« Huge Dead Snake | Main | Mexico Declares Martial Law »
March 10, 2009
FBI's secret Magic Lantern software?
A pretty cool story is breaking right now. Apparently, there is a mysterious program called PIFTS.exe that has surfaced. The program is reportedly trying to communicate back with some IP addresses in Africa or at Symantec out in California. Symantec's Norton Anti-virus doesn't identify the program as malicious, but Zone Alarm identified it right away. All posts regarding this mysterious program PIFTS.exe have been deleted from Norton's forum. There is speculation that this is part of the FBI's secret Magic Lantern software.
This is wild. Not only is Symantec deleting all posts on their forums related to the mysterious program PIFTS.EXE, but Digg is even burying the story. Whatever it is, this is really big.
The Register: Norton PIFTS Mystery
Above Top Secret
Reddit
4Chan
Tech-Linkblog.com: Conspiracy theories run rampent due to PIFTS.EXE
The Washington Post: Users Complain of Mysterious 'PIFTS' Warning
The Inquirer: African executable raises Symantec hackles
Slashdot: Norton Users Worried By PIFTS.exe, Stonewalling By Symantec
Update: Norton finally releases an official response to the PIFTS.exe mystery, but now I'm not sure who to believe.
Bottom line is this...Don't Use Symantec's Norton Anti-Virus. Don't ever use Symantec's products. Period. If you do, you're a n00b, a rube, or worse.
Update 2: I think that PIFTS.exe is probably essentially what Norton claims it is - a miserable little rootkit that they attempted to roll out for their own nefarious puproses. I doubt that it's truly anything related to Magic Lantern, for the reasons explained in this post on Slashdot:
"Why would a third party "security" product require a secret law-enforcement backdoor? The FBI, CIA, NSA, etc. would simply have Microsoft provide a backdoor into ALL of Windows. They wouldn't waste time with a commercial product that only some Windows users install. Why go that route when going the MS route would ensure a backdoor into all systems and not just a very small subset of systems?
CIPAV is not something added willy-nilly into commercial applications. It's basically an extremely well designed rootkit that the FBI, etc. targets against specific users & computers by tricking users into installing it. (social engineering, etc.)"
Posted by Rob Kiser on March 10, 2009 at 12:31 PM
Comments