Antivirus bods grilled: Do YOU turn a blind eye to government spyware?

http://www.theregister.co.uk/2013/11/05/av_response_state_snooping_challenge/

 

I'd be more worried about them collaborating with the government or abusing our data themselves.

 

... or simply failing to properly implement and protect things. A government, and/or other, adversary could be tapping [and MITMing] the network connections of a company's servers or datacenters. Any information that isn't robustly encrypted is up for grabs. Any weakness in the way software updates are done, the way local signatures are updated, the way cloud queries are handled, etc could be exploited.

 

http://arstechnica.com/tech-policy/...and-remediate-any-malware-attack-even-by-nsa/

 

You guys suspect security labs located in USA have backdoors for NSA in their products, but trust Russia-based labs don't have backdoors to their national security agencies?

I'm not from Nato country (still western, supposedly), but I'd rather have NSA having access to my data than Russian or Chinese agencies. Your mileage may vary, ofc.

Running mainly Comodo here currently, despite having an F-Secure (from non-Nato western, supposedly, country) and Norton licenses too. (Norton doesn't work well in 64-bit Win8, and I like Comodo's firewall. Also NSA going through my data doesn't worry me that much.)

There aren't many western non-Nato country security labs that make firewalls or anti-virus products, are there? Only F-Secure comes to my mind right now.

 

Although not current, Emsisoft had this to say about their detection of the Federal Trojan in Germany: http://www.emsisoft.com/en/kb/articles/tec111011.

 

Conventional, non-government malware has been using several methods to evade detection for years, everything from encryption, obfuscations, packers, etc. Why would anyone think that a government agency with nearly unlimited funds and all the skill that money can buy wouldn't be using these and other methods far more effectively? When government agencies can sucessfully gain unlimited access to companies like Yahoo and Google, why would anyone think they haven't done the same with the AV vendors? IMO, it's a safe bet that any government malware identified by an AV is already obsolete and has been replaced by something better.

 

Don't care, I don't live in Russia. What are they gonna do? If it is true it is still the lessor of evils.

 

Off course they turn a blind eye to government malware, you will have more luck finding a 0-day on virustotal than using a AV.

 

Don't use any of them, and then no problem.
Mrk

 

ESET response to Bits of Freedom open letter on detection of government malware

http://www.welivesecurity.com/2013/...en-letter-on-detection-of-government-malware/

 

Re: ESET response to Bits of Freedom open letter on detection of government malware

Good to see an official response, though I never suspected ESET of such things anyway.

 

Re: ESET response to Bits of Freedom open letter on detection of government malware

As KAV or Kaspersky recently indicated - malware is malware and we will issue detections for them and proactively support our clients regardless of the origins of said malware.
Nation State malware gets no exceptions by us and I applaud this.
http://arstechnica.com/tech-policy/...and-remediate-any-malware-attack-even-by-nsa/

 

Re: ESET response to Bits of Freedom open letter on detection of government malware

F-Secure answers to Bits of Freedom:
http://www.f-secure.com/weblog/archives/00002636.html

 

http://pandalabs.pandasecurity.com/panda-security-answer-to-bits-of-freedom-open-letter/

 

The government doesn't need backdoors in AV, they're not exactly hard to get around, especially with government funding.

 

I do wonder how mcafee and symantec as well as other big players.

 

Like any of them will admit they won't include fixes for malware made by some governments. These companies work in a field where they can lie without a problem.

 

I doubt they would lie. They would just give a vague answer to dance around the subject and not totally answer the question. They would not outright say that they don't, but wouldn't directly admit to it either.

 

Trend Micro’s Response to Bits of Freedom
http://blog.trendmicro.com/trend-micros-response-bits-freedom/

 

https://www.bof.nl/2013/11/15/av-vendors-we-will-act-upon-detecting-govt-malware/

 

Thanks for the heads up Dermot7.

Too bad that only 30% replied.

The letter was sent to these vendors so it's easy to see wich vendors that did not reply.

 

This. So a positive answer is still something.

Well, it's far from out of character for them. I guess Emsi, Vipre, Sophos and Fortinet would answer too if it they also got the letter; they do good research as well.

 

I'm really out of my league when discussing such matters, but I don't believe that AV vendors are hiding much from their users. I very well could be wrong, and that would be a shame. As things are, I'm nearly forced to assume that U.S based vendors can't just tell the government to shove off and that they will provide data when pressured. However, willingly just letting government malware through doesn't seem like a noose these vendors want around their necks. With that said, I have doubts that AV vendors would even be able to pick out and block the malware until it was already too late, such as the case was with previous malware.