I am amazed this (this too) didn't get more coverage: should (willl, legally can, etc) anti-virus companies detect government-created (police, FBI, KGB, MI5, etc) malware if:
a) not notified by the government (I am guessing "yes" here)
b) "politely asked" by the government (I am guessing "maybe" here :-))
c) court ordered by the government (I am guessing "no" here)
This even features a funky table with anti-malware firm responses ... The only supposed real case mentioned is this: "The Associated Press reported in 2001 that "McAfee Corp. contacted the FBI... to ensure its software wouldn't inadvertently detect the bureau's snooping software." McAfee subsequently said the report was inaccurate."
4 comments:
From what I have read this week - it is common for companies (in this case a .gov organization) to formally request their 'software' (spyware) not be picked up by AV. I would assume such requests have been made in this case.
l, the AV folks claim that it wasn't ...
Did you know that the German government also has plans to officially use malware to "search" suspect's computers? In this case, however, AV vendors have responded that they will likely detect and remove it. I think there's a big difference between US and non-US gov malware. All in all, this gov movement is very irritating and counter-productive...
Yes, very good point indeed! The whole international angle is here: in fact, maybe 3rd state malware will still be considered MAL-icious by some countries.
Kaspersky and FSB/KGB?
McAfee, SYmantec, etc and CIA?
Sophos and MI5?
Wow...
Post a Comment