[LINK] FBI targets suspects' pcs with spy virus

[Chirgwin, Richard]

As an aside to this, it surprises me that there's far less discussion of
system-level trust in the security/privacy debate.

For example, there are plenty of situations where the easiest way to
compromise systems is inside the boxes rather than outside (remembering that
unauthorised access is most commonly an inside job).

As was once outlined to me by a reputable engineer - Geoff Croker, boss of
GCS in Melbourne - a hard drive controller is easy to emulate. He has
demonstrated (back in 1998) how to intercept disk accesses quite invisibly,
once a machine had been physically compromised. And of course, any disk
access includes capturing cryptographic keys used to access a compromised
machine.

Now, his demonstration was real, but he admitted the threat itself was
theoretical in that it had not been observed "in the wild"...but surely if
one person can do something, someone else can do it?

Richard Chirgwin

-----Original Message-----
From: Anthony Healy [mailto:thealy@magna.com.au]
Sent: Friday, 23 November 2001 10:32
To: Link
Subject: RE: [LINK] FBI targets suspects' pcs with spy virus



> A new tool reportedly being developed by law enforcement
> agencies to remotely install surveillance programs on a
> suspect's computer is little more than 3-year-old hacking
> technology, security experts said Wednesday.

As others have pointed out, keystroke capture has nothing to do with the
particular set of products the reporter seems to have in mind in referring
to "hacking technology" of three years ago. In this instance, it's standard
Windows software engineering. And there would be no need for it to be a
Trojan horse.

Security experts indeed.

Regards, Tony Healy