Is there a lawyer in the lab?
Juraj Malcho ESET
download slides (PDF)
With the broadening possibilities and the ever-growing number of computer users, many applications are being developed
that have hidden or fraudulent intentions, or which are at best of doubtful usefulness. The motivation behind these
applications is financial profit and they typically target the technically low-skilled members of the population. Many
such applications are not the typical malware used in cybercrime nowadays (like bots or spyware trojans), but rather
potentially unsafe or unwanted applications. However, this dubious software is often associated with groups responsible
for malware dissemination, and is often distributed using unfair practices such as spam campaigns or push-installations
performed by malware.
When AV labs note these practices and add detection of such applications to their products, this causes a conflict of
interests between AV software vendors and the suppliers of such potentially unwanted software. These conflicts sometimes
result in legal battles, dragging many people into the decision-making process, including the legal department, and
consuming a significant amount of a company's human and financial resources. The decision to detect such software is in
many cases made even more difficult by the users themselves: different individuals, social groups and even nations have
very different desires and opinions.
This paper explores the topics mentioned above and considers the boundary between legitimate and illegitimate applications.
The problems are explained with reference to several case studies documenting our experiences with such software. Based on
our records of such incidents we will outline the rising trend of complaints and legal cases over time.
