back to article Government-built malware running out of control, F-Secure claims

A surprising number of governments are now deploying their own custom malware – and the end result could be chaos for the rest of us, F-Secure's malware chief Mikko Hyppönen told the TrustyCon conference in San Francisco on Thursday. "Governments writing viruses: today we sort of take that for granted but 10 years ago that …

COMMENTS

This topic is closed for new posts.
  1. Anonymous Coward
    Mushroom

    Re: Symantec and McAfee (among others) have not responded

    Yeah. This is the same Symantec that has for quite some time now refused to participate in AV-Comparatives while just about everyone else has no issue with said participation.

    That in itself should already be setting off alarm bells.

    This however is just another reason for anyone to avoid Symantec at all cost.

    1. Anonymous Coward
      Anonymous Coward

      Re: Symantec and McAfee (among others) have not responded

      I wouldn't worry about particular companies, as they need to sell their products in all markets, so they aren't going to flag up (say) US malware, because they'd find themselves squeezed out of the US market. They won't piss the Russkies off, because the penalty is a bullet in the head. They won't piss GCHQ off, because in addition to being the NSA's poodle GCHQ probably already have their home browsing habits, banks details and choice in ladies undergarments....and so forth.

      It's notable that the Flame malware was reckoned to be in the wild for two years before being spotted, so in addition to the question of whether commercial AV vendors dare identify obviously state sponsored malware, there's a question of whether their product can routinely spot "state grade" malware.

      Even professional criminal malware writers have a tight budget, a limited attention span, and a need to look over their shoulder - but they don't need to be too stealthy, because they are playing a numbers game of hit X million machines, infect Y thousand, release payload and chalk up benefits. State sponsored hackers have all the time, money and resource they want, access to inside info on the OS and applications, and an obvious need to evade much more professional levels of protection.

    2. Anonymous Coward
      Anonymous Coward

      Re: Symantec and McAfee (among others) have not responded

      Symantec and McAfee also massively reduced their participation in a certain other well known testing program..

      In fact, judging from the posted test results, most of the big players (after a long while of moaning their new cloud systems weren't being tested along with sig based detection) reduced participation. This was mainly caused when the testing program was updated to comply and it was discovered that the new cloud systems for a lot of av products were absolutely terrible, and their scores dropped lower than the proverbials.

      No spooky mystery, just crap cloud tech.

      Of course, that's no proof that they aren't hand-in-glove..

    3. The Dude
      Mushroom

      Re: Symantec and McAfee (among others) have not responded

      Not surprising that Symantec refuses to participate in anything remotely resembling ethical business practices. These liars are in the business of slander, libel, and God knows what other unethical practices and have an army of lawyers to fight off anyone who dares complain.

    4. BillG
      IT Angle

      Re: Symantec and McAfee (among others) have not responded

      Judging by how much they hook into your system and how impossible they are to remove, I always thought Symantec's products ARE malware,..

  2. Ole Juul

    Out of control?

    Does that mean that at some time we might expect one of these from our own government which could cause us grief? Just like any munitions, malware needs to be controlled and contained or it can become a liability. Mistakes will be made.

  3. Denarius
    Unhappy

    sounds too familiar/Oblig reference

    Government project for "safety" that goes rogue and attacks all and sundry ? An IT version of Terminator ? I suggest yesterdays article is as scary. All that professionally written intrusion code in the wild, training the next batch of crims.

  4. Zog_but_not_the_first
    Trollface

    "Hyppönen highlighted the birth of a new malware family, called Careto (Spanish for "the mask"), "

    Somebody stop me.

  5. Anonymous Coward
    Anonymous Coward

    Is this a mistake?

    This story should have been posted under Bootnotes -> Rise of the Machines, right?

  6. Anonymous Coward
    Anonymous Coward

    Not surprised about Symantec...

    Their 'Symantec Endpoint Protection' is so shite that it's instantly disabled by everey effing 'your computer is infected' fake the users in my organisation happens upon.

    (Some big w@nker in my organisation - without proper authority - bought the package, and now we have to use it because the beancounters won't let us buy something that actually works... )

  7. cmaurand

    Symantec

    doesn't stop anything new anyway so why worry?

  8. Anonymous Coward
    Anonymous Coward

    Politicians are fake!!!

    In Europe, German police and customs officials have access to a bespoke computer Trojan called R2D2 which is used to track and collect data on targets.

    Funny how the German government was "Outraged" at the US due to spying and here they are spying themselves. Just goes to show you that our political leaders only get "outraged" for public consumption while in reality, they are just as bad as any other politician.

  9. I. Aproveofitspendingonspecificprojects

    This shall be

    When you give someone a virus he becomes contageous. I for one wouldn't blame Iran for being a carrier. And there are far more companies in the USA and Britain that lack immunity than there are in Iran, if only because Iran is in quarrantine.

    "their eyes will rot in their sockets, and their tongues will rot in their mouths"

    http://biblehub.com/zechariah/14-12.htm

    Don't look at me. It would just be a nuisance for me if my internet connection failed.

    The only thing that would bother me is not being able to tell anyone: "I told you so."

    Giving a vengeful religious nutcase a virus to play with was always asking for trouble. But what would one expect from any nation ruled by a chimpanzee?

    One religious hypocrisy too far, that was. The imbecile never understood escalation did he.

    Ah, well. (Sits back and awaits the inevitable.)

  10. Adrian Midgley 1

    the SF novel of which this is the plot

    Or a prodromal element of the plot and piece of worlD-buil ding is Necromancer by William Gibson.

    1. Trygve Henriksen

      Re: the SF novel of which this is the plot

      Are you certain you don't mean Neuromancer?

This topic is closed for new posts.

Other stories you might like