GCHQ Asked Court To Let It Infringe On Anti-Virus Copyrights... For National Security

from the nothing-is-intact dept

National security apparently means "securing" the nation at the expense of citizens' security. New Snowden documents published by The Intercept show massive amounts of dicking around in the coding of popular anti-virus software by the NSA and GCHQ. The list of antivirus products not affected would be much, much shorter than a list of those that have been.

Much of what listed here involves the NSA and GCHQ monitoring threats reported to these antivirus makers (by intercepting email messages, naturally), obviously in hopes of finding something temporarily exploitable. But in other cases, the efforts went much, much deeper. The GCHQ obtained a warrant to reverse engineer Kapersky products because it felt the company's software was "obstructing" its hacking attempts.

“Personal security products such as the Russian anti-virus software Kaspersky continue to pose a challenge to GCHQ’s CNE [Computer Network Exploitation] capability and SRE is essential in order to be able to exploit such software and to prevent detection of our activities,” the warrant renewal request said. “Examination of Kaspersky and other such products continues.” The warrant renewal request also states that GCHQ reverse engineers anti-virus programs to assess their fitness for use by government agencies.

Not only did the GCHQ seek permission to tear apart a legitimate security product for its own ends, but it also asked for an exception to UK copyright law in order to do so.

GCHQ’s success as an intelligence agency is founded on technical knowledge and creativity. In particular this may involve modifying commercially available software to enable interception, decryption and other related tasks, or “reverse engineering” software (this means to convert it from machine readable code into the original format, which is then comprehensible to a person). These actions, and others necessary to understand how the software works, may represent an infringement of copyright. The interference may also be contrary to, or inconsistent with, the provisions of any licensing agreement between GCHQ and the owners of the rights in the software.

Recognizing this could potentially cause a problem if its efforts were discovered, GCHQ explicitly asked that it be granted permission to engage in copyright infringement in the name of national security.

There is a risk that in the unlikely event of a challenge by the copyright owner or licensor, the Courts would, in the absence of a legal authorisation, hold that such activity was unlawful and amounted to a copyright infringement or breach of contract. The purpose of this warrant is to provide authorisation for all continuing activities which involve interference with copyright or licensed software, but which cannot be said to fall within any other specific authorisation held by GCHQ and which are done without the permission of the owner.

In other words, GCHQ doesn't have specific authorization to violate copyrights or licensing agreements, but for this particular effort, the warrant would act as a blanket permission slip to engage in this illegal activity. And, in doing so, it stretched an intelligence law to cover its violation of intellectual property laws.

GCHQ obtained a warrant for reverse engineering under a section of British intelligence law that does not explicitly authorize — and had apparently never been used to authorize — the sort of copyright infringement GCHQ believed was necessary to conduct such activity.

The spy agency instead relied on the Intelligence Services Commissioner to let it use a law pertaining only to property and “wireless telegraphy,” a law that had never been applied to intellectual property, according to GCHQ’s own warrant renewal application. Eric King, deputy director of U.K. surveillance watchdog Privacy International said, after being shown documents related to the warrant, “The secret reinterpretation of powers, in entirely novel ways, that have not been tested in adversarial court processes, is everything that is wrong with how GCHQ is using their legal powers.”

On top of that, the type of warrant it obtained was only to be used for foreign surveillance, but supporting documentation notes GCHQ would also be performing its reverse engineering to support "police operations" and the domestically-focused National Technical Assistance Centre.

When it comes to national security efforts, laws just don't apply, it would appear. The NSA and GCHQ's efforts are completely indistinguishable from those of cybercriminals. While these agencies may have "good" on their side -- at least in terms of not wishing specific harm to non-targets -- the end result is the same: a less secure computing world.

Filed Under: anti-virus, copyright, gchq, infringement, national security, reverse engineering
Companies: kaspersky

Crowdsourced, Cloud-Based Anti-Virus? Lots Of Buzzwords, But How Does It Work?

from the who-detects-what-now? dept

We've seen plenty of crowdsourced anti-spam apps, but Jesse points us to a company called Immunet that claims to be launching a free "cloud-based, collaborative anti-virus" solution. The idea is that people install it, and as soon as anyone detects a virus problem, that info is shared with all of the other users, thereby (in theory) working much faster than today's brand-name anti-virus products. However, I have to admit I can't figure out how this works. For anti-spam stuff it makes sense -- since anyone can recognize spam. But how can it work for anti-virus? Who's determining what the actual virus is? How is it protected against false positives? None of that's clear. I went through the company's website, and it seems to just skip right over the question of actually detecting the virus. It makes fun of the established anti-virus providers for taking too long in examining suspected viruses in their lab, but never explains how the detection occurs otherwise. In fact, about the only thing I can figure out from the company's own language is that it's going to simply use the virus definitions found in those other products installed on people's computers. If that's true, then it won't actually be any better or faster than those companies it was making fun of earlier. The whole thing sounds full of buzzwords and hype, but appears to have little substance.

Filed Under: anti-virus, buzzwords, cloud, crowd sourced

RIAA Says Copyright Filters Could Be Put In Anti-Virus Software

from the anyone-else-have-to-save-the-industry? dept

It's been fairly amazing to watch the entertainment industry act as if every other industry is responsible for protecting its obsolete business model. Amazingly, it's been successful in convincing AT&T that this makes sense, despite the fact that doing so will almost certainly do more harm to AT&T. However, to its credit, Cary Sherman of the RIAA has said he doesn't think that ISPs should be forced by law to provide these filters. Instead, however, it looks like he's trying to convince other industries to step up and help the entertainment industry as well. His latest, as pointed out by Broadband Reports, is that one possibility would be for anti-spyware/anti-malware applications to also watch for the transfer of unauthorized copyright material. Sherman suggests that this would be one way to get around the question of people simply encrypting traffic to avoid ISP filters. What's not entirely clear, however, is why security firms would ever want to do such a thing, as it would almost certainly annoy their customers to no end.

Filed Under: anti-virus, filters, riaa
Companies: riaa