AVAR Conference Paper 2009 (1)

In 2009, I co-wrote two papers for the AVAR conference in Kyoto. The first was co-written with Craig Johnston: Please Police Me.

Here’s the abstract:

Sed quis custodiet ipsos custodies [1]? (Who will guard the guards themselves?)

While the anti-malware industry has always tended to avoid poachers turned gamekeepers, the rest of the security industry has fewer scruples. But what about gamekeepers turned poacher? Time and time again, civil liberties groups are obliged to intervene as best they can when governments and law enforcement agencies attempt to expand their ability to eavesdrop electronically using “hacking” techniques and keylogging malware more often associated with the other side of the cops and robbers divide.

An issue with particular resonance in the anti-malware community is the idea of a “good” Trojan like the FBI’s Magic Lantern, which not only poses ethical issues for the anti-malware industry – would vendors be prepared (or forced) to make an exception for detection? – but also inspires misgivings in the community as a whole, from privacy campaigners to the wider security community to everyday business and home users.

In this paper, we’ll consider not only the ethical and political issues around “policeware” and other surveillance tools and techniques, but practicalities such as the mechanisms for distributing and installing such tools, and the maintenance and enforcement of secrecy and compliance.

Advertisements

About David Harley

Computer Security Author/Editor; Independent Antimalware Researcher; CEO at Small Blue-Green World; Senior Research Fellow at ESET.
This entry was posted in AVAR, conference papers, David Harley. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s