[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Technology center




 >What I think they'll do is work on virus software.  They can write
>something which will hack the crypto on your PC and make it weak.
>If they want to wiretap some drug dealer, they get him to download
>one of their programs somehow.  Maybe they've got a Java bug which
>lets them hack files when he goes to a certain web page.  Or maybe
>they get him to download some free demo of a game or interaction
>service (hotchicks.com).  Whatever, the program actually looks for
>PGP and other crypto software and hacks it.  Now the FBI can read
>his stuff.

What we have here is a technology race.  Assuming it is legal for a
hypothetical government organization to pull a stunt like that, we merely
build our own encryption software that is compatible with the current stuff,
or failing that have an unreasonable amount of different publically
available versions out there.
Tell me what virus can alter 50 different programs in a different fashion
and still be small enough to go unnoticed.
If you were to program your own private version of PGP and have it produce
output exactly the same as any version of PGP out there you wanted to, then
there's a good chance that it would be overlooked by viri, logic bombs,
trojans... and even if it wasn't there's an even better chance that a
specific virus would need to be written to hack your private version. and
what are the odds of actually infecting your particular desktop with the
naughty program that's gonna do the dirty work?
I admit that would take cnsiderable effort and the only reason for doing so
is to protect against thief software designed to steal your keys, but it can
be done. and probably would be done by many as a last resort / defense.

-Stu


"Work toward your vision of tomorrow, or you will surely live in someone
else's" -- Art Sackett