DIRT-Magic Lantern Firm Barred from Gov Work
Nexus
nexus at patrol.i-way.co.uk
Thu, 20 Dec 2001 20:06:07 -0000
----- Original Message -----
From: "John Young" <jya@pipeline.com>
To: <ukcrypto@chiark.greenend.org.uk>
Sent: Thursday, December 20, 2001 4:44 PM
Subject: Re: Fw: [ISN] DIRT-Magic Lantern Firm Barred from Gov Work
> Arturo asked:
>
> >Does anybody found any reference with a stronger argument
> >than "is reportedly"?
>
> Now, nice, god-fearing, sober, honest programmers and
> security consultants will not want to read the following.
Bugger - bit late for this Pagan pisshead ;-)
Is Magic Lantern derived from DIRT ? Maybe, who knows - chances are they
are both derived from BO anyway, but that could be making an ass out of u
and me. What I do know is that there was no cDc involvement in either, and
Eric did approach an independant security group asking for 0-day exploits
for use as injection vectors so that the exploits and DIRT could be sold to
the FBI. The group said no due to ethical grounds. Not that I'm saying
LEA's are unethical of course, that _would_ be foolish.
What I find odd is that LEA's often have "lawful" entry rights into property
so why would they need to emulate l33t0 H4x0rs and try a remote compromise ?
It's a very hit & miss technique that's fraught with all sorts of problems.
least of all if it [Magic Lantern] ends up in the hands of someone with the
skillset to take it apart.
Cheers,
JJ