I’d like to talk about a little noticed series of articles published in December on ZDNet and on other sites about a new government initiative called Magic Lantern. It represents a serious breach in
basic privacy and could render all current anti-virus programs useless. This could have an incredibly negative effect on the advertising model as we know it today, bringing it to its knees. More about
this after we discuss the FBI plan for Magic Lantern.
As most of you know, the government failed to obtain adoption of their “Clipper Chip” which would build “Big Brother” capabilities into
every PC. The new initiative, Magic Lantern has the same effect through software. Basically, the FBI plan is to implant a keystroke tracker on every computer without your knowledge. We’ve all seen
this type of technology, which makes it possible for a parent to track a child’s actions on a computer or for a company to track what its employees do. A new iteration of this can track your
encryption codes and passphrases, thus breaking down any security that you have installed on your computer.
advertisement
advertisement
The really galling (and stupid) part is the way that the government plans to install
this on your computer. They intend to send it as a virus! They believe that they will get through to your computer by asking the major anti-virus companies to pass their unique identifier and
associated code through to you, even if the latest anti-virus software is installed on your computer.
There are a number of issues with this: ·
- You trust your anti-virus vendor to
provide you with secure software, which does not pass code through. This violates that trust and your license with them. ·
- The government believes that they have a right to do this based on
the U.S. Patriot Act passed in October, which requires authorization only from a state or U.S. attorney general. I recognize that new powers must be granted to the government post 9/11, but the
eavesdropping on individuals without prior clearance from a judge should not be a liberty easily surrendered. ·
- How long do you think this will last before some hacker breaks the code? This
is the key to any hacker getting into your computer and having their way. All a hacker needs to do is figure out the government code (and they will), and send a virus through to your computer
disguised as the government code (The classic Trojan Horse). Your anti-virus package will then become useless.
The result could be disastrous. We could have a series of virus attacks that
make Melissa and “I Love You” look like children’s pranks. There could be break-ins to financial and secure business data worldwide, which would result in major mayhem and could destroy world markets.
And, the anti-virus model as we know it today will be rendered useless, probably putting more than a few companies selling this stuff out of business.
So, how does this affect our business? ·
- What if you could no longer trust email from people you did not know. We would all be forced to use filters that only accepted email from specific people. The email equivalent of phone call
blocking. (If you have not yet figured this out, you can stop about 99% of telemarketing at your home by instituting call blocking from your phone company.) As a result, email marketing as we know it
would disappear. ·
- It could also ruin e-commerce if we have no protection on the encryption and privacy of our credit card numbers and passwords. Consumer confidence would disappear.
Without email marketing and e-commerce, many sites would be brought to their knees. The result, not only the anti-virus industry gets wiped out, but the Interactive advertising industry as we know
it would be destroyed. I realize that we need tighter security on a national basis post 9/11, but not at the expense of major industries. This scenario is beyond the Al Qaeda’s wildest dreams. I don’t
know about you but I am not yet ready to retire.
The ray of sunshine in this is that there is a new, alternative security model in the wings that involves offline security through multiple
authentications, the first of which is offline. But this is not yet ready for prime time and does not have the critical mass to implement on a broadscale basis today. More about that another time.
If you are as mad as I am about this, contact the company that you buy anti-virus software security solutions from and lobby against this. It has been reported that MacAfee’s position is not
to cooperate with the FBI on this initiative. But who knows what will happen when pressure is applied? And depending upon who you talk to, it appears that Symantec (Norton) is seriously considering
cooperating and passing the Magic Lantern code through. A letter or two to congress and your Senator could not hurt either. This is how the Clipper Chip was defeated.
Do something today. It is
for your freedom, your industry, and your own meal ticket. Name a better group of causes.
David L. Smith is President of Mediasmith, Inc., the Integrated Solutions Media Agency based in San
Francisco and New York. He can be reached at smith@mediasmithinc.com