I've placed two relevant documents from the DEA key logger use here: http://politechbot.com/docs/forrester.alba.dea.investigation.report.070907.pdf http://politechbot.com/docs/forrester.alba.dea.key.logger.070907.pdf I remember writing this article for Wired in 2001 about how one antivirus company reportedly contacted the FBI and pledged not to detect malicious fedware: http://www.wired.com/politics/law/news/2001/11/48648 It seems that spyware and key loggers are far more advanced and commonplace today than they were six years ago, as are anti-spyware tools. I wonder if the FBI could seek a court order requiring an anti-spyware company not to report fedware (as in, fedware would be whitelisted if detected and the customer would not be alerted). Anyone worried about this could always run free software, where the risk to a user would be lower. (Yes, I know, the compiler could be compromised or a clever and subtle backdoor in the source not detected, but it's still less risky if that's the threat model.) Previous Politech message: http://www.politechbot.com/2007/07/11/dea-key-logger/ -Declan _______________________________________________ Politech mailing list Archived at http://www.politechbot.com/ Moderated by Declan McCullagh (http://www.mccullagh.org/)
This archive was generated by hypermail 2.1.3 : Thu Jul 12 2007 - 00:51:56 PDT