When the good guys become the bad guys – meet 'Police spyware'

It's well known that organizations with nefarious and often criminal
goals support and distribute malware and spyware that allows them to
snoop on and/or manipulate people's computers. However, what is less
well-known is that some of the people behind spyware are ostensibly the
“good guys”—law enforcement officers who install the software on
suspects' computers to assist them with their investigations.

The existence of “policeware” is not well-known, but the US government
has used this sort of software before. In 2001, federal agents obtained
permission from a judge to enter a suspect's home and install keylogging software
on his computer. The rationale for this unusual mode of investigation
was to get around encryption software such as PGP and the web e-mail
service, Hushmail, that the suspect was using. More recently, FBI
agents used a virus to bust a bomb threat hoaxer.

So, given the fact that federal investigators and possibly other law
enforcement personnel are using spyware to monitor suspect's computers,
what happens when said suspects run antispyware programs?

A fascinating CNET survey of top antispyware vendors found that of 13 software companies, all of them stated that it is currently their
policy to detect police spyware. When asked if they had ever received a
court order to stop detecting police spyware, nine of the companies
denied having received such a request. Computer Associates said they
were not sure, and both Microsoft and McAfee declined to comment on the

Sounds good, right? Notably, a few companies admitted that they would
whitelist policeware if it were requested, including the maker of
ZoneAlarm, a popular firewall app. More interesting, CNET said that
when asked flat-out if they would whitelist for the police when asked,
the question was sometimes ignored.

The issue of checking for police spyware has come up before. After the
Hushmail incident, an article was released about the FBI developing a
new form of spyware delivered as a virus called Magic Lantern that could be installed on users' computers without a agent having to be physically present at the computer. According to an Associated Press article
from 2001, McAfee Corporation contacted the FBI after the Magic Lantern
story broke to “ensure its software wouldn't inadvertently detect the
bureau's snooping software and alert a criminal subject.” McAfee later denied that such contact had taken place.

The issue of whether or not the government should be allowed to
electronically snoop in this way is a contentious one. Many people
would agree that if a search warrant has been previously obtained for a
suspect's house as part of a criminal investigation, the installation
of snooping software would be an acceptable extension of that search.

However, the recent NSA wiretapping scandal
shows that the federal government is not always going to bother
obtaining search warrants in the first place, and considers casting a
wide net of surveillance to be an acceptable method of
counter-terrorism, despite the fact that it is of dubious value as such.
As for court orders to anti-spyware companies to not detect policeware,
no such orders have been confirmed and Kevin Bankston, an attorney with
the Electronic Frontier Foundation, told CNET that “the government
would be pushing the boundaries of the law if it attempted to obtain
such an order.” However, this too could be circumvented by using the
Wiretap Act.

If such an order is given to stop detecting federal government
snoopware, savvy criminals could simply turn to open-source software
such as ClamAV and OpenAntiVirus.org that can be audited to see that
there are no backdoors or workarounds installed at the request of the
government. (source)

I dont know what the law says about this kind of 'malware' in the UK, or even if there is a law that covers it. This needs further investigation one thinks.

Who's watching YOU in Britain today

<!– ckey=”275D05F1″ –>

About IanPJ

Ian Parker-Joseph, former Leader of the Libertarian Party UK, who currently heads PDPS Internet Hosting and the Personal Deed Poll Services company, has been an IT industry professional for over 20 years, providing Business Consulting, Programme and Project Management, specialising in the recovery of Projects that have failed in a process driven world. Ian’s experience is not limited to the UK, and he has successfully delivered projects in the Middle East, Africa, US, Russia, Poland, France and Germany. Working within different cultures, Ian has occupied high profile roles within multi-nationals such as Nortel and Cable & Wireless. These experiences have given Ian an excellent insight into world events, and the way that they can shape our own national future. His extensive overseas experiences have made him all too aware of how the UK interacts with its near neighbours, its place in the Commonwealth, and how our nation fits into the wider world. He is determined to rebuild many of the friendships and commercial relationships with other nations that have been sadly neglected over the years, and would like to see greater energy and food security in these countries, for the benefit of all. Ian is a vocal advocate of small government, individual freedom, low taxation and a minimum of regulation. Ian believes deeply and passionately in freedom and independence in all areas of life, and is now bringing his professional experiences to bear in the world of politics.
This entry was posted in Main Page. Bookmark the permalink.

0 Responses to When the good guys become the bad guys – meet 'Police spyware'

  1. Anonymous says:

    I followed some of the links for a while, and ended up at news.com.com reading the comment thread. The one that really woke me up was entitled: If I were a security tech… I'd demand to know how they did it.
    I won't quote the whole post (so that you still have something to read when you get there!), but two sentences struck me.
    “If, to solve one case, the security of millions of internet users is put at risk, then this is unconscienable.”
    “A reverse engineered CIPAV (the “fedware” spyware used in this case) in the hand of hackers or terrorists could be lethal.”
    But as we know with all the other police state activity going on in the UK at present, the ends ALWAYS justify the means (in the view of the authorities!).