Another reason to be careful opening emails.

keatron

You never know who's watching you. Might be the FBI.

http://www.wired.com/politics/law/news/2007/07/fbi_spyware

And in the spirit of spying, they need to always keep an eye on their own.

http://www.informationweek.com/news/showArticle.jhtml;jsessionid?articleID=201200012

sprkymrk

So I wonder if any of the various anti-spyware apps will build a definition file for the FBI spyware?

Or perhaps the newer heurstic detection would find it?

JDMurray

sprkymrk wrote:

So I wonder if any of the various anti-spyware apps will build a definition file for the FBI spyware?

There are persistent rumors that law enforcement agencies pay scanner manufacturer companies not to include their spyware programs in the scanner's definition file. This could even be true for scanners developed in non-USA companies, but I can't see how an agency could possibly be in bed with all the scanner manufacturers. And what would they do if a scanner manufacturer refused?

sprkymrk wrote:

Or perhaps the newer heurstic detection would find it?

This is exactly why I'm very interested in Blink from eEye Digital Security. Although Blink does contain a conventional virus and Spyware scanner, it also checks the operations of programs for anomalous behaviors associated with all Malware. This requires no definitions file and is specifically used for finding new zero-day exploits.

keatron

JDMurray wrote:

sprkymrk wrote:

So I wonder if any of the various anti-spyware apps will build a definition file for the FBI spyware?

There are persistent rumors that law enforcement agencies pay scanner manufacturer companies not to include their spyware programs in the scanner's definition file. This could even be true for scanners developed in non-USA companies, but I can't see how an agency could possibly be in bed with all the scanner manufacturers. And what would they do if a scanner manufacturer refused?

sprkymrk wrote:

Or perhaps the newer heurstic detection would find it?

This is exactly why I'm very interested in Blink from eEye Digital Security. Although Blink does contain a conventional virus and Spyware scanner, it also checks the operations of programs for anomalous behaviors associated with all Malware. This requires no definitions file and is specifically used for finding new zero-day exploits.

Sorry guys, I absolutely have to plead the 5th on this one.

JDMurray

keatron wrote:

Sorry guys, I absolutely have to plead the 5th on this one.

You know Keatron, sometimes you really make me wonder if I have the nerve and the guts for a serious InfoSec career.

keatron

JDMurray wrote:

keatron wrote:

Sorry guys, I absolutely have to plead the 5th on this one.

You know Keatron, sometimes you really make me wonder if I have the nerve and the guts for a serious InfoSec career.

You'll be a great addition to the "serious infosec career" group. I guess the toughest part is the fact that some of the most exciting stuff you'll do, you can't talk about.

homerj742

keatron wrote:

JDMurray wrote:

keatron wrote:

Sorry guys, I absolutely have to plead the 5th on this one.

You know Keatron, sometimes you really make me wonder if I have the nerve and the guts for a serious InfoSec career.

You'll be a great addition to the "serious infosec career" group. I guess the toughest part is the fact that some of the most exciting stuff you'll do, you can't talk about.

I think that's really cool. I'm very interested in a career in infosec...