They know that we know that they know what they shouldn’t know.
Basically, Malware is always a threat. There are two types of malware providers: Those who do it for money and those who do it for big money. In between are those, who want to do big money but are afraid to get caught by the police. Solution to this dilemma? Well, sell the software to the police as “security tool” to allow supervision of the people that live in the country criminals and terrorists.
Currently a new star has risen in the latter scene: http://www.hackingteam.it/.
Well, word star isn’t exactly hitting it. “Damp Squib” would be a bit more precise. Both make noise, both burst in flames – but the latter is probably a bit more self destructing.
At least, Hacking Team has now informed the antivirus companies to add the complete set of signatures that have been connected with Hacking Teams software into their databases so the “original” software can be tracked down and removed. This is the nightmare of any security company per se.
Problem with this is in general: I have a strong distrust in companies who try to sell malware to anyone. And I do have a strong distrust in all organizations buying any kind of malware, trying to rectify it with “security” or “peace”. It’s like trying to extinct a fire using petrol.
In addition, a company that has so low security levels for highly sensitive software like this (see Heise Article and Tagesanzeiger Article) should be closed down for good – and the responsible people there should be busted for a very, very long time. Maybe even with 24hr video and audio broadcasting of their lifes in prison.
But, unfortunately, history has proved otherwise….
What’s going to happen?
As I don’t believe that Hacking Team will go out of the business (and if they would, I bet they’re going to reopen with an altered version of the software and a new name), chances are at least 100% that the software will continue to exist – with new signatures.
From technological and ethical point of view this company has already been bankrupt when defining it’s business plan.
And I think, the Zurich Police will get a free update version.
Verdict: I was always a strong believer that the people should supervise government and legislation. Well, as it turns out, we do. But the government isn’t caring about it at all – they just keep calm and carry on. It must be said that they obviously neither our legislation nor the police does have any clou with what they’re dealing here. Incompetency may be an excuse but it won’t qualify for mercy.
We know that that they know that we know that they know what we did not want them to know that they know. And we will never forget. As is the case with the internet.
Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety. -Benjamin Franklin (*1706 – +1790)