Jump to content

Magic lantern (disambiguation)

From Wikipedia, the free encyclopedia

This is an old revision of this page, as edited by Bryan Derksen (talk | contribs) at 01:13, 29 November 2001. The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

Magic Lantern is the name of a software system used by the United States Federal Bureau of Investigation (FBI) to obtaining encryption keys from suspects' computer systems. The FBI's controversial monitoring software known as Carnivore is useless when the intercepted communications are encrypted.


Magic Lantern is a trojan-horse method of installing keylogging software on a suspect’s machine. It allows the keylogger to be sent to the suspect via an e-mail; the keylogger is automatically and invisibly installed when the message is read, much like many Microsoft viruses. It is unknown what platforms Magic Lantern has been developed for; it is quite possible that only users of Microsoft Outlook are vulnerable to the trojan installation.


At least two antivirus software companies, Symantec and Network Associates, are voluntarily working with the FBI to ensure that their virus detection applications will not alert anyone to Magic Lantern's presence. On the other side, at least one antivirus company, Sophos, will work to detect it, saying that its customers outside the United States would expect protection against the application.


The FBI has used keyloggers before; in United States v. Scarfo, a keylogger was used to capture the Pretty Good Privacy passphrase used by an alleged mobster. Those keyloggers, however, had to be manually installed after gaining physical access to the subject's computer.


Magic Lantern is one of several enhancements to Carnivore discovered in mid-November, 2001. In response to a Freedom of Information Act request filed in 2000 by the Electronic Privacy Information Center, the FBI released a series of unclassified documents relating to Carnivore, which included the "Enhanced Carnivore Project Plan." Redacted portions of that document mention "Cyber Knight," a database that sorts and matches data gathered using various Carnivore-like methods from e-mail, chat rooms, instant messages, and Internet phone calls. It also matches files with captured encryption keys.