no anti-virus maker could say yes to these questions. it would be career suicide as they say for the company.
Security guru Bruce Schneier has joined with the Electronic Frontier Foundation and 23 other privacy and digital rights activists to call on antivirus firms to publicly state they do not turn a blind eye towards state-sponsored malware. Antivirus vendors have been given until 15 November to go on the record about detection of …
I would expect...
The request would not be to ignore the spyware forever, but not to be the first to detect it.
Once some other company in a different country detects it, cover blown and everyone can add it to the detected list.
The only thing I can see that argues that this is not happening would be leaks. If this was going on I would have expected a leak or two to have happened.
Sophos OWNs Utimaco software
Wikileaks is your friend, their Spyfiles project shows who sells what surveillance kit that we know of:
And Sophos has companies in that market,
Sophos sell Government interception and data logging software courtesy of their Utimaco subsidiary, which is quoted in Germany.
I view this as a conflict of interest, so I don't trust them. But until I get rid of Windows on the next upgrade, I tolerate companies like this.
Take a look at Glimmerglass, they make an automatic mirror tap for fibre optic cable intercepts under the sea (with a nice picture showing the data going into the NSA).
Of course they will say they do
But I wouldn't be totally surprised if state sponsored spyware arrives in some of those AV definition updates - I mean AV scanners typically look at the whole drive every day, what spy agency wouldn't want a slice of that pie....
All the denials will come from the US subsidiary and as with Google, Yahoo, MS they can/will all lie courtesy of the FISA Act.
Have you ever detected the use of software by any government (or state actor) for the purpose of surveillance?
I would think most would be able to answer yet to that, although they may be cagey about positively attributing it to a state actor.
There's been plenty of APT discoveries by all of the AV vendors where China was at least insinuated to be behind the threats.
I'm less worried about AV than backdoors buried in my firewalls
And it's probably less easy to do the comparisons that effectively make the case that AV is not where we should be looking.
well this is the rub...
So who do we trust? Govt? Big Corp? Your neighbour? Bruce is right on the money...
The problem we seem to have in the world is that the concept of trust has become "fractional" where previously it was binary or only a little less than one.
By that I mean, the invisible govts of the 50's was "trusted" as much as it was possible to observe for most people. Same with the police really...
Fast forward post-snowden, internet etc , and we have a fractional component to every trust vector involving entities we do not directly interact...
I am perhaps thinking of the "things you should not see made; sausages and legislation". Getting more and more like "things they don't want you to see made....".
How about this for a new branch of made up social science - trust vector mathematics. Forget social networks....;-) Wow! I have discovered a way of getting LINPACK into social studies ;-)
Anyone for calculating eigenvectors of the BNP? eigenvalues of lobbying cash?
I think that deserves a beer ;-)
Re: well this is the rub...there can be no trust because it's the only way to be sure
All the X Files posters notwithstanding, "Trust no one!", not even fractionally; because at least you will not be wrong. None of these agencies or governments deserve any trust as they have ALREADY violated everything that could ever command any trust.
Now, there are only lies, damn lies and even more damn lies.
When someone says "Hey buddy, I have a bridge in Brooklyn to sell you" and it has more truth than "You can keep your health coverage"; then we may as well stop communicating as there are no truths to be conveyed to anyone, anylonger.
Don't bang dinner gong in front of hungry code diggers
Kurt Wismer is right that it would be very bad opsec to tell someone, "don't look there." That's exactly what they'll do! And then they'll blab all about it. That's what they do, all day, day in and day out. If the NSA asked anybody to ignore some code, it would have come out long before Edward Snowden. And how many AV and wanna-be AV firms and authors are there? Everybody wants a headline, and that would one would come flying out faster than the Streisand effect.
Would an AV company shut down like Lavabit and Silent Mail did? That's the real question.
Re: Don't bang dinner gong in front of hungry code diggers
Receive a NSL. Go to jail by saying you've been ordered to install backdoors, or close business, or proceed as usual making profits. Which one do you think they would go for? Even if they get caught later they can argue they really "didn't want to" and possibly their competitors are in the same basket, so no reputation loss either...
Re: Don't bang dinner gong in front of hungry code diggers
However the same argument doesn't apply to putting backdoors in products.
Microsoft / IBM / Cisco / Siemens / etc all have divisions that sell classified systems - staffed with people who can be trusted - they all have valuable government contracts that make them very accommodating and they all have enough zero-day exploits that even if one is discovered who is going to blame the feds? And anyway a replacement can be pushed out next tuesday.
When selecting AV and other security software, maybe it is worth thinking about which jurisdiction(s) the company may be subject to and therefore, which government(s) may be able to make demands on them which they cannot refuse. In a way, you are selecting which government(s) can snoop on you.
"In a way, you are selecting which government(s) can snoop on you."
So best to choose one from a jurisdiction in which you don't live or expect to travel to? What's the best antivirus offering from North Korea then?
It's not "do you turn a blind eye to spyware?" but "do you facilitate the planting of spyware?" - I'd think that the easiest way to plant spyware would be to politely "request" that the companies insert little "helpers" to easy GCHQ/NSA access.