First I've read of this trojan. Reminds me of something I'd heard re: MS having been given the green-light by either FBI or CIA to do whatever it takes to protect their copyright interests. If it comes to pass, no doubt MS will be working hand in hand with them, for mutual benefit.
(DCOM? SOAP?)

Anyway, two thoughts come to mind...

A) First software that does detect it stands to make a fortune, atleast outside the US. My best guess is a foreign company. No doubt they will enact import/export laws here in the US that prohibit companies from producing software which tampers with, alerts as to the prescence of, or disables it. (eg: Along the lines of Harboring a fugative, or Interfering with an investigation) And along the same lines, make it a crime to possess such software.

B) This is probably more theoretical... but. In contemplating how they could keep every software company from turning a blind eye... What if they dont. They could in all honesty actually help AV companies come up with ways to detect it. Ahhh... sort of. False positives. Then everyone is happy, feeling protected. Meanwhile the AV software doesnt report flagged "true" bugs. EG: There are false bugs sent out to satisfy people that av software catches it, but those who are really being investigated are never alerted.

Just my 2 cents



[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/44/11168#11168