Antivirus software will ignore FBI spyware: solutions
Tim May
tcmay at got.net
Mon Nov 26 16:37:12 PST 2001
[I sent this a couple of hours ago, hasn't appeared on my feed, lne.com.
Apologies if you get it twice.]
On Monday, November 26, 2001, at 11:49 AM, Sunder wrote:
> Great and wonderful except:
>
> 1. If such spyware has already been installed on your system you can't
> trust your os therefore:
>
> a. It may use your OS to hide the key capture log, so you
> won't be able to just watch files. Think of a kernel patch
> that removes all references to a specific file, not just
> sets it to be hidden.
Yes, but this is probably beyond current and foreseeable attacks. I
don't dispute that all sorts of advanced attacks are possible, just that
the fixes this guy suggested are "much better than doing nothing."
Even _secure_ OSes (KeyCOS, for example) are vulnerable to attacks when
physical access is gained...doesn't make it easy, though.
>
> 4. If you live in a crowded area, your iPod can be lifted off you
> in a false mugging, or break in, pick pocketting while you're at a
> restaurant, movie, etc.
This implies a level of surveillance/commitment beyond what most FBI
attacks are at.
More importantly, theft of my iPod would then trigger certain actions.
Cancelling my existing key and generation of a new one.
All of these kinds of "they've got your hardware" attacks are present
with nearly all systems. All require more work than the simple insertion
of a keystroke logger involves. It's all measures and countermeasures.
>
> 10. Ordered any new copies of a bit of software? Maybe they have a deal
> with FedEx, UPS, the Mailman. Maybe what you're getting is the upgrade
> and then some. How can you tell that copy of SmallTalk doesn't carry an
> extra bit of code just for you? How can you tell that the latest patch
> to
> MacOS you've just downloaded really came from Apple? Sure DNS said it
> was
> from ftp.apple.com but how do you know that the router upstream from
> your
> internet provider didn't route your packets via ftp.fbi.gov?
Paranoia can be a dangerous thing.
--Tim May
"Gun Control: The theory that a woman found dead in an alley, raped and
strangled with her panty hose, is somehow morally superior to a woman
explaining to police how her attacker got that fatal bullet wound"
--Tim May
"That government is best which governs not at all." --Henry David Thoreau
More information about the cypherpunks-legacy
mailing list