FBI in firing line over 'good' Trojan

The security community has slammed the FBI over its controversial Magic Lantern 'good' Trojan horse.

Antivirus companies have attempted to reassure users that the spook agency has not asked them to let Magic Lantern slip by undetected.

Magic Lantern is thought to operate much like a Trojan horse, arriving in an email, installing itself invisibly and setting up a keylogger to capture such data as the pass code for an encryption program such as PGP and forwarding it to the FBI.

But Graham Cluley, senior technology consultant at Sophos, said that using such tools to spy on suspected criminals and terrorists is fraught with danger, as there is no way of ensuring that the code will not be adapted by its recipients for illegal use.

"Malicious code is malicious code," he said. "There's no reason why organisations targeted by Magic Lantern could not write a variant of the e-bug for their own use. Before we know it, we'll all be spied on by every Tom, Dick and Harry - the FBI could even become a victim of its own code."

Shane Coursen, chief executive of security company WildList Organisation International (WLO), said that antivirus exclusion as we know it could be redefined by Magic Lantern.

"Magic Lantern clearly falls in the category of malicious software. Specifically, it's a Trojan horse, in the same class as Back Orifice and Sub Seven," he said.

"If WLO ever decided to purposely not list a program, then its effectiveness would be called into question forever. Absent legal compulsion, that won't happen on my watch," he added.

However, the industry is somewhat split on the matter. Symantec has gone on record as saying it would co-operate with the FBI, but Coursen countered that due to the international nature of antivirus software, it simply may not be possible for the antivirus industry as a whole to lend the blind eye the FBI would like.

"If just one antivirus software product detects Magic Lantern, the game is over," he said.

Cluley said: "If a customer suspects they may be under surveillance and sends a Trojan horse to us, we're going to provide protection against it. We have no way of knowing if it was written by the FBI - it's a totally unworkable situation."

But the creation of such a program shouldn't come as a shock, assured Coursen. "Three-letter agencies of all sorts make no bones of the fact that they must regularly do things that many would consider less than savoury. To get to the bad guys, you sometimes have to become a bad guy," he said.