Ransomware in the hands of the government
Big Brother f***s with your computer
Emsisoft, an antimalware software company with a very good reputation, posted a warning about the potential for Ransomware to be used by the government.
Ransomware usually refers to a special category of malware that essentially tries to hold a user’s computer and files hostage and demands payment of a ransom in exchange for returning control of the computer back to the user. The general method of operation so far has been to simply confront the user with fictitious legal accusations…
Just a few days ago the “Commission on the Theft of American Intellectual Property” released their 84-page report. Amidst a large amount of rather naive ideas there is one idea that strikes us as particularly insane: The report proposes the use of malware to determine whether or not you are pirating intellectual property and if you are, to lock your computer and holds all your files hostage until you call the police and confess to your crime…
…While not currently permitted under U.S. law, there are increasing calls for creating a more permissive environment for active network defense that allows companies not only to stabilize a situation but to take further steps, including actively retrieving stolen information, altering it within the intruder’s networks, or even destroying the information within an unauthorized network. Additional measures go further, including photographing the hacker using his own system’s camera, implanting malware in the hacker’s network, or even physically disabling or destroying the hacker’s own computer or network.
this idea, as insane as it may sound, isn’t new at all… the very first PC virus, Brain, was created for exactly that purpose. Brain’s author, Amjad Farooq Alvi, used it in January 1986 to prevent his medical software from being copied illegally. According to him, the virus was supposed to target copyright infringers only and asked infected users to contact his software development firm to purchase a cure. Now almost 30 years later we know that his initial idea didn’t turn out that well and Brain went on to infect a lot of innocent users’ computers as well.
Which is, of course, inevitable. Googlebots took down the Hugo Awards stream last year because clips of nominated TV and movies were shown with permission. Googlebots have taken down parodies, which are also legitimate under US law. These are only two examples of false positives, of which I am sure there are thousands of examples.
Emsisoft goes on to recap the joys of the Sony rootkit intended to protect Sony DVDs and CDs from being ripped, and how this was a less than stellar success:
The rootkit lacked any kind of verification of which programs were actually allowed to take advantage of it and which weren’t. In fact the rootkit simply hid all files with names that contained a simple string of text. It didn’t take long for actual malware to appear that included this particular marker in their file name, essentially using the Sony rootkit for their malicious purposes. The rootkit itself contained several bugs that could trigger a blue screen of the system during certain operations or could be used by a normal user to obtain administrative rights on a system. Similar issues were found in the dedicated removal tool that Sony offered on their website, which could either be used by hackers to run arbitrary code on a user’s system simply by visiting a website or resulted in loss of access to their CD and DVD drives after they removed the rootkit.
Emsisoft, an antimalware company, declares
THERE IS NO “GOOD MALWARE”
Emsisoft sum up with this heartwarming speech:
We as a company don’t believe in “legal malware”. It doesn’t matter whether a country, Hollywood, or a Russian backyard crimeware gang created it. Malware will always be malicious, no matter the intentions.
We have therefore never adhered to requests by law enforcement agencies to whitelist their malware in the past and we don’t plan to do so in the future. This is especially true for our behavior blocking technology, which is technically incapable of reliably determining the origin of a malware file, making it impossible for us to whitelist certain malware based on its origin even if we wanted to or were legally forced to do so.
Big Brother is watching you.
Did I ever mention that I felt like throwing up when our new TV was being set up and I discovered that there was a camera watching us sitting on the couch? It was turned OFF on my instruction, but imagine if the bastards could turn it on remotely? [shudder] Needless to say, the tech in my lounge room is usually disconnected from the webz.
This is not a promoted post.