Latest in Antivirus

Image credit:

US and UK spy agencies are exploiting flaws in security software

Jon Fingas, @jonfingas
June 22, 2015
Share
Tweet
Share

Sponsored Links

Those worries that governments are trying to undermine security software? They're well-founded. The Intercept has learned that both the US' National Security Agency and the UK's Government Communications Headquarters have been reverse engineering security software, such as antivirus tools and encryption programs, to look for flaws that can be used in surveillance hacks. Some of the targets in recent years include Kaspersky Lab's security suite (sound familiar?), Acer's eDataSecurity and Exlade's CrypticDisk. GCHQ also deconstructed numerous other commonly available programs, including vBulletin's forum software and popular server management tools.

The NSA, at least, has taken things one step further. A 2010 presentation reveals that the agency was monitoring threat reports sent to antivirus and firewall software makers in the hopes of finding exploits, whether they're brand new forms of malware or vulnerabilities in the defensive apps themselves. It's easier than you might think, too. It's not always possible to update virus definitions very quickly, and many antivirus developers can take weeks or months to patch exploits in their own code.

There's a number of concerns with these activities beyond the spying itself. GCHQ's reverse engineering stretched interpretations of the law, and the organization spent extensive time buttering up the Foreign and Commonwealth Office to get approval for its activities. And as Kaspersky suggested after discovering a breach in its networks, there's a betrayal of trust here -- intelligence agencies are compromising the very programs that are meant to keep you safe.

[Image credit: AP Photo/Efrem Lukatsky]

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
Tweet
Share

Popular on Engadget

LG's rollable OLED TV goes on sale for $87,000

LG's rollable OLED TV goes on sale for $87,000

View
New trailer for 'The Mandalorian' season two brings back most of our old friends

New trailer for 'The Mandalorian' season two brings back most of our old friends

View
Intel sells its NAND flash memory business to SK Hynix for $9 billion

Intel sells its NAND flash memory business to SK Hynix for $9 billion

View
Can Evernote make a comeback?

Can Evernote make a comeback?

View
The SSC Tuatara has broken 330 mph and shattered a world speed record

The SSC Tuatara has broken 330 mph and shattered a world speed record

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr