Shedding Light on 'Magic Lantern'

Dec. 21 -- In order to stop criminals and terrorists who may be plotting evil deeds using computers and the Internet, the FBI is developing a tool that is more commonly associated with computer hackers.

According to the FBI and other law enforcement agencies, computer-savvy criminals are increasingly turning to encryption software to protect their sensitive data from prying eyes. Programs such as Pretty Good Privacy, or PGP, scramble computer files so well that it takes years for even the most powerful supercomputer to crack them without the appropriate "key."

But instead of trying to "pick" open any locked files, the FBI hopes agents could one day just copy the criminals' keys by using a program currently code-named "Magic Lantern."

The FBI recently confirmed that the agency did indeed have a computer project called "Magic Lantern" underway. But since the project was still "under development," the bureau declined to reveal further details about its design or capabilities.

Copying Keys by Logging Keystrokes

Related Stories

Man sets himself on fire outside Trump courthouse

• Apr 19, 4:11 PM

Senate kills Mayorkas impeachment trial

• Apr 17, 5:52 PM

OJ Simpson dies at 76

• Apr 11, 6:32 PM

But according to news reports, the program may be a powerful version of a hacking tool known as a key-logging program. Such a program, when installed on a computer, monitors and stores copies of what is typed by the user — say a password that starts an encryption program.

The FBI had used such a key-logging program last year in a criminal investigation against Nicodemo Scarfo Jr., son of a convicted Philadelphia Mafia boss. FBI agents had broken into Scarfo's office in New Jersey and installed a key-logging program to capture Scarfo's software encryption key, which later revealed vital evidence against the alleged loan shark. (Scarfo's case is still being tried in federal court.)

But more than just an electronic surveillance tool, experts believe Magic Lantern may also be able to secretly install itself on an unsuspecting user's computer, much like a computer virus. The program could be disguised as a harmless computer file — a so-called "Trojan horse" program — and sent as an attachment to a benign computer e-mail.