Comments on: Finfisher and the Ethics of Detection http://www.welivesecurity.com/2012/08/31/finfisher-and-the-ethics-of-detection/ News, Views, and Insight from the ESET Security Community Mon, 03 Feb 2014 08:49:00 +0000 hourly 1 http://wordpress.org/?v=3.7 By: David Harley http://www.welivesecurity.com/2012/08/31/finfisher-and-the-ethics-of-detection/#comment-1121 Mon, 03 Sep 2012 08:09:38 +0000 http://blog.eset.com/?p=15015#comment-1121 @cghera, you weren’t actually the only person to ask about this, and in any case it was a fair (and interesting) question. And as I indicated in this post, it’s a recurring topic of concern in the security industry. And I have to agree that the ethical aspects are likely to become more complex rather than less. It could be said that this is the wrong forum in that while AV can (sometimes) detect a ‘state Trojan’ programmatically, assessing the ‘legitimacy’ of the tool is much harder. It depends on context and motivation, and there isn’t a reliable algorithm for that. But that doesn’t make the security industry any less obliged to re-examine its own role and ethical responsibility now that spyware – should I call it software monitoring, to acknowledge the possibility of legitimate use, for example in law enforcement? – has become a part of all our online lives.

]]>
By: cghera http://www.welivesecurity.com/2012/08/31/finfisher-and-the-ethics-of-detection/#comment-1120 Mon, 03 Sep 2012 07:11:06 +0000 http://blog.eset.com/?p=15015#comment-1120 I don't know if I should be feeling flattered by the fact that I triggered a blog post referring to my comment, probably not. I surely was not expecting it however. Thank you for the answer and the new post anyways. When I asked if the FinFisher was detected I was not in a mood of implying that you deliberately omitted detection of the tool. I was just wondering if I was protected, just in case. I am surely supportive on your government cooperation choices. However this kind of info-war happening in our days (part of which are these "softwares") really makes me feel a little worried of what may be coming in the near future. My worry is that todays law abiding citizens may be considered law brakers in a few years. Maybe this talk should have happened in a different forum. Thanks again for your time.

]]>
By: Mr. MJ http://www.welivesecurity.com/2012/08/31/finfisher-and-the-ethics-of-detection/#comment-1119 Sun, 02 Sep 2012 00:23:19 +0000 http://blog.eset.com/?p=15015#comment-1119 If I paid for the eset smart security for protect my pc from trojan, I hope do not permit the trojan infecting my machine, with Government trojan or not, because  all  company that uses Trojans to spy on ordinary citizens are terrorists no matter if is sponsored by the Government.

]]>
By: David Harley http://www.welivesecurity.com/2012/08/31/finfisher-and-the-ethics-of-detection/#comment-1118 Sat, 01 Sep 2012 06:10:53 +0000 http://blog.eset.com/?p=15015#comment-1118 Law enforcement has powers that AV vendors don’t. Unfortunately, we don’t get to arrest people, we can’t make people talk to us, and so on: on the other hand, we have a lot of practice in malware forensics. There is engagement between the security industry and other agencies because (1) it’s not just about malware (2) it’s not just the gangs using malware for reasons of fraud.

I was referring to the fact that there is widespread dislike and mistrust of all AV companies. But I agree that there are advantages to having a large pool of players, as long as they cooperate: without the sharing of samples and information between established companies (and not just the big names), no single product would be anywhere near as effective.

]]>
By: Jay http://www.welivesecurity.com/2012/08/31/finfisher-and-the-ethics-of-detection/#comment-1117 Fri, 31 Aug 2012 23:50:38 +0000 http://blog.eset.com/?p=15015#comment-1117 It's a bit of a weird situation when it comes to government involvement with this kind of thing. I really think a cooperative effort to dwindle the ability to profit off malware between companies would be far better than relying on government involvement (at least for now).
You also said that some say there are far too many AV companies – why would they say this? Surely a large pool would be more beneficial to users than a few major players as far as detection.

]]>