Swedish police cleared to deploy spyware against crime suspects Spyware should be able to turn on device cameras and microphones, get encrypted chat logs October 23, 2019 https://www.zdnet.com/article/swedish-police-cleared-to-deploy-spyware-against-crime-suspects/
I'm interesting to see how anti-malware industry will treat such software. I guess that malware is malware - it doesn't matter who is using it and for what purpose.
I vaguely recall, not long after Stuxnet went public, speculation that anti-malware apps ignored malware from friendly governments. And maybe some upset about Kaspersky detecting them. But
How would they deploy their malware onto the target? I assume it would be with the phone's manufacturer help? They make it sound like if they want to deploy it, they can, easily without any problems.
When they say "new powers", this just means rubber stamping what they've been doing for ages. Happened that way in the UK, except there they keep a stiff upper lip and call it - very quaintly - "equipment interference".
I've been reading around on this, and it seems they are mostly going to use the "Evil Maid" method. The Swedish government can't force Android or Apple to do stick.
there is a similar case with uefi malware backdoor pre-installed on most laptops (see Absolute) , it is threated as PUP but it can't be removed by AVs they will reports it as PUP I'm sure they will not call it malware
Well, if the target device is smartphone, they could like you said, "convince" manufacturer to add some really important "feature" into their next update of phone firmware. Or they could go to some 3rd party that does part of the customization of the manufacturer final firmware (many companies don't do all the stuff in-house). Also, it would be simple matter for crooked manufacturer to send such OTA update to their customers phones in name of "security update". The trick of using 3rd party was exactly what some bad guys did to infect Android phones Code: https://www.theverge.com/2019/6/6/18655755/google-android-malware-triada-ota-rom-ads-spam-oem If the targeted device is router then there is a thing called TR-069 which lets ISPs to remotely update home consumers routers. Most (all?) of those cheap things listen port 7547 for incoming commands from ISP. EDIT: The author of that ZDNet article don't seem to understand: Spyware IS a backdoor!
Old proverb........ if you're a hammer, everything looks like a nail. They're able to intrude into anyone's business no matter their evidence, or lack of.
Swedish law enforcement given the permission to hack February 26, 2020 https://edri.org/swedish-law-enforcement-given-the-permission-to-hack/
So in april 1 (I hope it's really a "April's fool's day" joke ...) there will be two kind of hackers in Sweden: Those with badge and those without. In many countries computer hacking is prohibit by law so I guess in Sweden it will be computer criminals with badge and computer criminals without badge soon ... What a glorious world we are living ....