×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

461 comments

first post (-1, Troll)

Anonymous Coward | more than 12 years ago | (#2697491)

first post

1st (-1, Troll)

Anonymous Coward | more than 12 years ago | (#2697494)

grammatically correct post.

It's = short for "it is"
Its = the word you were looking for in your writeup

Re:1st (-1, Offtopic)

Anonymous Coward | more than 12 years ago | (#2697509)

Obviously your grammar does not include the full-stop '.'. Nice try.

Brits GO HOME! (0)

Anonymous Coward | more than 12 years ago | (#2697591)

The fact is, Brits don't know shit about grammar. You fucking Brit's don't even know that a "full stop" is called a "period". Morons!

Re:Brits GO HOME! (0)

Anonymous Coward | more than 12 years ago | (#2697635)

My girlfriend will be starting her periods soon.

First Pist! (-1, Troll)

Anonymous Coward | more than 12 years ago | (#2697498)

Lame filler for a lame filter!

ITS (2, Informative)

Building (6295) | more than 12 years ago | (#2697503)

ITS ITS ITS ITS ITS! NOT IT'S! AAAAAAAAGH! http://angryflower.com/bobsqu.gif [angryflower.com]

Re:ITS (-1, Offtopic)

Anonymous Coward | more than 12 years ago | (#2697527)

I see you have mastered the apostrophe, but you have yet to master the deadly arts of the comma and period, young one.

Re:ITS (MOD PARENT UP) (2, Offtopic)

corky6921 (240602) | more than 12 years ago | (#2697537)

LOL... glad to see you are as irritated by that as I am. Thanks for the post.

AGAIN: If you can't replace "it's" with "it is" in the sentence you were using, use "its". "it is existence" would not be correct; therefore, the correct form of the word is "its".

I don't want to be a troll, but I'm really sick of seeing this kind of amateurish grammar on Slashdot, and I know I'm not the only one. Taco seems to have given up. He always uses "its", but that's not correct either! Remember the "it is" rule stated above, and you'll be correct every time.

P.S. "Better then" is not correct either. When comparing, use "than."

Re:ITS (-1, Flamebait)

Anonymous Coward | more than 12 years ago | (#2697640)

Don't panic! The grammar nazi will save us all.

They can get us Linux users too (2, Troll)

dfeldman (541102) | more than 12 years ago | (#2697504)

As an administrator of several Linux boxes at work and at home, I was wondering whether or not I could be affected by the "Magic Lantern" program. The results came in, and quite frankly, I am frightented.

To start, I talked with my colleague's brother, "Joe," who is a criminal defense attorney. Joe told me that he has been following the Magic Lantern debate very closely, because his sources indicate that the FBI will be using it in many, many cases to prevent the possibility of seizing equipment with undecryptable data on it. In fact, it has been rumored that the proposed new FBI policy regarding searches of premises requires agents to attempt to use Magic Lantern (which technically counts as a consensual search) prior to even obtaining a warrant, if the warrant is to seize computer hardware.

Joe is not very familiar with computer technology, but he did say that a large part of the Magic Lantern program involves contacting ISPs to allow the FBI to alter network data destined for the suspect's computer. I will take that at face value because they seem to have no problem pulling rank on ISPs. I suspect that their "do it or we'll arrest you" attitude plays a big part in this.

With all of that in mind, I decided to find out just how vulnerable I was. I set up a stock Debian 2.2r3 box, and a stock Red Hat 7.2 box. Both used the installation CDs produced at least a few months ago, so they were both vulnerable to the wu-ftpd exploit and would need to be upgraded for production use.

My goal was simple: I needed to play the part of the FBI, and trick my machines into accepting a trojaned version of the new wu-ftpd package.

First, I set up a transparent proxy on my gateway box, which is used to split my cable modem connection amongst my home machines and those of several neighbors. I used a program called "squirm" to rewrite URLs ending in .deb or .rpm so that they would be redirected to my local web server, from which the trojanned .deb and .rpm files would be served.

Second, I produced trojaned .deb and .rpm files. The .deb file was trivial to modify, as only a checksum stood between me and a valid hacked version. The .rpm was a bit more difficult, because RedHat signs their packages with a PGP key. However, once I rebuilt the package and did not sign it with PGP, I had a fixed package.

Third, I went to the Debian box and typed 'apt-get update ; apt-get upgrade'. After a few routine prompts, none of which triggered security alerts, the box was rooted by my "custom" package.

Fourth, I went to the Redhat box and did an 'rpm -U' pointed at the updates.redhat.com server. I got my trojanned RPM back, with no warnings or prompts to tell me it hasn't been signed. And I had an ftp server with a new backdoor up in a matter of minutes.

So, to summarize: the FBI can easily set up a transparent proxy between you and the Internet, and trick your OS into installing malware. You're damned if you do and you're damned if you don't, because you need to download the wuftpd-of-the-week sometime.

As a matter of comparison, my Windows 2000 box has no such vulnerability. The first time I went to Windows Update, I checked the box that said "always trust content from Microsoft Corporation." Therefore, only Microsoft's real certificate will be accepted by my machine. Even if the FBI forces Verisign to issue an impostor certificate, it will be detected and thwarted.

Linux distributions need to band together and find a trusted individual who will be responsible for signing all packages and verifying that they do not contain backdoors. That is the only way to solve this issue. Personally, I nominate Eric Raymond, because of his widespread respect from the community and business leaders alike. Additionally, he is a staunch libertarian and would not cave to government pressure to insert backdoors into something that he has signed. I believe that by charging the distribution vendors a small fee per package, ESR can again achieve financial success for himself and his family.

This is a serious issue for Linux users and I believe it should have been addressed years ago. That said, now is not too late and definitely not too early. I look forward to seeing this feature in all future releases of the major Linux distributions.

df

Congratulations. (0, Troll)

Anonymous Coward | more than 12 years ago | (#2697525)

This is a very nice new troll. Well done, and I hope it serves you well in your quest for angry replies.

Let me start the ball rolling by saying

"You fucking ignoramous!!!!"

:-) Again, congrats...you obviously put plenty of work into this.

Re:Congratulations. (1, Funny)

Anonymous Coward | more than 12 years ago | (#2697535)

Two "interesting" in the time it took to write my reply! Wow ... it was a better troll than I originally realised.

You're my new hero!

It could be fixed soon (1)

All Dead Homiez (461966) | more than 12 years ago | (#2697531)

I haven't heard anything official, but I saw a couple of remarks on linux.redhat on usenet that indicated that Redhat was going to strengthen the way their PGP/GPG checking on rpms worked to prevent unauthorized binaries from being surreptitiously installed.

No word on Debian AFAIK, but I don't really support it so I wouldn't know.

-all dead homiez

Re:They can get us Linux users too (1)

ruvreve (216004) | more than 12 years ago | (#2697540)

So in one sentence your saying "Linux users are more vunerable then somebody using a *cough* microsoft product?."

Nothing to see here fokes (-1, Flamebait)

Anonymous Coward | more than 12 years ago | (#2697559)

...just another example of what happens when you use shitty free software.

I learnt along time ago that you only ever get what you pay for.

Linux == Free == Shit

Another reason to not use packages. (2)

SaDan (81097) | more than 12 years ago | (#2697572)

Grab the source, check your code. Don't trust downloadable binaries any farther than you can throw your computer.

Not an easy task (2, Insightful)

dfeldman (541102) | more than 12 years ago | (#2697587)

Installing a new program could take several extra hours if I were forced to download, audit, and compile the source.

The super-paranoid will be safe from Magic Lantern because they probably don't upgrade software often and they probably patch security holes themselves. But for the rest of us who want to *use* our computers, this is an enormous problem.

df

Never claimed it would be easy. (1)

SaDan (81097) | more than 12 years ago | (#2697609)

But, there's one solution to the problem.

Another would be hella encryption on downloads with some new kind of checksumming procedure.

I dunno... Just throwing ideas out here, people.

Re:Another reason to not use packages. (2)

isorox (205688) | more than 12 years ago | (#2697597)

Grab the source, check your code. Don't trust downloadable binaries any farther than you can throw your computer.

Lets assume that you do, do you really have the time to check every line of code in wuftpd, or sendmail, or the kernel, or any other download?

All it would take is transparent rewrites from kernel.org to a new compromised kernel.

Can FTP affected by this?

Re:Another reason to not use packages. (1)

daemonc (145175) | more than 12 years ago | (#2697605)

Right. For every program I ever want to download, I'm going to take the time to read and understand every single line of code, so I can be sure no one has slipped a trojan into the source code.

Re:They can get us Linux users too (0)

Anonymous Coward | more than 12 years ago | (#2697598)

Unless Microsoft works closely with the FBI to create software which is subsequently stamped with Microsoft's digital signature.

NSAkey ring a bell? HOW did that get in there?

Whoops! You mean Microsoft is helping to spy on me? GET OUT!

Re:They can get us Linux users too (5, Informative)

ShaunC (203807) | more than 12 years ago | (#2697603)

The first time I went to Windows Update, I checked the box that said "always trust content from Microsoft Corporation." Therefore, only Microsoft's real certificate will be accepted by my machine.
So what happens if Microsoft allows Magic Lantern to be bundled inside the next .cab you get from windowsupdate.com - which, of course, is signed by Microsoft? You raised the point that ISPs tend to bend over, so you can't rule out the possibility that Microsoft might do the same.

Shaun

Re:They can get us Linux users too (2, Interesting)

dbitter1 (411864) | more than 12 years ago | (#2697606)

A Slackware user myself, I am somewhat used to retrieving the source of my updates and compiling them myself. Although I don't check all of the PGP keys, most of the source I update regularly DOES have a digital signature.

Technically, Windows Update could insert something that removes the need for Microsoft's signatures and the Debian example would work just as well for our friends at M$.


As a similar matter of example: With W2K SP/2, M$ decided to disable the ability to disable Windows File Protection. A nice concept in some respects, but forces you to keep whatever files M$ thinks you should have... say... NetMeeting (or any other program you no longer get to uninstall.)

A bit of research, and a good-ole 2 bytes of NOP carefully inserted disables WFP. I was a bit shocked when I realized it did work! I boot W2K now, and although no WFP causes an event log message, the only way to tell my SFC.DLL is hacked is to test the signature manually! No "A Windows File Fails Integrity Checks" error message comes up. It could have just as well been the FBI's hack. Or, worse yet, the FBI could use WFP to ASSURE that you can't replace their files with a clean, non-recording version!...


Shiver

P.S. Try using SSH + SFTP. Beats the WUFTP problems and the tricky firewall rules FTP bringeth.

Re:They can get us Linux users too (2)

Russ Steffen (263) | more than 12 years ago | (#2697631)

I checked the box that said "always trust content from Microsoft Corporation." Therefore, only Microsoft's real certificate will be accepted by my machine. Even if the FBI forces Verisign to issue an impostor certificate, it will be detected and thwarted.

I do not think that means what I think you think it means.

You are wrong in a couple of ways: 1. What makes you think the FBI wouldn't be able to get a valid signature on Magic Lantern if they so desired? 2. You haven't actually denied non-properly signed software, you just made it so that properly signed software can be installed without you knowing about it. 3. The signature part is only checked by the windows installer service. You can put software on a machine without using the installer service. The faint sound of NIMDA and Code-Red poinding on my firewall is proof of that.

Re:They can get us Linux users too (5, Informative)

seifried (12921) | more than 12 years ago | (#2697641)

Most major vendors (with the notable exception of Debian =( ) sign packages using GNuPG. You can check these signatures using rpm. There is no need to get Eric raymond to sign stuff (and he's supposed to read all the source code, then build all the packages on his own machines? excuse me?). I suggest reading the following two security advisories, which point out some mistakes that have been made, and one possible attack, but also largely corrected by vendors, and can be easily verified by users with minimal effort.

Devil in the details - why package signing matters [seifried.org]

Red Hat 7.2 GnuPG signed RPM verification fails on distribution files [seifried.org]

RPM PGP/GnuPG verification bug [seifried.org]

Re:They can get us Linux users too (2)

iabervon (1971) | more than 12 years ago | (#2697649)

Out of curiousity, was there any earthly reason for the box you were dealing with to be running an ftp daemon?

Re:They can get us Linux users too (5, Informative)

Tackhead (54550) | more than 12 years ago | (#2697656)

> I checked the box that said "always trust content from Microsoft Corporation." Therefore, only Microsoft's real certificate will be accepted by my machine. Even if the FBI forces Verisign to issue an impostor certificate, it will be detected and thwarted.

You, sir, are not merely a troll, but an expert troll, and I applaud you for a job well done! Thanks for the best laugh I've had this thread.

References: Slashdot article: Don't Trust Code Signed by 'Microsoft Corporation' [slashdot.org]

Microsoft bulletin detailing story of VeriSign issuing two Class 3 code-signing digital certificates to an individual fraudulently claiming to be a Microsoft employee: Erroneous VeriSign-Issued Digital Certificates Post Spoofing Hazard [microsoft.com]

ITS, damnit! (0)

Anonymous Coward | more than 12 years ago | (#2697506)

If you can't replace the word "it's" with "it is" in a sentence, use "its". Really, how hard is it?

Oh, wait, Taco still hasn't learned the difference between "then" and "than". (Hint: "better then" is not proper English.)

Anti-virus software (0, Troll)

Ryu2 (89645) | more than 12 years ago | (#2697508)

Major anti-virus vendors this week said they would not voluntarily cooperate with the FBI and said their products would continue to be updated to detect and prevent viruses, regardless of their origin, unless there was a legal order otherwise.

I thought that the antivirus companies had AGREED to NOT make their programs detect "Magic Latern"???

Re:Anti-virus software (1)

Merik (172436) | more than 12 years ago | (#2697643)

When this story originally surfaced, I think only Mcaffree(sp?) anounced that thier software would not detect the "Magic Latern". The no others I can think of said they would leave a backdoor open.

Wonder if the people at Mcaffree changed thier minds when they saw they would be the only one.

Paranoia (4, Interesting)

Jebediah21 (145272) | more than 12 years ago | (#2697510)

I'm not worried about Magic Lantern. I'm worried about the stuff we haven't heard about yet. Really, if the FBI wants to spy on citizens (or criminals for that matter) there is no way they would let their ideas be known.

Re:Paranoia - the iceberg (1)

ba-iii (531014) | more than 12 years ago | (#2697596)

Exactly. Thats what i always wonder about whenever they show stuff on TV which seems to us like inside stuff and a show-all policy.
I feel like i am sitting on on top of the largest iceberg.
nice to know, and thanks, but really - what else?

"Welcome to a Brave New World!" (0)

Anonymous Coward | more than 12 years ago | (#2697514)

Anyone else for getting a satilitte modem and solar panels and move with me up to the mountains?

Re:"Welcome to a Brave New World!" (1, Funny)

Anonymous Coward | more than 12 years ago | (#2697588)

Are you male or female?

Mr. FBI Man!!! (-1)

The WIPO Troll (267426) | more than 12 years ago | (#2697515)

Hello, Mr. FBI Man, would you fuck me? I'm a flaming homosexual faggot, like I believe you to be, and would very much enjoy locking you in my basement, tying you to a chair, stripping you naked, and spooging my jizz-snot all over your smooth, child-like pudgy body. How loud do you scream when someone flogs you between your legs with a leather whip?

Do you have a foot-fetish? Would you like to suck on my toes? Can I whip your feet? How loud will you squeal then?

Do you enjoy little boys? I have quite a harem of little boys myself (I borrow them from Jon Katz) and if you enjoy it, you can use any of their smooth, hairless little bodies to your liking. The youngest quite enjoys "bukkake" sex if you know what that means.

Email me if you're interested. wipotroll@hotmail.com!

surprised? (2)

spacefem (443435) | more than 12 years ago | (#2697516)

I'm can't believe they admitted it, talk about a smoking gun. Public opinion is just now turning towards questioning the "anti-terrorist" actions of our government. We could have figured out they were spying on us, I wonder what force inside made them be honest about it for once.

Re:surprised? (0)

webwench_72 (541358) | more than 12 years ago | (#2697568)

Why were they honest about it now? Simple: this is the best political climate the FBI could have asked for to reveal something like this. Surveys show that most people, given the 9-11 attacks, are more than willing to trade freedom for security.

"A recent ABC/Post survey found two out of three people expressing willingness to surrender "some of the liberties we have in this country to crack down on terrorism." Cole attributes this not only to a heightened concern for safety, but to the fact that the majority are not generally affected--that is, it's not their relatives being detained and questioned." (Taking Liberties: Fear and the Constitution [prospect.org] )

After all, if you're innocent, what do you have to worry about anyway? :grin:

FBI virus (0)

Anonymous Coward | more than 12 years ago | (#2697517)

How is this different than any other "Hacker" tool?
Seems to just be a government version of a keylogger that should be detected by any virus good virus scanner, unless the virus companies are made to not detected it....

Ratted out by our ISPs - What legal recourse? (2)

Embedded Geek (532893) | more than 12 years ago | (#2697521)

While the FBI requires a court order to install its technology, formerly called "Carnivore," some service providers reportedly comply voluntarily...

Yes, I know this part is old news. Still, it makes me cringe whenever I see it. I assume there have been discussions of lawsuits/injunctions against ISPs to keep them from divulging this kind of stuff without a customer's consent. Could anyone post links to resources out there on these efforts for me? Thanks in advance.

Oh good. (1)

PigeonGB (515576) | more than 12 years ago | (#2697524)

I wonder if this is related to the vulnerability in IE.
Also, why do they have to require back doors, sniffers, and other things to be installed on ISPs and asking anti-virus makers to turn a blind eye to the SECURITY VULNERABILITY that would obviously arise if one could somehow spoof Magic Lantern and in so doing attack or otherwise hijack the computer?
Why not try to gather intelligence by using spies and other methods that do not necessarily require them knowing my password for the QBasic forums that I visit, or my credit card info for purchases I make at Amazon.com?
Also, why deny it? People already don't trust the government as it is, so why pretend it doesn't exist? It doesn't help at all, but at least be honest about looking over our shoulders.

K, let's get to work.... (1)

malxau (533231) | more than 12 years ago | (#2697526)

Does anybody know anybody with any information about how to trace it? Now is the time for making Magic-Lantern scanners if the commercial virus protection crew are in on it...

- Malx

Re:K, let's get to work.... (0)

Anonymous Coward | more than 12 years ago | (#2697599)

Yep...let's go dude. I'll hack into their network and see if I can find any copies of it (I suspect there would be one on the secretary's box).

You can stand outside and direct traffic. Such a simple yet clever diversion!

Is FBI working together with the software companys (1, Insightful)

Ryu2 (89645) | more than 12 years ago | (#2697528)

The way I see it, since Magic Lantern uses security holes in software to install itself -- might the FBI have secretly persuaded Microsoft, etc. to NOT FIX, or maybe even CREATE security holes??? After all, what good is Magic Lantern if it gets "fixed" in the next Windows Service Pack?

Re:Is FBI working together with the software compa (1)

Oily Tuna (542581) | more than 12 years ago | (#2697548)

The "problem" with relying on security holes is that they tend to be discovered and published by third parties.

If there is an intentional security hole in Windows then it's likely to be found by someone - and then what does MS do?

Re:Is FBI working together with the software compa (2)

danheskett (178529) | more than 12 years ago | (#2697563)

The way I see it, since Magic Lantern uses security holes in software to install itself -- might the FBI have secretly persuaded Microsoft, etc. to NOT FIX, or maybe even CREATE security holes??? After all, what good is Magic Lantern if it gets "fixed" in the next Windows Service

The risk is too great. If MS intentionally and with clear thought worked with the FBI to install backdoors MS would suffer greatly in the marketplace. MS makes tons of money off the sale of software to foreigners and foreign nations - that would nearly instantly evaporate. Furthermore, MS would be setting itself up for a major loss to the OSS crowd - "our code is open" would suddenly seem very attractive. Quite frankly, MS isn't stupid. The risk - getting busted with no chance of plausable deniability - versus the rewards - getting the DoJ off their back - isn't worth it.

Somethings are just co-incidence - and there are somethings MS just wouldn't do. Any decent firewall would instantly stop Magic Lantern - actually, any basically working firewall would stop it. I don't forsee MJ being usuable except against the most inept users - who typically won't be using encryption in the first place.

Re:Is FBI working together with the software compa (1)

malxau (533231) | more than 12 years ago | (#2697624)

Didn't M$ get caught with a special backdoor in NT where it included an 'NSAKey' in the registry? I don't recall its denials being particularly persuasive, but M$ is still with us...

Re:Is FBI working together with the software compa (1)

Oily Tuna (542581) | more than 12 years ago | (#2697661)

Publicly available debug symbols for Windows revealed that there is a constant in the code called NSAKey.

There's plenty of speculation [google.com] about this.

Re:Is FBI working together with the software compa (2)

FFFish (7567) | more than 12 years ago | (#2697652)

"If MS intentionally and with clear thought..."

Footnote: in one of the proposed remedies against MS for its abuse of monopoly power, there was talk of opening the source for a bunch of their stuff... except for things that the government would choose to explicitly not allow open-sourcing.

One can readily see that as meaning the government gets to keep its backdoors and keyloggers and suchlike from prying eyes.

Re:Is FBI working together with the software compa (1)

sydneyfong (410107) | more than 12 years ago | (#2697610)

I think if FBI had to deal with microsoft to request them NOT FIX or CREATE security holes, then why not just tell them to include it in the next service pack? It isn't something really new, as there have been rumours of Microsoft installing backdoors on users' machines anyway.

Time for hardware encryption (1)

Jetson (176002) | more than 12 years ago | (#2697529)

If the FBI wants to read our keystrokes to capture our passwords then I guess the next course of action is to move to hardware keys. There are a variety of biometric devices available, but the simpler (and more system-independant) solution would probably be to store private keys on one of those USB Flash-RAM dongles.

Re:Time for hardware encryption (1)

NetRanger (5584) | more than 12 years ago | (#2697557)

Here's another thought --

Why not just write a program which watches for any other programs writing to memory at exactly the moments when you're typing, and then alerts you as to which software is doing the snooping? This would foil ANY key-logging software. That would certainly be less expensive than hardware-based keys on a mouse or keyboard.

Just my $.02

Re:Time for hardware encryption (1)

malxau (533231) | more than 12 years ago | (#2697594)

When you're running a multitasking OS, this can't really work. Everything from disk cache flushing, paging, virtually anything could cause a percieved problem.

Re:Time for hardware encryption (1)

malxau (533231) | more than 12 years ago | (#2697608)

The trouble with this is that the hardware capable of decrypting is stored with the data itself. If you leave the key around, and your PC is networked, you have no security. If you use the key and take it with you, you are still exposed while using the key. Plus, they have the right to seize your key if you leave it lying around carelessly.

That said, hardware-based encryption may still be one of the better solutions for combatting this kind of thing.

CmdrTaco, sir! (-1)

The WIPO Troll (267426) | more than 12 years ago | (#2697533)

CmdrTaco! Would you fuck me? I'm a flaming homosexual faggot, like I believe you to be, and would very much enjoy locking you in my basement, tying you to a chair, stripping you naked, and spooging my jizz-snot all over your smooth, child-like pudgy body. How loud do you scream when someone flogs you between your legs with a leather whip?

Do you have a foot-fetish? Would you like to suck on my toes? Can I whip your feet? How loud will you squeal then?

Do you enjoy little boys? I have quite a harem of little boys myself (I borrow them from Jon Katz) and if you enjoy it, you can use any of their smooth, hairless little bodies to your liking. The youngest quite enjoys "bukkake" sex if you know what that means.

Email me if you're interested. wipotroll@hotmail.com!

Possibilities of Prosecution.?... (1)

thebigbadme (194140) | more than 12 years ago | (#2697539)

Ok so to my understanding M.L. comes in the form of a virus.... Wouldn't that be considered on the same grounds as other virus' that have been released using major holes etc...?

Granted we're all going to hear about how they'll only use it with a warrant... but just the fact that they can use it in the first place, warant or not, should be enough to raise some serious questions. This is more along the lines of 1984 than Brave New World by the way...

What's to stop some random FBI hot-shot from logging keys of random people just to see what he/she can find?

The one good thing now is that since they have admited to it's existance, now it should be slightly harder to implement, and also have a few more sets of eyes watching the watchers.

I nomenate CowboyNeil.

Re:Possibilities of Prosecution.?... (-1)

The WIPO Troll (267426) | more than 12 years ago | (#2697549)

Fuck you, you little whore.

Actually, Mr. Big Bad Me, would you fuck me? I'm a flaming homosexual faggot, like I believe you to be, and would very much enjoy locking you in my basement, tying you to a chair, stripping you naked, and spooging my jizz-snot all over your smooth, child-like pudgy body. How loud do you scream when someone flogs you between your legs with a leather whip?

Do you have a foot-fetish? Would you like to suck on my toes? Can I whip your feet? How loud will you squeal then?

Do you enjoy little boys? I have quite a harem of little boys myself (I borrow them from Jon Katz) and if you enjoy it, you can use any of their smooth, hairless little bodies to your liking. The youngest quite enjoys "bukkake" sex if you know what that means.

Email me if you're interested. wipotroll@hotmail.com!

like magic (0)

K0R$ h4x0r ru1z (533828) | more than 12 years ago | (#2697541)


"The thought police would get him just the same. He had committed--would have committed, even if he had never set pen to paper--the essential crime that contained all others in itself. Thoughtcrime, they called it. Thoughtcrime was not a thing that could be concealed forever. You might dodge successfully for a while, even for years, but sooner or later they were bound to get you." --pg 19

Most at Risk (1)

NSupremo (161699) | more than 12 years ago | (#2697543)

I don't think this software will be much of a problem to the informed ones among us.

The people at risk will be the basic newbie user, the user who was gullible enough to install microsoft software, and Members of Congress.

Time to fine this thing and make a 'snort' sig. (0)

dangermen (248354) | more than 12 years ago | (#2697545)

Hopefully someone will find a copy of this thing and get it to the 'right' people so we can me a snort signature of it.

Big deal! (1)

DermottBanana (538849) | more than 12 years ago | (#2697550)

Does any of this come as news to anyone here? Every time we do anything linked to a public network like the net, we should consider that our actions are not secure. So Magic Lantern story is just highlighting that. Nothing is secure. That's life.

Hackers Beware (1, Troll)

NatePWIII (126267) | more than 12 years ago | (#2697551)

I'm not one for violating our freedoms however something like this may help in scaring would be virus creators, hackers and others problematic computer uses (ie. DDOS attackers). If it will help eliminate problems like that I'm all for it, even if my overall freedoms are curbed a little.

Re:Hackers Beware (2, Insightful)

tps12 (105590) | more than 12 years ago | (#2697630)

I'm not one for violating our freedoms however something like this may help in scaring would be virus creators, hackers and others problematic computer uses (ie. DDOS attackers). If it will help eliminate problems like that I'm all for it, even if my overall freedoms are curbed a little.

And rude people and dog owners... please, if you don't like your freedoms, then just pretend you're in prison. But don't volunteer away my rights. To me it sounds like you definitely are "one for violating our freedoms."

Re:Hackers Beware (0)

Anonymous Coward | more than 12 years ago | (#2697639)

Wow, you're a real fuck wad.

Why do people get riddled with fear? (0, Troll)

GeorgieBoy (6120) | more than 12 years ago | (#2697552)

People fear things like this, yet they really don't have reason to unless they've been doing something worth investigating which is most likely some illegal activity. The FBI doesn't care to read your email or get access to your pr0n, their goal is to deal with threats to security and other illegal activity. The average citizen or even seasoned geek doesn't have much to worry about.

Re:Why do people get riddled with fear? (1)

donglekey (124433) | more than 12 years ago | (#2697574)

This argument has been brought many times, and for a counter argument I sugest your read up on world governments' history for the past 500 years.

Re:Why do people get riddled with fear? (2, Insightful)

malxau (533231) | more than 12 years ago | (#2697585)

I respectfully disagree.

It doesn't matter what you do, it matters what they can credibly claim you did. That's the threat. If the FBI were to accuse me in court of having written Goner, for instance, which judge is going to believe me? Any single techno-geek can't deny an allegation if it's strongly put.

The risk here is that the FBI gain more credibility to make accusations. That's it really. That credibility is a threat in itself.

Personally I don't have much to hide, because it's all posted on websites somewhere...

- Malx

Re:Why do people get riddled with fear? (1)

npietraniec (519210) | more than 12 years ago | (#2697633)

Read 1984 by Orwell. The key to not getting there is to NOT LET STUFF LIKE THIS HAPPEN.

This is a blatent violation of our rights.

regardless if I'm doing something wrong or not, if they have no good reason to stick their nose in my business, they better not be there.

But what about the things that we don't know about (0)

Anonymous Coward | more than 12 years ago | (#2697553)

The article says that they haven't actually started the program yet, so it isn't too late for distributions to begin implimenting fixes and detectors of this is it?

An interesting question... (1)

bob_diggs (208156) | more than 12 years ago | (#2697554)

For all the FBI, CIA and the so-called "intelligence community" that have the blood of thousands of Americans on their hands. From this [msnbc.com] article.

But one of the things that would be interesting to know, is how on earth did this guitar strumming, white boy suburbanite, Cat Stevens-wannabe manage to infiltrate the Taliban, a task that is supposedly so formidable that not even the best of the Central Intelligence Agency has been able to achieve it over the past six years?

Not a great idea (3, Insightful)

Zeinfeld (263942) | more than 12 years ago | (#2697561)

The principle risk to an investigator using a probe like Magic Lantern is that it is more likely to tip off the target that they are under investigation than to provide useful intelligence.

Viruses spread because each time a user is infected they spread the infection to an average of more than one user. Most viruses die very quickly. Of the thousands launched each day only a handfull infect more than a few hundred sites. The probability of infecting a particular machine is actually quite low. It is going to take rather more effort to spread the trojan payload than the FBI expect.

Simply sending out random spam and hoping the target opens an executable that installs the trojan is not likely to work. A more likely means of succeeding is to attach the trojan to a downloaded executable.

A much easier solution with lower downside risk is simply to install a good old fashioned room mike or to use CRT radiation to snoop on the screen.

BORRRRING! (4, Funny)

cscx (541332) | more than 12 years ago | (#2697565)

You know, this Magic Lantern thing will sure make life boring. Whatever happened to the good ole days when the feds actually had to sneak in your house and plant a bug inside your coffeemaker (like in all those cool 80s action movies)? Man the feds are sure getting lazy.

This is all (-1)

Al Gore (152558) | more than 12 years ago | (#2697566)

Bush's fault, for instigating the Terror-Arab conflict and necessitating the need to the FBI to spy on the American public like a Chinese shopkeeper. "Hey! You! You is terrorist! Put down shampoo get out my store!" If you can't make the connection, I'll help. "Magic Lanterns" are found in the popular Disney cartoon Aladdin. And Aladdin is a Terror-Arab! (I'd sure love to fuck Jasmine, though, if I weren't happily married to Psycho^H^H^H^H^HTipper. Oh, and if Jasmine were real.)

I'll bet you wish now that you had counted all the votes back in December! "But we can't count illegal votes," you said. Well now your precious Bushy Wushy has gotten the World Trade Center blown up and started a war! Don't you remember? Who was it that forged the Jew-Arab peace accord? It was my pal Mr. Clinton! A Democrat! Democrats are friendly, cuddly teddybears who stand up for peace! Republicans are greedy, oil-soaked warmongers who would gladly kill New Yorkers in the name of higher oil prices!

Sorry, sorry, I got a little carried away. My point is that America needs a leader, someone who will give peace a chance. Someone who was once defeated but returns triumphantly, like Jesus. And who has a beard... like Jesus. And who casts his foes and his wife Tipper into a lake of fire... like, er, Jesus. I'm trying to be subtle here, but since some of you fucktards can't even use ballots without having brain spasms, I'll make myself clear: Vote Gore in 2004, or the blood of murdered Americans will be on your hands!

Thank you.

"Magic Lantern" Defense? (-1, Troll)

Ieshan (409693) | more than 12 years ago | (#2697569)

So, here's the deal.

Why do you need defense against "Magic Lantern" if you're not doing anything illegal? That's like telling a cop that you refuse to give him access to your home to search it without a warrent. All you're doing is causing a bigger hassle for yourself. I guarrentee, the more the internet/open source community rebels against this one, the worse it becomes.

You know what? This whole thing isn't anything new. Novices have been writing for their own ego to crash thousands of systems, and these are highly trained FBI officials with both a government and a population behind them. If you're caught doing illegal stuff, you're going to be found.

Of course, there have to be safeguards against this type of thing. If someone got ahold of the way to get data from a "Magic-Lanterned" system, this whole thing would be back-orifice 2. Anyone with any sort of information on which computers had the client software or crack done could get information as well.

Because of this, I propose the FBI must be doing something to limit this type of ability. The software must have some way to check who's grabbing the data out of it. If you're going to defend your other internet users against this type of thing, I say that's the key. Find out how to use their own software and twist it into nothing more than a downloadable program on your local website.

It seems inane. Guys, live with it. It's FBI in your home, but then again, its better than terrorists in your mall. My only concern is that this whole thing is going to end up in the wrong place once the scares are over, and then we're all in for a trip.

Stop pirating now. :)

Re:"Magic Lantern" Defense? (0)

rewtbeer (301781) | more than 12 years ago | (#2697601)

... and this is how they get away with it. Chew our rights away a nibble at a time. 1st amendment, 2nd amendment, 14th amendment, little by little going bye bye. It isn't about "fighting the feds and their software", it's about them even thinking they have the right to use and create this type of tool.
I guess it's time for my windows boxes to be pure game machines. no email, no IE (dl drivers from netscape on linux and ftp them over). who knows what the next step is with this type of software development.

Re:"Magic Lantern" Defense? (0)

Anonymous Coward | more than 12 years ago | (#2697625)

I hope they don't repeal the 18th amendment!!!

(My point being - perhaps it is time the law changed ... ever think of that?)

Re:"Magic Lantern" Defense? (2)

thesolo (131008) | more than 12 years ago | (#2697620)

Why do you need defense against "Magic Lantern" if you're not doing anything illegal?

I don't know if this is a Troll or not, but I'll bite.
This is NOT a valid argument. First off, think about what you said for a minute. It may come as a huge shock to you, but people who are not guilty are and have been arrested. And that won't be changing any time soon. Plain & simple, there is nothing written anywhere that says this will ONLY be used on criminals. All it would take is one person having a suspicion about you, and presto, they are trying to keylog your system. If you want to just let the FBI into your computer and allow them to monitor you, go right ahead, but I most certainly do not.

I could go on, but I won't. All I'm going to say is that this is a stepping stone, and if we don't try to resist it now, we may not have the option to do so in the future.

Re:"Magic Lantern" Defense? (2, Insightful)

Maul (83993) | more than 12 years ago | (#2697627)

You have a right to defend yourself against ILLEGAL searches, be it in your home, your car, or your computer system.

The problem is that we have a government that is becoming increasingly oppresive. All three branches of our government are basically for sale to the highest bidder. We have lawmakers and people in positions of power who don't really care about the Constitution.

The government has locked people away for nothing more than expressing opinions in the past. I don't want the FBI knocking down my door because they read an email I wrote saying that I disagree with John Ashcroft's latest violations of the Constitution.

Four (-1)

The WIPO Troll (267426) | more than 12 years ago | (#2697581)

I like to fuck four-year-olds with my ponderously large penis. Preferably in their mouths. I especially enjoy jizzing on their virgin lips and cheeks. That is all. Carry on.

Oh goodie! (3, Funny)

loraksus (171574) | more than 12 years ago | (#2697589)

So now the FBI will be able to catch terrorists even better!
What this country needs is more power and oversight by police agencies - East Germany had it right when "smell samples" were collected in jars so dogs could hunt down disenters.
Of course, this will mean nothing to civil rights because as we all know that the FBI is a trust worthy organization that would never do things that would jeopardize our civil rights by installing key loggers via internet virus (because that would not exactly be targeted eh?.

The FBI is also trust worthy, they would never, for example, abuse the justice system by, say using RICO (anti-organized crime) laws to punish pesky protesting environmentalists, or arbitrarily ask nearly all muslim students in the USA to come in for interviews (and chase them down if they don't come by) - or even threaten to reveal that a person charged with a crime is gay (and cause his suicide)

And they would never do anything like compile a list of "persons of interest" and maintain a dossier on each person in the USA that has been charged (not convicted) of a crime), as well as all immigrants in the USA (they did a mighty fine fucking job lately eh?)

Don't worry, the FBI will protect you in the future because of their new powers!

BTW, would it be in a anti-virus company's best interest to reveal that their software has programmed defects? I dunno. . .

Unacceptable. (4, Troll)

Millennium (2451) | more than 12 years ago | (#2697590)

Look, guys. It's simple.

Get a warrant. I'll show you anything you want to see, but show me your goddamn warrant first. Until you have it, you have no right whatsoever to search my, or anyone else's computer. I don't care what your reason is. This is not acceptable.

Re:Unacceptable. (-1, Offtopic)

Anonymous Coward | more than 12 years ago | (#2697611)


[ Your Info | Logout | Preferences: Homepage | Comments | You | Messaging | Password | Misc ]
User Info for Millennium (2451)

millennium@SIGmac.com

Millennium has posted 1065 comments. Below find the most recent 24 comments.

1 Unacceptable. posted on Thursday December 13, @01:23AM (Score:2)
attached to FBI Confirms Magic Lantern Existence
2 You're forgetting something... posted on Wednesday December 05, @11:30AM (Score:4)
attached to QuickTime To Move To MPEG-4
3 Even better... posted on Tuesday December 04, @01:20AM (Score:2 Replies: 1)
attached to Maine buys 38,600 ibooks for Public Schools
4 To be honest... posted on Saturday December 01, @12:58PM (Score:3)
attached to When Should a Website Edit Its Users?
5 This would be my solution... posted on Wednesday November 28, @12:43PM (Score:2)
attached to LGPL or BSD-Style License for Media Codecs?
6 DHTML posted on Saturday November 24, @11:12AM (Score:2)
attached to Galeon 1.0 Released
7 As I understand it... posted on Tuesday November 20, @04:30PM (Score:5 Replies: 2)
attached to PNG Group Unconcerned About Apple's Patent
8 Just one catch... posted on Tuesday November 20, @08:51AM (Score:3)
attached to The Next Computer Interface
9 Re:Huh? posted on Monday November 19, @03:15PM (Score:0)
attached to Museum Of Broken Packets
10 You just don't get it... posted on Sunday November 18, @10:55PM (Score:2 Replies: 1)
attached to Libraries Asked To Destroy Reports, Databases
11 Oh,man, not again... posted on Sunday November 11, @02:29AM (Score:3 Replies: 2)
attached to Council of Europe Pushes Net Hate-Speech Ban
12 Re:/me applauds. posted on Friday November 09, @06:46PM (Score:2 Replies: 2)
attached to Neutrinos, Muons and the Standard Model
13 Who knows what evil lurks in the hearts of men? posted on Friday November 02, @02:11PM (Score:2 Replies: 1)
attached to Poll: Which Superpower?
14 Oh yeah... posted on Tuesday October 30, @05:21PM (Score:1 Replies: 1)
attached to Netscape 6.2
15 Very nice... posted on Tuesday October 30, @05:18PM (Score:5 Replies: 5)
attached to Netscape 6.2
16 Um... posted on Sunday October 28, @03:16PM (Score:1)
attached to Mozilla Bug Week
17 Re:Why are you freaking out? posted on Friday October 26, @02:19PM (Score:2 Replies: 2)
attached to Anti-Terrorism Law Passed
18 Re:The End. posted on Friday October 26, @02:07PM (Score:2)
attached to Anti-Terrorism Law Passed
19 Re:You know... posted on Friday October 26, @12:18PM (Score:2)
attached to Anti-Terrorism Law Passed
20 You know... posted on Friday October 26, @11:55AM (Score:1 Replies: 1)
attached to Anti-Terrorism Law Passed
21 Well, I just tried it... posted on Thursday October 25, @02:58PM (Score:2)
attached to MSN Blocks Mozilla, Other Browsers [updated]
22 It's official: it ain't the iWalk posted on Tuesday October 23, @01:30PM (Score:2)
attached to Apple iWalk: Mac OS-X based PDA?
23 Not quite... posted on Tuesday October 23, @12:38PM (Score:1 Replies: 1)
attached to Apple iWalk: Mac OS-X based PDA?
24 Interesting... posted on Tuesday October 23, @11:25AM (Score:3 Replies: 5)
attached to Apple iWalk: Mac OS-X based PDA?

which are you more afraid of? (1)

npietraniec (519210) | more than 12 years ago | (#2697602)

are you more afraid of hackers or the FBI? At least I have respect for hackers. Keep those packages up to date... It's us vs. them, "them" being both the bad guys and the "good" guys now. Pretty sad that basic rights to privacy can be stolen so blatently.

Penis (-1)

The WIPO Troll (267426) | more than 12 years ago | (#2697604)

My penis is, I am somewhat proud to say, extremely large for a fourteen-year-old boy like myself. It takes two hands to hold it up. It is a monstrous phallus. When I rub it in a certain way, it gets even bigger! Then it feels really good and all this sticky stuff comes squirting out of the end of it! It is most disturbing, but it feels really good! I wonder what good the huge thing is, though...

Defeating Magic Lantern (0, Redundant)

nysus (162232) | more than 12 years ago | (#2697607)

I think it's a relatively simple matter to be sure your keystrokes weren't being detected by the FBI.

Step 1: Buy a laptop.
Step 2: Buy a floppy disk
Step 3: Do all your encryping on laptop
Step 4: Ensure you never connect laptop to internet
Step 5: Use the floppy to transfer disk to encrypted data to internet computer.
Step 6: Send encrypted data

No doubt that saavier criminals are already taking such precautions.

Re:Defeating Magic Lantern (1)

L-Wave (515413) | more than 12 years ago | (#2697623)

Or you could jsut reformat your HD, everytime before you log onto the internet. =)

Why FBI came out with this news NOW (5, Informative)

webwench_72 (541358) | more than 12 years ago | (#2697617)

Why were they honest about it now? Simple: this is the best political climate the FBI could have asked for to reveal something like this.

Surveys show that most people, given the 9-11 attacks, are more than willing to trade freedom for security.

"A recent ABC/Post survey found two out of three people expressing willingness to surrender 'some of the liberties we have in this country to crack down on terrorism.' Cole attributes this not only to a heightened concern for safety, but to the fact that the majority are not generally affected--that is, it's not their relatives being detained and questioned." (Taking Liberties: Fear and the Constitution [prospect.org] )

"At times like this, a democracy must balance its need to protect itself with the freedoms that define it. Last week's terrorist attacks have raised the debate pitting homeland defense against civil liberties to a level not seen since World War II." (For now, security trumps liberties [csmonitor.com] )

"From the very first surveys after the World Trade Center and Pentagon attacks, most Americans told pollsters that the country would have to give up some rights to fight terrorism (79 percent in a CBS/New York Times poll in September). A Gallup survey conducted Nov. 26-27 found six in 10 Americans who said the Bush administration has been 'about right' in its limits on civil liberties, as opposed to 10 percent who said the administration had gone too far and 26 percent who think it hasn't gone far enough." (Public Supports Domestic Crackdown on Terror [publicagenda.org] )

After all, if you're innocent, what do you have to worry about anyway? :grin:

Dammit!! (-1, Troll)

Anonymous Coward | more than 12 years ago | (#2697622)

I just tore my own penis off in the paper shredder in the office. They told me it would feel good to stick it in there. Bastards.

Tits (0)

Anonymous Coward | more than 12 years ago | (#2697629)

I just took my own nipples off with a belt sander. Ouch...

Olsen Twins (0)

Anonymous Coward | more than 12 years ago | (#2697650)

I like to rape them. With my huge wad.

This is ridiculous and disgusting (0)

Toxxy (231886) | more than 12 years ago | (#2697657)

I can't believe this garbage.

First of all, anyone who defends "Magic Lantern" by claiming they have nothing to hide is kidding themselves. We all have something to hide. Our pirated software, our porn stash, our unpaid speeding tickets. Most people nowadays let their lives flow through their keyboard, so why not just install cameras in everyone's house? Because you wouldn't get nearly the same level of information.

Keylog yourself for a week and look at the results afterwards. If you take five people, four of them will have something to hide, and fifth one will next week.

This is a blatent violation of privacy and completely disgusts me. Next time you want to raid my life, get a fucking warrant.

"Welcome to a Brave New World" (5, Informative)

Anonymous Coward | more than 12 years ago | (#2697659)

I wish more people would actually read Huxley's "Brave New World" before applying that phrase everytime government gets a little out of control.

Seriously, "Magic Lantern" and all the other privacy-invasive technologies used to snoop on private citizens are still a far cry away from the world of "Brave New World." After all, we still possess enough of our wits to question whether these steps are necessary, legal, and ethical. The folks in "Brave New World" didn't even go that far.

We are much closer to Orwell's "1984" then we are to "Brave New World." And I'm not sure which is the more frightening.

In 1984, the government had to force people to behave using the classic methods of tyranny. In Brave New World, the citizens were kept so damn happy that they would never question that the government didn't have their best interest in mind, regardless of what it did.

Remember: in 1984, our protagonist was someone from withen the society who began to realize what a living hell he was in and began to try to do something to better his condition. In brave new world, our protagonist was someone how came from outside of the society, having been raised on a "reservation". It was only because of this distance from the reality of the "Brave New World" society that he was able to see how awful it truly was.

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...