The Washington Times has published a long article on companies that develop backdoors and trojans for governmental use.
The article got started after we broke the news on the connections between Gamma Technologies, Elaman GmbH and the Egyptian Government.
Photo by R�diger Trost, F-Secure GmbH
It's more than unsettling to realize there are large companies out there developing backdoors, exploits and trojans.
Elaman HQ Photo by R�diger Trost, F-Secure GmbH
Of course, most of these are designed for "lawful interception".
Lawful interception has been around forever. Originally it meant just tapping landline phone calls, by the operator. Eventually it expanded to mobile calls and text messages. And then it expanded to tapping e-mails and web surfing information. However, if the suspect accesses a website that uses SSL (such as, say, Gmail), the operator can't tap it. This created a need to use malware and backdoors to infect the target's computer. Once you infect a machine, you can monitor everything done on it.
In theory, there's nothing wrong in lawful interception. When it's done by the police. In a democratic nation. With a court order. And where the suspect is actually guilty. In all other cases, it is problematic.
Other companies mentioned in Eli Lake's article include HBGary Federal and Endgame Systems.