Slashdot Mirror
Antivirus Firms "Won't Co-operate" With PC-Hacking Dutch Police
nk497 writes "Dutch police are set to get the power to hack people's computers or install spyware as part of investigations — but antivirus experts say they won't help police reach their targets. Mikko Hypponen, chief research officer at F-Secure, said the Dutch bill could lead to antivirus firms being asked asked to cooperate with authorities to let an attack reach the target. So far, Hypponen hasn't seen a single antivirus vendor cooperate with such a request, and said his own firm wouldn't want to take part. Purely for business reasons, it doesn't make sense to fail to protect customers and let malware through 'regardless of the source.'"
i approve of this.
"So far, Hypponen hasn't seen a single antivirus vendor cooperate with such a request"
That's because it's not law yet; once it's law, they will.
Aside from whitelisting executables, anti-virus products have about 0% chance of catching stuff that isn't distributed to hundreds of thousands of machines anyway. All they need to do is change their payloads and exploits sometimes. I doubt the police would even bother asking anti-virus makers.
I think hacking has one big downside compared to traditional phone tapping. It is possible person being hacked can detect this and make counter measures against it OR even supply false information. For police standpoint I would consider information gained through hacking very unreliable.
Most of the major AV software suites utilize some form of behavioral heuristics to detect unknown threats. I'm not saying it's 100%, but you'd be surprised how effective it can be if implemented right.
have worked tirelessly on preparing a robust and extended-life version of spyware, codenamed Dutch Oven. Frankly they just don't understand all the stink about it.
...firms being asked asked to cooperate ...
I think you mean: ...firms being asked, and asked again to cooperate...
You really can't draw any conclusions from what they SAY, only what they DO. It would be the kiss of death for them to say anything else.
If they said they did cooperate, then anyone doing anything remotely suspect would use a different product making that cooperation useless. Meanwhile everybody worried about criminals exploiting the backdoor by impersonating the cop-ware would also switch to another product.
The only way we will know is if someone notices cop-ware installed on their system and tests the antivirus software to see if it detects it - and then goes public with the results.
When information is power, privacy is freedom.
That's hilarious. The antivirus gang doesn't have anything that works against targeted attacks anyway. The police isn't going to install the same malware that's on a million other machines on the suspects' computers to add them to a botnet, which is about the only thing any antivirus software can prevent, if the stars are aligned right.
It would not be long until some researcher gets a hold on it (if nobody else, maybe the CCC again after they did the same with the German version of the pest), examines it and publishes the details. And then, the whole thing is for /dev/null because not only does it become trivial to find it, it will also tip off everyone who was infected with it, doubling as a "the feds are closing in" warning.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
"Fuck tha Police"
Be seeing you...
i thought was always one big piece of malware. Pre-installed!. What a joke!.
Quote: "It seems that spyware and key loggers are far more advanced and commonplace today than they were six years ago, as are anti-spyware tools. I wonder if the FBI could seek a court order requiring an anti-spyware company not to report fedware (as in, fedware would be whitelisted if detected and the customer would not be alerted)." News from 2007.
CC.
TaijiQuan (Huang, 5 loosenings)
They, AV companies do not need to cooperate. So far, AV companies have failed to detect "as it is happening" any of the major (nation state) malware attacks. Hackers simply use antivirus trial or purchased versions to test their malicious creations against detection and refine the exploits until it passes through unseen all of the major AV brand products. (In case of Flamer, some 420 security software were deliberately bypassed via various tech tricks. The pre-sortie testing phase alone must have cost millions of dollars.) It is usually months or years afterwards that some bug accidentally unmasks the super-trojans, hyper-worms, etc. For example early gen Stuxnet crashed some very-very old (P1-200MHz) iranian computers running Win 2000...
I would like to see you try. Mind telling us where you're going to roam the streets with your bat and your homies?
... whatever
Well, that's what they'd say, right. Makes their betrayal all the more valuable.
Reading over the parent story link of this, when such bill's are proposed they use Child Porn has the reason for needing such bill's. Almost every bill of this kinda that is excuse they give for needing it is to help prevent child porn. I mean Really? Is that the best they can come up with to push this kinda crap through? Part that really is concerning is "including those located in foreign countries". So they can hack someone in a completely different country with 0 problem? Um i doubt most countries would be fine with state sponsored hacking like this. No surprise that anti-virus firms won't allow this, if they did let this crap through would make people question what else is and what else could pose as such malware and skate by with the white-list.
And that, kids, is the difference between being little Holland, and big United States.
-Styopa
Anti-virus software is sold by making promises to the buyer. For example, promises to protect their privacy. Anti-virus software that gave the police access to your computer, even if that was legal, would be in breach of the promises they made when they sold the software. That would be false advertising.
Could you imagine millions of customers asking for their money back when anti-virus software that claims to protect their data intentionally doesn't protect it?
'Good malware' is the stupidest idea ever.
Religion is what happens when nature strikes and groupthink goes wrong.
Fortunately there is only that one guy in the Google headquarters using it. Evidence of others using it does not exist.
I wonder if I can get a targeting plug-in for Google Glass so that I can zero my concealed carry weapon in on your sorry ass.
Think Terminator! Yay!
Conversely and/or ironically, Google Glasses are also able to geolocate you to improve drone targeting.
They will cooperate, they'll just never publicly admit to it. If you're using your computer for any nefarious purpose, using software written by ANYONE ELSE, anywhere on the system, or it's connected to any form of network, you're a fool, you're going to get caught, and you're going to deserve it.
If you think I'm wrong because you've been doing (BLANK) with yours for (DURATION) and haven't been caught, you must understand (THEY) know you're doing it, they simply don't regard (BLANK) as being important enough to haul your ass in yet at the expense of possibly unzipping (THEIR) proverbial 'fly'. The day you screw up and do something that gets you caught without their having to reveal how they know what you're doing, they'll make up a sanitized case against you, full of serendipitous - but plausibly innocently collected facts, and nail your ass. Here's an illustration:
You start downloading recipes for how to make toxic and/or explosive substances and reading them. You do this using TOR or some other system to "guarantee" anonymity. Secretly, (THEY) know who you are, and what you've learned. They watch you to see if/when you attain the capability to carry out some attack or another. Then one of two things happen. You get close enough that they run out of time, they finish cobbling together a case where they frame you for something else, then 'find' evidence of the thing you're actually planning to do in the course of the trumped-up investigation, OR ELSE... you actually DO do something they can nail you for without having to say in court that they did something illegal, or admitting something that might compromise their investigations into the activities of others, and in the process of nailing you for THAT, they 'accidentally' stumble across the thing that is the ACTUAL reason you got busted. They send you up the river, all without having to make it public that they're doing what they were doing. It's really beautiful when you think about it, because if they weren't doing this, there'd be a lot more dead and wounded about.
So how do people still manage to pull stuff off? You'll never stop everyone, only almost everyone, which is still, from a standpoint of peace and security, way better than stopping NOBODY.
Now you might say that it's unpatriotic or whatever, to want the government to invade people's privacy, etc., but the world has evolved in such a way as to make it so that either the government has to get Big-Brothery at times, or the system completely collapses because we've pissed off enough people, and for long enough that you can't have a civil society where anyone can have even a reasonable assurance of being alive next... say, Tuesday, if they don't stop people from blowing things up, and committing mass-murder. It's sad, but that's the way things have gotten to be anymore. Is this untenable? Perhaps. But the alternative is either living in a police-free state, (one where rule of law is a joke, or flat-out non-existent,) or one in which we do what we can to prevent overreach but understand that we won't have the kind of peace and freedom we once enjoyed.
They say, about jobs, that you must choose two out of the three following things:
1. Enjoy your job.
2. Make good money.
3. Live within the law.
The pessimist would say one cannot generally, as a rule, do all three.
The same principle applies to civilization:
1. Enjoy peace and security.
2. Live in a prosperous society.
3. Be free of the elements of the 'police state'.
You can do any two, but not all the three for any real length of time.
Which two you get depends on where you live. There are some places of course that won't allow you to do even two or one, but I am fortunate enough, (as I suspect are most people who can read this,) not to live in any of THOSE places, though I have seen some of them first hand. They suck, and if I found myself in one, I'd find a way to leave, just as some of my ancestors did when they were stuck in a benighted shithole called the Soviet
Didn't Norton aquiesce to the NSA or whatever's request to not recognise the signature of a trojan keylogger they produced, along with a few other companies?
Which only got turned around when people found out their AV was allowing known infections in and kicked up a hell of a storm (and since the NSA would now have some other AV being used by people who they want to spy on, it wasn't worth keeping in, else I'd suspect that they would have insisted still).
Seems like the only problem here is they were Dutch authorities, not USian.
Then you better be wearing a vest as my Desert Eagle .50 caliber will take care of idiots like you. "Do You Feel Lucky?" and with my glasses recording, it's a slam dunk that it'll be a justified killing. Oh btw: don't even think about trying it in Texas as the courts have recognized the defence "He Needed Killing" though with Texas law, more then likely the Prosecution will award the shooter a medal for helping clean the gene pool.
Mod me up/Mod me down: I wont frown as I've no crown
Spreading fear to achieve your goals? Seems you meet the definition of terrorist.
There is no reason the av companies couldn't cooperate. The Dutch Police could sign their virus and that signature could be checked and then ignored in the anti-virus program. This refusal by the anti-virus corporations flies in the face of the wishes of the law makers, (ie. the police), and they should know that they would have never got to where they were without the permission of the authorities. They are biting the hand that feeds them and there may be consequences for not going along with what their told to do.
Anti virus software companies and even companies that make software like malware anti-bytes and Spybot search and destroy already allow total control rootkits from crappy rent to own companies to be installed and not detected so whos to say they wouldnt allow police made spyware shit to be installed on pc's?
`So far, Hypponen hasn't seen a single antivirus vendor cooperate with such a request, and said his own firm wouldn't want to take part. Purely for business reasons, it doesn't make sense to fail to protect customers and let malware through 'regardless of the source.'"'
...
I would have taken it as given that the AV companies are in bed with the state security apparatus
Or any government. Follow these laws (goal) or bad things will happen (fear).
Or you could just root them and disable the tracking. It's not hard at all.
you obviously are so eager to be fucked
Since many of the big name anti-virus companies aren't from the US. ESET is in the Slovak Republic. Kaspersky is in Russia. Bitdefender is in Romania. So they don't really take orders from the FBI. Now, they do have US offices, so they aren't 100% out of reach, however they could always decide to shut down their US office. You don't need a presence in the US to sell in the US, and indeed most of them sold their AV scanner prior to having a US office. At that point the US government could go and declare it is illegal to buy their product in the US but man would that send up all kinds of red flags and would really screw over the goal of sneakily getting their stuff on to systems since now everyone would know.
The AV market is pretty global, with many of the vendors not only not being US companies, but not headquartered in US allies. The US government would have very little influence on them over all, and it would more than likely backfire. After all, it could be big press and big sales to be the AV vendor that told the FBI to fuck off and is able to find government security programs.
You do know that a .50 Desert Eagle is not considered a handgun and is illegal to carry in all 50 states, right? It's considered an anti-equipment munition by the Geneva Conventions and several international treaties to which the United States is a party, and because these treaties are the Supreme Law of the Land, they are binding upon US Citizens at home.
Therefore, the .50 Desert Eagle is a war munition and not a small arm. War Munitions are illegal for private citizens to possess or carry.
Tell that to the thousands of normal citizens who already have them and took them to the CCW course and the cops there said it's fine.
Realistically ... Your desert eagle is going to worthless to you and become MINE when you're laying face down drowning in the blood pouring out the the back of your skull since I walked up behind you and you never saw me coming.
Get a clue, your gun doesn't make you invincible, just arrogant and cocky.
Persistent Volume manager for Kubernetes - https://github.com/dwimsey/openshift-pvmanager
so where were these anti virus folks when Sony was planting its virus?
Not a single one of them reported it.
I suspect that it is not principles but money that talks here.
let the Dutch police pony up some cash and see if they get a different reaction.
pgmer6809
...because, as all AV companies tell you, malware still gets in, regardless of what AV product you have installed.
it's still a lousy one, who is this guy proposing that? sounds worse than when they missed that pedophile and blamed it on the evil tor (which is probably the only option in the universe) ...
...
seriously people ... who the fuck comes up with these ideas without even thinking them through for a second ? you're all FIRED, get out of mah land, no what, get out of my europe as long as i'm stuck here, and while you're out of here, try to get with the program
did someone check the reality check on this before actually even thinking of asking to an antivirus company to 'maybe' let some attacks pass ?
only the validated ones from the dutch superpolice force who can never ever be spoofed or imitated ofcourse
as in please build a backdoor in your software by redesigning it for free because the east-indian company asks you ?
or as in we didnt even think about the technical implementation or the result on a security companies image there
or as in all your base are belong to us because we say so ?
or as in ?
did someone check the reality check here? i don't think so, i think police is getting lazy, under-educated and too big in numbers, costing too much to give a false image of safety to an ageing population being scared by nationalist fearmongers, overthere just as well as here, meanwhile obviously having no clue what this monstrous internet is, and probably not even knowing the year 2000 was already a while ago by now
to read this when i just woke up is sure to make my day
Free speech was meant to be free for all... how can anyone grow up in a nanny state ?