Shedding Light on 'Magic Lantern'

ByPaul Eng

Dec. 21, 2001 -- In order to stop criminals and terrorists who may be plotting evil deeds using computers and the Internet, the FBI is developing a tool that is more commonly associated with computer hackers.

According to the FBI and other law enforcement agencies, computer-savvy criminals are increasingly turning to encryption software to protect their sensitive data from prying eyes. Programs such as Pretty Good Privacy, or PGP, scramble computer files so well that it takes years for even the most powerful supercomputer to crack them without the appropriate "key."

But instead of trying to "pick" open any locked files, the FBI hopes agents could one day just copy the criminals' keys by using a program currently code-named "Magic Lantern."

The FBI recently confirmed that the agency did indeed have a computer project called "Magic Lantern" underway. But since the project was still "under development," the bureau declined to reveal further details about its design or capabilities.

Copying Keys by Logging Keystrokes

But according to news reports, the program may be a powerful version of a hacking tool known as a key-logging program. Such a program, when installed on a computer, monitors and stores copies of what is typed by the user — say a password that starts an encryption program.

The FBI had used such a key-logging program last year in a criminal investigation against Nicodemo Scarfo Jr., son of a convicted Philadelphia Mafia boss. FBI agents had broken into Scarfo's office in New Jersey and installed a key-logging program to capture Scarfo's software encryption key, which later revealed vital evidence against the alleged loan shark. (Scarfo's case is still being tried in federal court.)

But more than just an electronic surveillance tool, experts believe Magic Lantern may also be able to secretly install itself on an unsuspecting user's computer, much like a computer virus. The program could be disguised as a harmless computer file — a so-called "Trojan horse" program — and sent as an attachment to a benign computer e-mail.

Mark Rasch, a former prosecutor with the Justice Department, says that such a capability wouldn't be impossible. Such Trojan horse attacks have been used in recent computer attacks such as last month's Badtrans worm. "We know that 19-year-old teens from the Phillippines can do this," says Rasch, now a vice president of cyberlaw at Predictive Systems in Reston, Va.

Critics Already Crying Foul

Whether or not the FBI's latest cybersnooping tool is truly the ultimate cyberspy is still questionable. But one thing is for sure: critics are already crying foul over the still-secret FBI program and its hypothetical potential.

Although the FBI says that Magic Lantern would only be used "pursuant to the appropriate legal process" — i.e., under a court-approved search warrant — privacy and legal experts worry that the program could violate citizens' civil right to be free from unreasonable searches and seizures. Lawyers for Scarfo, for example, have petitioned the courts to review the legality of the evidence gathered by the FBI's previous key-logging program.

What's more, security experts suggest that like other Trojan horse viruses, the FBI's Magic Lantern may be discovered by anti-virus programs. And security software makers such as Symantec and Sophos have already taken the position that they won't treat a Magic Lantern bug any differently than any other computer virus.

"Malicious code is malicious code," said Graham Cluely, senior technology consultant for Sophos Anti-Virus, in a statement last month. "If a customer suspects they may be under surveillance and sends a Trojan horse to us, we're going to provide protection against it."

ABC News Live

ABC News Live

24/7 coverage of breaking news and live events