Announcement

Collapse
No announcement yet.

FBI is Watching: Magic-Lantern Virus

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • chrispadfield
    replied
    Originally posted by Chris Schreiber


    No, if they had a warrant, I wouldn't have a problem with it... it's just if they "infected" everyone with this hoping to catch bad people, then I have a big problem with it.
    Yup I agree. I just don't think they would be able to infect everyone without someone knowing.

    Leave a comment:


  • Chris Schreiber
    replied
    Originally posted by chrispadfield
    But if they choose isolated targets that they want to monitor I don't see how it is any different to tapping a phone line.
    No, if they had a warrant, I wouldn't have a problem with it... it's just if they "infected" everyone with this hoping to catch bad people, then I have a big problem with it.

    Leave a comment:


  • chrispadfield
    replied
    I am not convinced it is as bad as all that. It depends how it is done and what they mean by a virus. If they mean they send the virus to everyone via microsoft (who i can't imagine ever agreeing unless forced to) or another mechanism then sure that is bad. But if they choose isolated targets that they want to monitor I don't see how it is any different to tapping a phone line.

    And it is hardly hard to stop, just install a firewall. Unfortunatly most criminals will know this.

    Leave a comment:


  • Kaizen
    replied
    You can put clever vb script into an email and someone could be infected and not even know about it !

    Leave a comment:


  • Raz Meister
    replied
    Originally posted by Stallion
    You'll still have to open an email attachment to be infected.

    Personally, I don't use anti-virus software and I've NEVER had a single virus problem in over six years -- so this doesn't worry me. Just don't double click executables sent from a .gov email address... ;-)
    If you're using Outlook then some viruses auto-execute JUST by downloading it!

    Leave a comment:


  • JamesUS
    replied
    The day this is included as standard in Windows (and I've got little doubt that it will be) will be the day I buy a mac

    Like Stallion I don't use a virus scanner, so I'm not quite as bothered about whether the scanners detect it as everyone else. I still think this would be a really bad move for the FBI and the Computer Industry though.

    Leave a comment:


  • Martin
    replied
    Originally posted by Chris Schreiber
    I think this is absolutely horrible... it's ashame that the terrorist attacks have taken away some of our civil liberties.

    I was happy about this:
    Major anti-virus vendors this week said they would not voluntarily cooperate with the FBI and said their products would continue to be updated to detect and prevent viruses, regardless of their origin, unless there was a legal order otherwise.
    Then maybe you need to read this:

    http://news.excite.com/news/bw/01121...uter-economics

    Leave a comment:


  • Skeptical
    replied
    Originally posted by Stallion
    I believe I read that somewhere...Slashdot I believe...but you're right, they could work with Microsoft to implement it at the OS level. Of course, that's why we have open source software... ;-)

    Then again, I think the government has better things to do than snooping on my work -- and if not, its not like I'm doing anything worth hiding.
    No wonder China and other countries don't like to use Windows and opt instead for Linux!

    Leave a comment:


  • Stallion
    replied
    Argh, too many damn problems with MS, its hard to keep on top of it all. ;-)

    Thanks for the heads up...

    Leave a comment:


  • TommyBALL
    replied
    Originally posted by Stallion
    That problem's not as bad as its made out to be. You'd have to select "Open from remote location" on a mysterious file dialog which comes up. Granted, it won't say "trojan.exe", but you'd have to wonder why IE is asking you to execute a "README.TXT".
    Wrong. This thing will execute automatically with NO dialog box .. You are refering to this bug:
    Lastly there's a flaw related to the display of the names of downloaded files. It's been discovered that it might be possible for a cracker to misrepresent the name of the file in a dialogue box, which could be used to fool users into accepting unsafe file types. Again the bug affects both IE 5.5 and 6.0.
    ...which is not the same bug, and somewhat less of a problem for technical geeks like you and me. 99% of the other users out there on the other hand...
    Last edited by TommyBALL; Fri 14th Dec '01, 10:00pm.

    Leave a comment:


  • Stallion
    replied
    That problem's not as bad as its made out to be. You'd have to select "Open from remote location" on a mysterious file dialog which comes up. Granted, it won't say "trojan.exe", but you'd have to wonder why IE is asking you to execute a "README.TXT".

    Leave a comment:


  • TommyBALL
    replied
    If you guys really want a scare, read this!
    The first, and by far the worst, vulnerability involves a flaw in the way IE 6 handles Content-Disposition and Content-Type header fields in an HTML.stream, which determine how a downloaded file is handled. The flaw means if an attacker altered the HTML header information in a certain way, it could be possible to make IE believe that an executable file was a different type of file, such as a text file that could be opened with minimal risk.

    The vulnerability, which affects IE 6.0 only and not IE 5.5, means a cracker could create a Web page or HTML mail that, when opened, "would automatically run an executable on the user's system". It was discovered Jouko Pynnonen of Oy Online Solutions.
    And there is more...

    14/12/2001 - MS releases mother of all IE security patches
    http://www.theregister.co.uk/content/55/23410.html
    Last edited by TommyBALL; Fri 14th Dec '01, 9:55pm.

    Leave a comment:


  • George L
    replied
    one of my members said we could use PGP ?

    Leave a comment:


  • Stallion
    replied
    I believe I read that somewhere...Slashdot I believe...but you're right, they could work with Microsoft to implement it at the OS level. Of course, that's why we have open source software... ;-)

    Then again, I think the government has better things to do than snooping on my work -- and if not, its not like I'm doing anything worth hiding.

    Leave a comment:


  • Goldfinger
    replied
    Originally posted by Chris Schreiber


    But how do you know email will be their distribution method? What's to keep them from making a deal to go softer on Microsoft with the monopoly case in return for adding this virus into the next version of Windows?

    if that happens look for Linux, FreeBSD, OpenBSD, Unix, Mac OS X, to all become very popular .

    Leave a comment:

widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
Working...
X