Woo hoo! You all is in trouble now!

Read the entire article here:

[url]www.msnbc.com/news/660096.asp?cp1=1[/url]

              ‘Magic Lantern’ part of new ‘Enhanced Carnivore Project’
                                                             By Bob Sullivan
                                                                     MSNBC

              Nov. 20 — The FBI is developing software capable
              of inserting a computer virus onto a suspect’s
              machine and obtaining encryption keys, a source
              familiar with the project told MSNBC.com. The
              software, known as “Magic Lantern,” enables
              agents to read data that had been scrambled, a
              tactic often employed by criminals to hide
              information and evade law enforcement. The
              best snooping technology that the FBI currently
              uses, the controversial software called
              Carnivore, has been useless against suspects
              clever enough to encrypt their files.




                                 MAGIC LANTERN installs so-called “keylogging”
                          software on a suspect’s machine that is capable of capturing
                          keystrokes typed on a computer. By tracking exactly what a
                          suspect types, critical encryption key information can be
                          gathered, and then transmitted back to the FBI, according
                          to the source, who requested anonymity.
                                 [b]The virus can be sent to the suspect via e-mail —
                          perhaps sent for the FBI by a trusted friend or relative. The
                          FBI can also use common vulnerabilities to break into a
                          suspect’s computer and insert Magic Lantern, the source
                          said.[/b]
                                 Magic Lantern is one of a series of enhancements
                          currently being developed for the FBI’s Carnivore project,
                          the source said, under the umbrella project name of Cyber
                          Knight.
                                 
                          MENTIONED IN UNCLASSIFIED DOCUMENTS
        Advertisement
                                 The FBI released a series of unclassified documents
                          relating to Carnivore last year in response to a Freedom of
                          Information Act request filed by the Electronic Privacy
                          Information Center. The documentation was heavily
                          redacted — most information was blacked out. They
                          included a document describing the "Enhanced Carnivore
                          Project Plan,” which was almost completely redacted.
                          According to the anonymous source, redacted portions of
                          that memo mention Cyber Knight, which he described as a
                          database that sorts and matches data gathered using various
                          Carnivore-like methods from e-mail, chat rooms, instant
                          messages and Internet phone calls. It also matches the files
                          with the necessary encryption keys.

"keylogging software", how high-tech! I wrote keylogging software as far back as 1986, but for different reasons. Anyone with half a brain can disable it in 3 seconds.

Ever seen a packet go from a very large fragmented TCP with a bad checksum - to a UDP with an external headder?
Ever have a NIC spontaneously change MAC?  
Ever see a box ARP for no apparent reason?
How about having a checkpoint box reboot and dump logs for no better reason than the phase of the moon?

- Life is full of strange and wondrous things. NEVER assume

However, you can send inhalation Anthrax via the good Ole fashioned US Mail, and they don't have a clue where it came from...[IMG]http://www.freakygamers.com/smilies/s/contrib/aahmed/tongue.gif[/IMG]

What's wrong with this picture?[IMG]http://www.freakygamers.com/smilies/s/contrib/aahmed/sad.gif[/IMG]

This probably just reflects a technology dump from intelligence to law enforcement.  The problem is that any court case involving this technology is going to blow secrecy wide open.  I can't see how the government could avoid disclosing sources and methods in a prosecution involving this technology.  

What if I just wrote a script with my password in it and ran it when I wanted to encrypt something?  Of course with their keylogging they would have already read whatever I wrote that was to be encrypted anyway I guess.  Oh well, just a thought.

Couldn't you use a computer off-line to draft and encrypt your message, transfer the encrypted file to a floppy and then e-mail from an on-line computer as an attachment?

I think they're trying to catch the lazy criminals.

Of course, if they're bothering to encrypt their messages, they aren't lazy, are they?

Oh, well, nevermind that.  We'll do it anyway and throw even more taxpayer money down the toilet! Woohoo! [whacko]

One more good reason to have good firewall software installed, anti-virus software running, and a Linux box! Or at least a secure Win 2000/XP machine (I know... I know...)

Av.

Plea bargain. Make sure the case doesn't get to trial, and none of the secrets come out. Or claim "national security".

Av.

This is why I run OpenBSD.  I'd love to see a keylogger virus for any non-Windows/MacOS platform.

Of course, there is that whole problem of physical access to your computer.  Once they've got that, they can do whatever they want.  Mount the drive and install keyloggers, backdoors, sniffers, etc.  An encrypted filesystem helps, but isn't a guarantee against a physical attack if the keydisk is in the floppy drive.

God Bless Texas

Having a username and password login to your machine will help some.

They may have physical access to your machine, but they only have a limited time to install software. They can't TAKE the machine since it is supposed to be secret, and if you came home with a bunch of feds in your home I think that would be suspicious.

Just have to slow them down enough.

Av.

Avalon logon and password won't do  much if they are monitoring your key strokes.

The issue was key logging. There are only a couple of ways to do this in Windows. I don't see how the issues you brought up relate to key logging.

If they can't get the keylogger onto your system, they don't know your username/password.

Thats why I have a BIOS password on my computers, and another username/password to login to the machine. I also have firewall software installed on each PC (DSL at home), and a good anti-virus program that is updated weekly.

Keyloggers and viruses don't work unless they get them onto your system. If they can't get access to your system, they can't install it, and if they can't install it, they can't monitor you.

Av.

Actually you *can* keylog with OpenBSD, or any unix for that matter (I've seen it in my line of work). All you need to do is modify the shell binary file to do so. Anyone with a moderate level of coding experience can accomplish this with the readily available source code.
Some sneaky spyware in use by private security firms (and probably government) will periodically pack up and scramble data into UDP/53 packets (or pad info into various IP packets) and send it off to a waiting collection computer. To your firewall and traffic logging software it just looks like a DNS request.
Also, trojans/spybugs can be embedded into ANY exe file you download. All they have to do is install a specialized transparent HTTP proxy on your upstream internet connection. You'd never know it unless the EXE had a special checksum routine (most don't).
Bios passwords aren't secure either, all they have to do is set the "reset bios" jumper on your motherboard, 3 minutes of work removing your computer's cover and viola!... they're in your system.
Remember, if you think you're secure, then you're not.

Welp, I have no clue what you guys are talking about...I guess if the FBI wants some of my cpu info, then they will have it.  I hate being computer illiterate.

I guess that's why I do it for a living... [:D]

I not worried about the FBI snooping in my system, nothing but games and network stuff. But if this software leaks out into the underground community, I can see problems. Somehow I don't think McAfee or Norton will detect this keylogging software (the FBI would make sure).  

Av.

Paul, I think you got that backwards. ARP seeks out the MAC address as the IP and nodename is already known. RARP is when the computer knows a MAC address and needs to associate an IP address for it. This is used for discless computers and DHCP.

Most OS' keep an ARP cache. On NT/2000 computers, you can type 'arp -a' to display all of the cached ARP requests. This done to minimize broadcasts. If you are on a Cisco router, you would type 'show arp' correspondingly.

ARPs are broadcasts which, under normal circumstances, are not forwarded outside of your local LAN (ie. doesn't pass through the router or gateway).

Yep - that's the ticket. The attached file could, be captured. But if it's encrypted, then the hacker is still left with the original problem.

I've heard of a method of dynamic encryption-decryption. With this technique, the encrypted file is sent along with the corresponding key needed to unlock it. The encryption pattern & its key are unique for each transfer. Using this method, if 2 messages are sent to a receiver, but only one is sent with its key, there could no way to use that key to unlock both messages - only the one sent with its key. The other has different encryption, and so it requires a different key to unlock it.

Anyone attempting to hack into a message sent this way would have had to intercept the message & its key simultaneously at the moment of transference.

I'm in my mid fifties, not puter literate at all. I have know idea what you people are talking about. At this age, I ain't about to do anything that would put me in the stir. If they viewed my puter files I wouldn't even know it. Just a few letters to my Congressman and Senators and booked marked gun and tool sites.
If they use it Constitutionally, and only for sole purpose of getting bad guys, have at it. "The times they are a changing"  I prefer my mushrooms on a dinner plate.

Man you guys really know alot about this computer stuff.  Me, I just put a check by the password box on Winzip when I zip files to prevent unauthorized reading of my "sensitive" files.  When I run Norton's Speed Disk, I check the box that causes it to write binary zeros on the hard disk once, now if I really had some really to hide, I would have the program write binary zeroes 3 times.

Actually, you could probably write a simple little program to check if someone installed a key logger in Windows. If they use the standard method, which consists of two forms of "Windows hooks", you can traverse the chain of hooks to indentify the processes that installed them. There are other way to key log in Windows, but hooks are the most common method used. Norton or McAfee AV could be updated to check for these kinds of key loggers very easily.

Can you say "Military Tribunals"?

I guess the bad guys will have to resort to using keyword phases to communicate. Example if I post that I have a pre-ban AR-15 for sale attack target "A".  If I post a have a post-ban AR-15 for sale attack target "B".  It makes it harder to communicate but they can still transmit simple instructions.

BIOS passwords don't mean jack squat unless it's a laptop or you have a PADLOCK on the case.

EVERY desktop motherboard has a jumper on it to disable the BIOS password to go straight into BIOS when you power on, you then select "Clear CMOS PASSWORDS" turn off the machine, move the jumper back and then turn the machine on...voila no password. do it all the time at work when customer's bring their PCs in for service and forget to give us the passwords.  Most laptops have to either be disasembled or have a "key plug" that you plug into the parallel port when you turn on the machine. I have one for Compaq notebooks that I got from Compaq when I got my certification with them.

just FYI

No_Expert

true about the battery...but, I have seen some GOOD motherboards where the password info is written to NVRAM.... NON-VOLATILE (sp?) RAM that pulling the battery won't clear, gotta do the jumper thing.  those are rare in most retail PCs... those are usually in servers and other high end units that come with the panel intrusion alarms.

Course, not many people run those at home.

No_Expert