e-bugs: should anti-virus products detect them?

Graham Cluley Sophos Anti-Virus

Recently there have been media reports about the FBI's use of software to monitor the activity of suspected criminals and terrorists. These so-called `e-bugs' (with codenames such as Magic Lantern) capture the keystrokes of remote computer users in a similar way to the Trojan horses dropped by worms like Badtrans.

There have been suggestions in the media that some anti-virus companies may work in co-operation with the FBI, and deliberately not detect such Trojan horses.

This paper examines whether non-detection of e-bugs makes sense and whether customers have a legitimate requirement to be informed if they are being `e-bugged'.

This paper makes the case that using 'e-bugs' to spy on suspected criminals and terrorists is fraught with dangers, as there is no way of ensuring that the code will not be adapted by its recipients for illegal use.

 del.icio.us  digg this! digg this

Quick Links

Poll
The Japanese government is reported to have commissioned a 'defensive virus'. Is 'defensive' malware ever a good idea?
Yes
No
I don't know
Leave a comment
View 11 comments

99 Subscription Promo

Jobs
In Virus Bulletin's jobs pages among others:

Virus Bulletin currently has 224,240 registered users.