By Tom Espiner, 9 January 2009 16:01
NEWS
Two security vendors have said they would block police attempts to hack into systems without a warrant.
The Home Office on Friday said it was working with the European Parliament on plans to extend police powers to conduct remote searches of computers. UK police already have the power to hack into suspect systems without a warrant, due to an amendment to the Computer Misuse Act, which came into force in 1995.
However, security vendors Kaspersky Labs and Sophos told silicon.com sister site ZDNet UK they would not make any concession in their protective software for the police hack.
Kaspersky Labs said this week it would block all attempts to access its customers' systems, regardless of the agency attempting the entry.
David Em, Kaspersky's UK senior technology consultant, said: "Ultimately, we are politically neutral but we consider it our duty to protect our customers."
Cambridge University security expert Richard Clayton told ZDNet UK on Monday that UK police were most likely to hack into computers by entering a premises and installing a keylogger on the target system. This would be more effective than a drive-by download or sending an email with a malware attachment, as the chances of successful interception of data were higher, said Clayton. As an alternative, police could hack into wi-fi networks to search systems, he said.
Kaspersky's Em said that while police could provide details of the software it used so Kaspersky could avoid blocking it, the police software could also be used by cybercriminals. "While we wouldn't want to scupper police attempts to catch bad guys, police [hacking] software could end up in the wrong hands," Em said. Kaspersky would not put a backdoor in its software to enable the police to bypass its protections, Em added. "If we provided a backdoor, it could be used by malware authors," Em said. "People would be able to drive a coach and horses through our security."
Sophos would also block any attempts to compromise its customers' systems, said Graham Cluley, the security vendor's senior technology consultant.
"We block spyware, regardless of where it comes from," Cluley said. He added that police putting malware on a suspect system could backfire, if the person targeted was a criminal. "Who's to say that criminal wouldn't take that malware and use it against someone else?" he said.
Symantec declined to comment on whether it would block a police hack, saying the matter was "politically sensitive". The security vendor has said in the past that it would not scan for the FBI's Magic Lantern keystroke-logging software.
Comments
There are 7 comments. Join the discussion
1. anonymous
And who's to say the Police / Security Services can be trusted not to frame innocent people!!
2. Richard Davies
I think that people should secure both their premises and networks suitably in the first place.
If you did this, then not only would you be protected from hackers, you would also be protected from police as well.
If people are worried...protect your data with AES encryption. To my knowledge this has not yet been cracked!
I really do worry that corrupt police people (they will exist whether you like it or not) will exploit this vulnerability in the law.
YES...I am calling this a vulnerability that needs patching!
Anyone worried should simply hire a security consultant who should be able to take this in their stride!
3. Chris Stevens
It would be fascinating to see criminal prosecution cases collapse when it is revealed that the police were in fact hacked into a "honeypot" and not the PC of the criminal (alleged).
There would be all kinds of opportunity to provide the snoops with misleading information.
4. Richard
Good, I'll continue to use my excellent Sophos AV.
5. Nick Cole
Another wonder scheme invented by someone who has no idea about practicality or negative consequences.
Sounds like a request from a technically naive person dismissing or ignoring the problems associated with it. Something all to common from the public sector where the ability to sort of operate an email client is considered to be qualified in IT!
6. anonymous
Good! Then hackers will be able to monitor Police PC's, MP's PC's, Doctors PC's, Social Services PC's, MOD contractors PC's, Judges PC's, Service officers PC's
Oh what fun the security services will have when their procedures are open to the terrorists view.
And - what fun when security log-ons are no longer secure because the id and associated password are accessible to anyone who has 'acquired' the use of the monitoring facility.
So - I'm off to find some wireless hotspots to use with my Linux PC and old software whn they do start monitoring other peoples systems.
7. getlinux
AS IF !