Government, Public Interest and Trojans


Mikko Hyponen, who has been tracking the R2D2 thing assiduously, observes with some surprise that he hasn't seen a single article on "R2D2" that would try to defend the need for lawful interception.

Actually, I haven't either, but I think there are at least two separate issues here. It seems fairly clear from the reports I've seen since our earlier blog that German agencies probably have used it, apparently illegally in the light of the extended functionality. In that respect, this isn't lawful interception, and it's not surprising that the AV industry has seen no reason to avoid detecting it, and even gone out of its way to add detection.

It's true, though, that in cases where the public have seen some possible desirable outcome of an illegal/borderline legal action (consider the BBC's actions in renting a botnet, for example) we see a lot of commentary suggesting that "the end justifies the means."

It may also be in some cases that where a security company is closely associated with governmental security (or otherwise subject to governmental pressure) it will be more receptive to giving special treatment to policeware. However, turning a blind eye to all instances of some sort of standardized government Trojan is probably going to be a compromise too far for most AV researchers.

ESET Senior Research Fellow

Author David Harley, ESET

  • lyecdevf

    I would add another note here.  The fact that this has come out of Germany has a very dark undertone for me.

    • David Harley

      Not wishing to play censor here, but as I’d already approved the rest of your comment in the previous blog on this topic, I didn’t think it was appropriate to repeat it here.

Follow us

Copyright © 2018 ESET, All Rights Reserved.