Magic Lantern (software)
|Original author(s)||Federal Bureau of Investigation|
|Operating system||Microsoft Windows|
Magic Lantern is keystroke logging software developed by the United States' Federal Bureau of Investigation. Magic Lantern was first reported in a column by Bob Sullivan of MSNBC on 20 November 2001 and by Ted Bridis of the Associated Press.
How it works
Magic Lantern can reportedly be installed remotely, via an e-mail attachment or by exploiting common operating system vulnerabilities, unlike previous keystroke logger programs used by the FBI. It has been variously described as a virus and a Trojan horse. It is not known how the program might store or communicate the recorded keystrokes.
In response to a Freedom of Information Act request filed in 2000 by the Electronic Privacy Information Center, the FBI released a series of unclassified documents relating to Carnivore, which included the "Enhanced Carnivore Project Plan". Sullivan's confidential source said that redacted portions of that document mention "Cyber Knight",
|“||a database that sorts and matches data gathered using various Carnivore-like methods from e-mail, chat rooms, instant messages, and Internet phone calls. It also matches files with captured encryption keys.||”|
Example deployment method
The FBI intends to deploy Magic Lantern in the form of an e-mail attachment. When the attachment is opened, it installs a trojan horse on the suspect's computer. The trojan horse is activated when the suspect uses PGP encryption, often used to increase the security of sent e-mail messages. When activated, the trojan horse will log the PGP password, which allows the FBI to decrypt user communications.
Spokesmen for the FBI soon confirmed the existence of a program called Magic Lantern. They denied that it had been deployed, and they declined to comment further.
Antivirus vendor cooperation
The public disclosure of the existence of Magic Lantern sparked a debate as to whether anti-virus companies could or should detect the FBI's keystroke logger.
Bridis reported that Network Associates (maker of McAfee anti-virus products), had contacted the FBI following the press reports about Magic Lantern to ensure their anti-virus software would not detect the program. Network Associates issued a denial, fueling speculation as to which anti-virus products might or might not detect government trojans.
CNET News has surveyed 13 security companies about their contacts with and level of cooperation with law enforcement authorities.
Graham Cluley, a technology consultant from Sophos, said "We have no way of knowing if it was written by the FBI, and even if we did, we wouldn’t know whether it was being used by the FBI or if it had been commandeered by a third party". Another reaction from this came from Marc Maiffret, chief technology officer and cofounder of eEye Digital Security who states: "Our customers are paying us for a service, to protect them from all forms of malicious code. It is not up to us to do law enforcement's job for them so we do not, and will not, make any exceptions for law enforcement malware or other tools."
When asked if Magic Lantern would need a court order to deploy, FBI spokesman Paul Bresson would not comment, stating: "Like all technology projects or tools deployed by the FBI it would be used pursuant to the appropriate legal process." Proponents of Magic Lantern argue the technology would allow law enforcement to efficiently and quickly decrypt messages protected by encryption schemes. Implementing Magic Lantern does not require physical access to a suspect's computer, unlike Carnivore, a predecessor to Magic Lantern, since physical access to a computer would require a court order.
Following the media coverage of Magic Lantern, F-Secure (a Finnish anti-virus company), announced their policy on detecting government spying programs: "F-Secure Corporation would like to make known that we will not leave such backdoors to our F-Secure Anti-Virus products, regardless of the source of such tools. We have to draw a line with every sample we get regarding whether to detect it or not. This decision-making is influenced only by technical factors, and nothing else, but within the applicable laws and regulations, in our case meaning EU laws.
We will also be adding detection of any program we see that might be used for terrorist activity or to benefit organized crime. We would like to state this for the record, as we have received queries regarding whether we would have the guts to detect something obviously made by a known violent mafia or terrorist organization. Yes we would."
- Backdoor (computing)
- Carnivore (software)
- Computer and Internet Protocol Address Verifier, a more recent FBI tool
- Main Core
- MiniPanzer and MegaPanzer
- PRISM (surveillance program)
- R2D2 (trojan)
- Sullivan, Bob (2001-11-20). "FBI software cracks encryption wall". MSNBC. Retrieved 2007-11-20.
- Ted Bridis. "FBI Develops Eavesdropping Tools," Washington Post, November 22, 2001.
- FBI's Secret Spyware Tracks Down Teen Who Made Bomb Threats[dead link] July 18, 2007 Wired Magazine
- [Threat of Terrorism On U.S. Infrastructure December 31, 2001 The New York Times
- "FBI Has a Magic Lantern". Usgovinfo.about.com. Retrieved 2009-02-23.
- Article in the Village Voice, 24 May 2002
- "Invasive Software: Who's Inside Your Computer?" (PDF). George Lawton. July 2002. Retrieved 2009-03-12.
- http://www.kaspersky.com (2001-12-11). "The FBI's "Magic Lantern" Shines Bright". Kaspersky.com. Retrieved 2009-02-23.
- Article in Wired, 29 November 2001
- CNET News - Security firms on police spyware, in their own words, 17 July 2007
- Jackson, William (2001-12-06). "Antivirus vendors are wary of FBI's Magic Lantern – Government Computer News". Gcn.com. Retrieved 2009-02-23.[dead link]
- McCullagh, Declan (2007-07-17). "Will security firms detect police spyware? – CNET News". CBS Interactive, Inc. Retrieved 2009-02-23.
- "FBI Confirms ‘Magic Lantern’ Project Exists" (PDF). Elinor Mills Abreu. At Home Corporation. December 31, 2001. Retrieved 2009-03-12.[dead link]
- "THE CASE FOR MAGIC LANTERN: SEPTEMBER 11 HIGHLIGHTS THE NEED FOR INCREASED SURVEILLANCE" (PDF). Christopher Woo & Miranda So. Harvard Journal of Law & Technology. 2002. Retrieved 2009-03-12.
- "IMPLICATIONS OF SELECT NEW TECHNOLOGIES FOR INDIVIDUAL RIGHTS AND PUBLIC SAFETY". Amitai Etzioni. Harvard Journal of Law & Technology. 2002. Retrieved 2009-03-12.[dead link]
- "F-Secure Corporation's policy on detecting spying programs developed by various governments". F-Secure. Retrieved 25 June 2011.
- Amanda So and Christopher Woo. "The Case for Magic Lantern: September 11 Highlights the Need for Increased surveillance," Harvard Journal of Law and Technology. v15, p521. (discusses the legal framework surrounding the use of keystroke loggers in law enforcement)
- FBI sought approval to use spyware against terror suspects. Magic Lantern reloaded