Charles R. Smith
Wednesday, Nov. 28, 2001

U.S. Agencies Battle Each Other on the Internet

The U.S. government is struggling to rebuild its image after it failed to discover the plot to attack America on Sept. 11.

The FBI and CIA, two agencies charged with law enforcement and intelligence operations, have taken the most heat for the failure. Both agencies had few areas of cooperation prior to Sept. 11.

Now the FBI and CIA have suddenly discovered conflicting roles inside cyberspace.

The FBI recently was forced to reveal another part of its Cyber-Knight project, an effort by the agency to monitor all Internet communications.

Last year the FBI was forced by privacy advocates to reveal that it had a new software program called Carnivore designed to monitor Internet e-mail. The Carnivore system is reportedly installed not on home personal computers but on Internet Service Provider computers, allowing the agency to siphon off data from suspected customers.

The FBI is reportedly using a new and improved version of Carnivore, a software program designed to monitor secure e-mail over the Internet. The new FBI program, called Magic Lantern, is described as key logger software designed to steal the pass phrase used to start the popular encryption program PGP, or Pretty Good Privacy.

A key logger program is designed to capture keystrokes – what a user keys in – and then store the data in a separate location for later retrieval by a hacker. The FBI plans to use Magic Lantern to capture PGP information to crack encrypted e-mail and intercept Internet data.

Magic Lantern Flaws

Magic Lantern reportedly can be sent in a fashion similar to several virus programs, either as an attachment via e-mail or downloaded from an infected Web site. However, the Magic Lantern program may also be mistaken for a virus program.

The sudden discovery of Magic Lantern caused a flurry of activity from computer software producers. Anti-virus software maker McAfee Associates denied a recent report that it was working with the FBI to ensure its software would not stop the Magic Lantern program. McAfee spokesman Tony Thompson denied it had any contact with the FBI on Magic Lantern.

According to an official statement by the anti-virus maker, "Network Associates/McAfee.com anti-virus programs will continue to protect our customers' computers from any program that intrudes into their system against their desires or without the knowledge of our customer."

Magic Lantern is also not perfect. Magic Lantern suffers from another flaw in that it is not designed to stop other popular computer encryption programs such as Softwar Pcypher and Mystx public key encryption systems.

These encryption software utilities do not use pass-phrase technology and are immune to Magic Lantern-type attacks. E-mail and data scrambling is done with the mouse using data keys that can be stored on offline diskettes, zip drives or CD disks.

CIA Triangle Boy

Yet, as the FBI struggles to introduce its new system to monitor the Internet, the CIA is working to develop a software program that thwarts government monitoring.

The CIA is a major sponsor of SafeWeb, a company that distributes a free program called Triangle Boy. Triangle Boy allows users to surf the Web anonymously. Citizens inside dictatorships are using the program to avoid monitoring by the oppressive regimes.

Triangle Boy operates much like a mail forwarding service. Each user request to view a Web page is scrambled and randomly sent to another machine, which actually performs the request, returning the data to the original user. Triangle Boy is very popular inside China, and the Chinese government is working hard on ways to counter secure access to the Internet.

SafeWeb reportedly receives hundreds of e-mails a day from grateful Triangle Boy users worldwide. However, SafeWeb's growing audience in China, Saudi Arabia, the United Arab Emirates and Syria is in direct conflict with FBI efforts to monitor potential terrorist communications.

Despite the concerns, Triangle Boy's developer, SafeWeb's CEO Stephen Hsu, claims terrorists would not use the program.

"A terrorist would be crazy to use SafeWeb," stated Hsu, who noted that the CIA backs his company.

Yet Triangle Boy can be abused, and software vendors have rushed to develop new programs designed to counter the CIA's secure Internet browser.

Porn or Politics?

"I knew that if I knew about Triangle Boy, anybody who was really interested in porn would know about it too," stated Ed Miller, a security operations manager at Computer Sciences Corp.

Filtering vendor 8e6 Technologies, whose customers include major companies such as Computer Sciences Corp., recently developed a way to block Triangle Boy. 8e6 Technologies declined to comment on how its X-Stop filtering system disables Triangle Boy.

"Several IT (information technology) people at the universities and schools that I consult for did extensive research into this," noted Eric Gerlach, a Network Integration Consultant for Southwestern Bell Telephone.

"I have a few insights and an easy fix for it," noted Gerlach.

Ironically, many inside the computer security field declined to describe ways to stop Triangle Boy – not for technical reasons but for political reasons.

Software experts are usually anxious to publish flaws inside Microsoft operating systems or other major software packages. Yet this is not the case for Triangle Boy.

"Normally, I'm all for publishing flaws in software, but on this one I have to vote against," stated one computer security expert located in the Netherlands.

"The Chinese finally have access to the Internet. The flaws could be used by the Chinese government to block the Internet once again."

Read more on this subject in related Hot Topics:

Privacy