Sophos voices concern about FBI's Magic Lantern e-bug

November 29, 2001 Sophos Press Release

Sophos, a world leader in corporate anti-virus protection, is today reassuring its customers that it has not been asked to allow the alleged FBI Trojan horse - codenamed Magic Lantern - slip past undetected. Sophos believes that using 'e-bugs' to spy on suspected criminals and terrorists is fraught with dangers, as there is no way of ensuring that the code will not be adapted by its recipients for illegal use.

"Malicious code is malicious code," said Graham Cluley, senior technology consultant, Sophos Anti-Virus. "There's no reason why organisations targeted by Magic Lantern could not write a variant of the e-bug for their own use. Before we know it, we'll all be spied on by every Tom, Dick and Harry - the FBI could even become a victim of its own code!"

Sophos also doubts whether the concept of Magic Lantern could ever work as a successful way of observing suspected criminal and terrorist activity.

"If a customer suspects they may be under surveillance and sends a Trojan horse to us, we're going to provide protection against it," continued Cluley. "We have no way of knowing if it was written by the FBI and, even if we did, we wouldn't know whether it was being used by the FBI or if it had been commandeered by a third party wishing to spy on our customer - it's a totally unworkable situation."

Following media stories that other anti-virus vendors would overlook the Trojan horse if asked to do so by the FBI, Sophos has received many enquiries from customers concerned Sophos may deliberately compromise the quality of its malware detection.

Sophos would like to reassure customers that it has not been asked to turn off detection of any viruses, worms or Trojan horses by any intelligence agency around the world and continues to believe that detection of all such malware is important to our users.