I assume it is against some law for a person, or persons, to sneak into a database and then is against another law to actually take information out of the database. If that is correct, then who gave McAfee permission to break the law?
McAfee has gained access to one specific Command & Control server used by the intruders. We have collected logs that reveal the full extent of the victim population since mid-2006 when the log collection began.
How many servers did they break into before they found that one? Why are they able to do that?
That blog seems very good evidence that McAfee broke somebody’s laws, right? So I want to know who gave them permission?
By the way, when are we going to hear about Avast staff members doing the same thing?
In fact, how about I start an IT security company and make myself chief of the “Threat Research” department and then start breaking into computers. How is that any different than what McAfee is doing?
Okay, maybe somebody needs a special license to run a security research department, right? Not sure if that’s the case, but let’s say I have deep pockets and I go get somebody with that license and he/she thinks I am sincere in wanting to do research (Get that? “Thinks I’m sincere.”) and I hire this person to go breaking into computers and as I’m the boss that person hands the results over to me and . . . anyway, you see the picture I’m painting.
I just want to know how these companies, like McAfee, can break the law.
I’d also like to know why it is SO HARD to type in this jumping-jumping text entry box!?
Getting access to the C&C server does not necessarily mean hacking random servers all day long, and eventually reaching a C&C server by coincidence. You often get some interesting info from the analysis of the malware samples - addresses, protocols, possibly even login data, so you can “just log in”.
The presented information is quite general, so it’s hard to say more - but the C&C server itself might have been running on a hacked machine (just another victim machine of a botnet) - so it actually could have been accessed with the real owner’s consent.
I know it’s sad, but some laws are of a kind that’s rather hard to conform to (especially in the world of Internet where you’d have to conform to all the laws in the world, or at least in those you have users in, which might possibly conflict with each other). I mean, I believe in some countries, it’s illegal to have/store computer viruses for example - which is something an antivirus company really cannot exist without.
Okay, numbers one and two I get, but that one about “laws hard to conform to” and your example is where I get confused.
There are security individuals that work for non-governmental entities that DO try to break into systems, aren’t there? How do they keep from getting in trouble?
Are there some people that have an “understanding” with certain law enforcement agencies and are immune from prosecution because they are working for a recognized security entity?
What if some really gifted individual doesn’t want to work for a company and still wants to do research on the same things that McAfee does research on as exemplified by that article I cited in the OP? Do any of you know of individual research like that where it must be that the individual must have broken one or more laws, but . . . You know, they just aren’t going to get in trouble.
Or maybe this is all so secret I shouldn’t even be asking these questions?
I actually got into this line of thought by wondering if Avast has a research team that goes after the big time cyber break-in artists? Seems I’m always reading about McAfee this and McAfee that and I wouldn’t mind reading something like those articles with Avast’s name replacing that McAfee name.
Then I just got to wondering about how it can be legal for anyone to do any cyber break-ins? Or even writing programs to do cyber break-ins?
It all seems like a kind of weird, shadowy world where the laws are sort of suspended, unless they don’t like you. “They” being the top law enforcement cyber squads.
And who is testing the testers? In other words, who tests McAfee? Who tests Avast? Do you guys/gals test each other? Well, I guess that would be the REALLY BIG secret, if it were the case.
If you mean the penetration testing - that’s always done with the consent of the owner.
Let’s say the management wants to test the company security - so they hire somebody to try to break into their network (and possibly set some rules - what is allowed and what is not). The ordinary employees don’t know, but somebody has to know (and request such a test) - otherwise it would really be an attack, something for the law enforcement.
But yes, they certainly are some grey areas - such as breaking into a computer that you know belongs to a botnet, is used to distribute malware and break into other computers… i.e. break into the bad guys’ computer (and I’m not saying McAfree did that, speaking just in general). Should it be done (and possibly prevent the users from getting infected that way), or not? Sure, you can report it to somebody, but it’s questionable whether it’s of any use, especially if the target computer is in some far country…
But no, we are not investigating hacks & breakins, it’s a bit different field.