[Politech] Correction on security firms and detecting spyware [priv]

From: Declan McCullagh (declan@private)
Date: Tue Jul 17 2007 - 12:17:07 PDT


Whoops! I mistyped when sending out the last message. To be clear, we 
asked the 13 companies this question:

"Is it your policy to alert the user to the presence of any spyware or
keystroke logger, even if it is installed by a police or intelligence
agency in the absence of a lawful court order signed by a judge?"

And we received 13 responses saying YES, it was their policy. Putting 
this thing together was a beast (about 5,000 words including the 
verbatim responses) and you can tell that I'm a bit frazzled as a result.

Previous Politech message:
http://www.politechbot.com/2007/07/17/will-security-firms/

And, by way of comparison, here's something from the archives saying 
Symantec in 2001 would overlook FBI spyware:
http://www.politechbot.com/p-02851.html

And McAfee apparently saying the same:
http://www.politechbot.com/p-02834.html

But then McAfee challenged the AP article:
http://www.politechbot.com/p-02846.html
http://www.politechbot.com/p-02840.html

At least now we have them on the record in a less ambiguous way. (The 
court order clause could be a loophole, but National Security Letters 
aren't signed by a judge so I don't think it's a big one.)

-Declan
_______________________________________________
Politech mailing list
Archived at http://www.politechbot.com/
Moderated by Declan McCullagh (http://www.mccullagh.org/)



This archive was generated by hypermail 2.1.3 : Tue Jul 17 2007 - 12:33:13 PDT