Slashdot Mirror

← Back to Stories (view on slashdot.org)

E-Detective Spy Tool Used By Police and Governments Has Major Security Holes

Posted by samzenpus on from the we-got-a-problem dept.

DavidGilbert99 writes: A controversial intercept tool called E-Detective from Taiwanese based company Decision Group has a major security hole which could allow a hacker to remotely execute code and read all the data captured by the software. Considering over 100 law enforcement agencies and governments around the world use E-Detective, this could be a big problem. According to the International Business Times story: "E-Detective works by 'sniffing the network' it is monitoring and captures data packets before sending them to be reassembled and decoded. Unlike other products E-Detective promises to 'reconstruct the data to its original format' for the end users so that it will be seen the same way that it was seen on the network. E-Detective also advertises as a network forensic tool for private enterprises to "protect sensitive data from data leakage".

6 of 64 comments (clear)

  1. Thank you Republicans by Anonymous Coward · · Score: 0, Insightful

    Their kind wants to turn the entire world into a police state.

  2. Re:All products of this type of shit by Anonymous Coward · · Score: 2, Insightful

    Not even remotely impossible, but a lot harder. False sense of security is dangerous, you should also remember that.

  3. Re:All products of this type of shit by Karmashock · · Score: 1, Insightful

    You don't know what I mean.

    You have only machines that need to talk to each be able to talk to each other. You have only protocols you need enabled. You have an internal DNS server and you only permit access to domains ... to or from those domains.

    I could go on. You get the idea. Tell me how you'd hack that?

    --
    I've decided to stop wasting my time responding to AC trolls/sockpuppets... so if you want a response from me... login.
  4. No surprise by gweihir · · Score: 5, Insightful

    This just demonstrates that states attacking computers and placing backdoors does massively more damage than could ever be compensated by any possible benefits. Hence it is one of the most stupid things to do and only desired and done bu people that really have no clue or do not care how much damage they do. Usually the latter type of person is called "evil", and with good justification.

    --
    Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
  5. Re:E-Detective can reconstruct net traffic .. by gweihir · · Score: 3, Insightful

    Compromised certificates and man-in-the middle attacks based on them. Any second-rate "spy" agency (like the FBI or CIA) has them. (If they were actually good at their jobs, they would not need to break the systems they are targeting. This way, they are basically attacking critical infrastructure, and people that do this are commonly called "terrorists".)

    --
    Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
  6. Re:All products of this type of shit by Anonymous Coward · · Score: 3, Insightful

    Are you really that clueless about security? You were talking about how it's "impossible to get hacked" if you implement "perfect security".

    In that heartbleed example if your server conects to a thrid party server to fetch some data over TLS and that third party server initiates a heartbleed based attack to read your server's RAM, security has been breached. It's totally irrelevant whether that RAM holds any meaningful data (which it usually absolutely does: disk encryption keys, VPN keys etc.), what matters is that an attacker breached your "perfect security".

    Security CAN be perfect

    I sincerely hope you don't work in that area. I would never do business with someone who posesses that arrogant attitude towards computer security.