[9833] in cryptography@c2.net mail archive
Re: Shades of FV's Nathaniel Borenstein: Carnivore's "Magic Lantern"
daemon@ATHENA.MIT.EDU (pasward@big.uwaterloo.ca)
Wed Nov 21 17:31:09 2001
From: <pasward@big.uwaterloo.ca>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-ID: <15356.9860.207696.29624@tolstoy.uwaterloo.ca>
Date: Wed, 21 Nov 2001 17:11:16 -0500
To: Jay Sulzberger <jays@panix.com>
Cc: pasward@big.uwaterloo.ca, "R. A. Hettinga" <rah@shipwright.com>,
Digital Bearer Settlement List <dbs@philodox.com>, <dcsb@ai.mit.edu>,
<cryptography@wasabisystems.com>
In-Reply-To: <Pine.NEB.4.40.0111211649221.28089-100000@panix2.panix.com>
Jay Sulzberger writes:
>
>
> On Wed, 21 Nov 2001 pasward@big.uwaterloo.ca wrote:
>
> > R. A. Hettinga writes:
> > > Everyone remember First Virtual's Nat Borenstein's "major discovery" of the
> > > keyboard logger?
> > >
> > > 'Magic Lantern' part of new 'Enhanced Carnivore Project'
> >
> > > [etc]
> >
> > In the same vein, but a different application, does anyone know what
> > the state of the art is for detecting such tampering? In particular,
> > when sitting at a PC doing banking, is there any mechanism by which a
> > user can know that the PC is not corrupted with such a key logger?
> > The last time I checked, there was nothing other than the various
> > anti-virus software.
> >
> > Paul
>
> If you are running a source secret operating system, it is more difficult
> to detect tampering.
I'm sure it is, unless you have to be the company that owns the
"source-secret operating system," in which case you can presumably do
whatever is done by an open-source system. Now, what (beyond AV and
tripwire) is done?
Paul
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com
