Security vendors to block police hacks

Security vendors to block police hacks

Summary: Major security vendors Symantec, Sophos and Kaspersky yesterday said their products would block legalised hacking attempts by NSW Police under new legislation as they would any other security threat to users.

SHARE:
7

Major security vendors Symantec, Sophos and Kaspersky yesterday said their products would block legalised hacking attempts by NSW Police under new legislation as they would any other security threat to users.

We don't do backdoors — not for ourselves, not for our customers, not for the cops and certainly not for the robbers

Sophos' Paul Ducklin

The NSW Government has proposed an amendment to the Law Enforcement (Powers and Responsibilities) Act 2002 which would, with a Supreme Court judge's permission, give police the authority to remotely access a suspect's computer for seven days at a time. Police would not be required to inform suspects for up to three years.

The full text of the amendment can be found online.

"Symantec's commitment, first and foremost, is to securing its customers' information and as such, Symantec software will block all attempts to compromise its customers' information, regardless of where the threats are coming from," a Symantec spokesperson said in a statement.

Paul Ducklin, head of technology at Sophos' Asia-Pacific operations, said that the idea of using malware for law enforcement had not proven effective in general. Sophos would not create backdoors in its security software, such as master passwords in encryption products, data-stealing malware deliberately left undetected by AV companies, or remote configuration features in firewalls, he said.

"Sophos aims to produce correctly engineered security products, so we don't do backdoors — not for ourselves, not for our customers, not for the cops and certainly not for the robbers," said Ducklin.

Kaspersky Labs said that while its products would treat "all unwelcome outside intrusions as hacking events", the company would assist police if they targeted a "crime ring".

"We would, of course, support any police action to bust crime rings or any organised illegal activity. Indeed, Kaspersky works with law enforcement authorities around the world to track down and identify cyber criminals," an Australian Kaspersky spokesperson said.

The question over whether security vendors would allow law enforcement malware to bypass normal security checks, has yet to be settled by the security industry in general.

Although Symantec yesterday said it would protect its customers' information, responding to UK legislation similar to that being proposed for NSW in January, Symantec declined to comment on whether it would block a police hack, saying the matter was "politically sensitive". The security vendor has said also in the past that it would not scan for the FBI's Magic Lantern keystroke-logging software.

In 2007 the German government had also been planning to permit authorities to plant spyware on suspects' hard drives through email messages appearing to stem from official sources.

"Such special favours amount to deliberately-implemented software backdoors. But correctly engineered security software shouldn't have any backdoors at all — not by accident, and certainly not by design," Sophos' Ducklin said.

Topics: Security, Government AU

Liam Tung

About Liam Tung

Liam Tung is an Australian business technology journalist living a few too many Swedish miles north of Stockholm for his liking. He gained a bachelors degree in economics and arts (cultural studies) at Sydney's Macquarie University, but hacked (without Norse or malicious code for that matter) his way into a career as an enterprise tech, security and telecommunications journalist with ZDNet Australia. These days Liam is a full time freelance technology journalist who writes for several publications.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

7 comments
Log in or register to join the discussion
  • Go Symantec, Sophos and Kaspersky

    Simple users like me appreciate your refusal to malware to propigate as wise lawful decisions. An electronic warrant cannot be surveiled by worm/virus invasion. Thankyou for defending.
    anonymous
  • Confusing messages from Kaspersky and Symantec

    So Kaspersky will sell you out outright, but at least you'll know. Symantec want their toast buttered on both sides - they tell the customers that they block everything, yet have undisclosed exceptions.

    So far only Sophos appears to have the correct attitude of no compromise security.
    anonymous
  • Whats next?

    Much as I hate to say it, this is one of the reasons I started trying to learn Linux...

    The things they could get up to scare me.
    anonymous
  • Wake up

    If you knew anything about Linux you'd realise that it is just as easy to hack as any other operating system. You talk as if you think every drug dealer, money launderer and cybercrim uses Windows and you aren't the only one.

    There is no such thing as a secure computer, except one that is turned off and unplugged.
    anonymous
  • Linux is actually easier to secure - at least in theory

    Actually linux is easier to secure if you have the knowledge, because you can see how it works (i.e. read the source) and you can (if your rather keen) compile the source to make sure that what you are running is what you think you are running.
    Of course most people, including myself (linux/unix developer and sys admin for 13+ years) don;'t have the skills or have the skills but not the exeprience to fully realize that scrutiny potential.

    With windows you can't scrutinize the code or know that what you are running is what you think it is.

    And I suspect most crims run windows for the same reason most other people do, it is for most people more familiar and therefore easier.

    BTW if you are interested in security I'd look at OpenBSD - that's a project dedicated to building a secure OS.
    anonymous
  • Go Linux Instead

    Change over to Linux & dump the vulnerable Windows OS & there you have it. You can continue to do what you normally do & most of the malware won't work at all. This includes the Cops malware.

    Subvert it further with a decent password, encrypt the info or just close down all possible ports except the ones you want to be open. Make sure that all incoming & outgoing info is encrypted & the cops will get nix.
    anonymous
  • How about...

    ....just not being a criminal, that way it doesnt matter what you use.
    anonymous