Major security vendors Symantec, Sophos and Kaspersky yesterday said their products would block legalised hacking attempts by NSW Police under new legislation as they would any other security threat to users.
We don't do backdoors — not for ourselves, not for our customers, not for the cops and certainly not for the robbers
Sophos' Paul Ducklin
The NSW Government has proposed an amendment to the Law Enforcement (Powers and Responsibilities) Act 2002 which would, with a Supreme Court judge's permission, give police the authority to remotely access a suspect's computer for seven days at a time. Police would not be required to inform suspects for up to three years.
The full text of the amendment can be found online.
"Symantec's commitment, first and foremost, is to securing its customers' information and as such, Symantec software will block all attempts to compromise its customers' information, regardless of where the threats are coming from," a Symantec spokesperson said in a statement.
Paul Ducklin, head of technology at Sophos' Asia-Pacific operations, said that the idea of using malware for law enforcement had not proven effective in general. Sophos would not create backdoors in its security software, such as master passwords in encryption products, data-stealing malware deliberately left undetected by AV companies, or remote configuration features in firewalls, he said.
"Sophos aims to produce correctly engineered security products, so we don't do backdoors — not for ourselves, not for our customers, not for the cops and certainly not for the robbers," said Ducklin.
Kaspersky Labs said that while its products would treat "all unwelcome outside intrusions as hacking events", the company would assist police if they targeted a "crime ring".
"We would, of course, support any police action to bust crime rings or any organised illegal activity. Indeed, Kaspersky works with law enforcement authorities around the world to track down and identify cyber criminals," an Australian Kaspersky spokesperson said.
The question over whether security vendors would allow law enforcement malware to bypass normal security checks, has yet to be settled by the security industry in general.
Although Symantec yesterday said it would protect its customers' information, responding to UK legislation similar to that being proposed for NSW in January, Symantec declined to comment on whether it would block a police hack, saying the matter was "politically sensitive". The security vendor has said also in the past that it would not scan for the FBI's Magic Lantern keystroke-logging software.
In 2007 the German government had also been planning to permit authorities to plant spyware on suspects' hard drives through email messages appearing to stem from official sources.
"Such special favours amount to deliberately-implemented software backdoors. But correctly engineered security software shouldn't have any backdoors at all — not by accident, and certainly not by design," Sophos' Ducklin said.
Simple users like me appreciate your refusal to malware to propigate as wise lawful decisions. An electronic warrant cannot be surveiled by worm/virus invasion. Thankyou for defending.