AV-vendors turn a blind eye on fedware!

Hi malware fighters,

Federal and intelligence services do not only buy keyloggers, also AV-vendors turn a blind eye where police or federal spyware is concerned. Because of an American case in which DEA by means of a keylogger could circumvent PGP and hushmail of a suspect, security software vendors were asked, if they would ignore judicial spyware.

While most security software firms say they never had an official request to let police backdoors through, Chek Point, the vendor of the popular ZA firewall informs that it would treat such a request in a similar way as third-party vendors requests to be placed on a whitelist. Furthermore customers are not to be informed of such a fact if justice forbids so. Only eEye Digital Security states it does not make any exemptions. link: http://news.zdnet.com/2100-1009_22-6197020.html?tag=st.prev

Well it is not common practice yet that intelligence services force security vendors to whitelist their spyware programs, but that seems only a question of time. Still it is unclear whether justice has the authority to do so to make federal keyloggers and spyware installable via the auto-update of the software on the OS of a suspect…
When “fedware” is phased in, cybercriminals may rather choose to apply open source solutions like ClamAV etc, because the chance for fedware is small with this kind of software.

polonus