suspect,
> even if a court order specified a search only for encryption
> keys. Developers in the Scarfo case went to some trouble to
> limit the data stored by the keylogging software installed
> on Scarfo's computer, shutting the system on and off in an
> attempt to comply with the court order, according to Murch's
> affidavit. But given the confusion surrounding keylogging
> and encryption, and the mystery surrounding projects like
> Carnivore, Sobel said he's worried about the bureau's use of
> software that hasn't been clearly explained to the public or
> the Congress.
>
> "It is a matter of what protections are in place. At this
> point, the best documented case is Scarfo, and that raises
> concerns," he said. "The federal magistrate who approved the
> technology in Scarfo had no understanding of what this thing
> was. I hope there can be meaningful oversight (for Magic
> Lantern)."
>
>
>
> --
> A host is a host from coast to coast.................wb8foz () nrk com
> & no one will talk to a host that's close........[v].(301) 56-LINUX
> Unless the host (that isn't close).........................pob 1433
> is busy, hung or dead....................................20915-1433


For archives see:
http://www.interesting-people.org/archives/interesting-people/