Commentary

Magic Lantern Impedes Privacy, Handcuffs Anti-Virus Programs, Endangers Ad Model

I’d like to talk about a little noticed series of articles published in December on ZDNet and on other sites about a new government initiative called Magic Lantern. It represents a serious breach in basic privacy and could render all current anti-virus programs useless. This could have an incredibly negative effect on the advertising model as we know it today, bringing it to its knees. More about this after we discuss the FBI plan for Magic Lantern.

As most of you know, the government failed to obtain adoption of their “Clipper Chip” which would build “Big Brother” capabilities into every PC. The new initiative, Magic Lantern has the same effect through software. Basically, the FBI plan is to implant a keystroke tracker on every computer without your knowledge. We’ve all seen this type of technology, which makes it possible for a parent to track a child’s actions on a computer or for a company to track what its employees do. A new iteration of this can track your encryption codes and passphrases, thus breaking down any security that you have installed on your computer.

advertisement

advertisement

The really galling (and stupid) part is the way that the government plans to install this on your computer. They intend to send it as a virus! They believe that they will get through to your computer by asking the major anti-virus companies to pass their unique identifier and associated code through to you, even if the latest anti-virus software is installed on your computer.

There are a number of issues with this: ·

- You trust your anti-virus vendor to provide you with secure software, which does not pass code through. This violates that trust and your license with them. ·

- The government believes that they have a right to do this based on the U.S. Patriot Act passed in October, which requires authorization only from a state or U.S. attorney general. I recognize that new powers must be granted to the government post 9/11, but the eavesdropping on individuals without prior clearance from a judge should not be a liberty easily surrendered. ·

- How long do you think this will last before some hacker breaks the code? This is the key to any hacker getting into your computer and having their way. All a hacker needs to do is figure out the government code (and they will), and send a virus through to your computer disguised as the government code (The classic Trojan Horse). Your anti-virus package will then become useless.

The result could be disastrous. We could have a series of virus attacks that make Melissa and “I Love You” look like children’s pranks. There could be break-ins to financial and secure business data worldwide, which would result in major mayhem and could destroy world markets. And, the anti-virus model as we know it today will be rendered useless, probably putting more than a few companies selling this stuff out of business.

So, how does this affect our business? ·

- What if you could no longer trust email from people you did not know. We would all be forced to use filters that only accepted email from specific people. The email equivalent of phone call blocking. (If you have not yet figured this out, you can stop about 99% of telemarketing at your home by instituting call blocking from your phone company.) As a result, email marketing as we know it would disappear. ·

- It could also ruin e-commerce if we have no protection on the encryption and privacy of our credit card numbers and passwords. Consumer confidence would disappear.

Without email marketing and e-commerce, many sites would be brought to their knees. The result, not only the anti-virus industry gets wiped out, but the Interactive advertising industry as we know it would be destroyed. I realize that we need tighter security on a national basis post 9/11, but not at the expense of major industries. This scenario is beyond the Al Qaeda’s wildest dreams. I don’t know about you but I am not yet ready to retire.

The ray of sunshine in this is that there is a new, alternative security model in the wings that involves offline security through multiple authentications, the first of which is offline. But this is not yet ready for prime time and does not have the critical mass to implement on a broadscale basis today. More about that another time.

If you are as mad as I am about this, contact the company that you buy anti-virus software security solutions from and lobby against this. It has been reported that MacAfee’s position is not to cooperate with the FBI on this initiative. But who knows what will happen when pressure is applied? And depending upon who you talk to, it appears that Symantec (Norton) is seriously considering cooperating and passing the Magic Lantern code through. A letter or two to congress and your Senator could not hurt either. This is how the Clipper Chip was defeated.

Do something today. It is for your freedom, your industry, and your own meal ticket. Name a better group of causes.

David L. Smith is President of Mediasmith, Inc., the Integrated Solutions Media Agency based in San Francisco and New York. He can be reached at smith@mediasmithinc.com

Next story loading loading..