IT security vendors and Australian police embroiled in technology spat

The spat centres on the fact that IT security software from several major vendors - notably Kaspersky, Sophos and Symantec - has been found to block legal hacking attempts by the New South Wales police.

The vendors claim that the legal hacking - which is proposed under an amendment to the Law Enforcement (Powers and Responsibilities) Act 2002 - allows police to remotely access a suspect's PC for up to seven days.

The remote access would, Infosecurity understands, not require a court order and, as such, would form part of the police's standard investigations against any suspected criminal.

Preliminary analysis by several IT security vendors suggests that the police would be using the same covert methodologies as criminal hackers, and, as a resulT, their software would block the remote access attempts.

In a prepared statement, Symantec says that its software will block the police's attempt at remote access:

"Symantec's commitment, first and foremost, is to securing its customers' information and as such, Symantec software will block all attempts to compromise its customers' information, regardless of where the threats are coming from," says the company.

Kaspersky Labs, meanwhile, is quoted as saying that, whilst its products would treat all unwelcome outside intrusions as hacking events, it will be happy to assist the police in specific investigations involving electronic crime.

The situation in Australia is rapidly developing into a stand-off situation, Infosecurity notes, but one that has been triggered by technology rather than any political issues.

The situation is similar to proposals by the German government back in 2007, when the government outlined plans to allow police and other legal agencies to infect a suspect's PC with a trojan capable of allowing remote access by stealth.

Although the proposals created a political storm at the time, it is not known whether the German government went ahead with its plans.

Anecdotal evidence, however, suggests that the German government has actively recruited experienced security programmers to work for it on the project.

What’s hot on Infosecurity Magazine?