Sophos, a world leader in corporate anti-virus protection, is
today reassuring its customers that it has not been asked to allow
the alleged FBI Trojan horse - codenamed Magic Lantern - slip past
undetected. Sophos believes that using 'e-bugs' to spy on suspected
criminals and terrorists is fraught with dangers, as there is no
way of ensuring that the code will not be adapted by its recipients
for illegal use.
"Malicious code is malicious code," said Graham Cluley, senior
technology consultant, Sophos Anti-Virus. "There's no reason why
organisations targeted by Magic Lantern could not write a variant
of the e-bug for their own use. Before we know it, we'll all be
spied on by every Tom, Dick and Harry - the FBI could even become a
victim of its own code!"
Sophos also doubts whether the concept of Magic Lantern could
ever work as a successful way of observing suspected criminal and
terrorist activity.
"If a customer suspects they may be under surveillance and sends
a Trojan horse to us, we're going to provide protection against
it," continued Cluley. "We have no way of knowing if it was written
by the FBI and, even if we did, we wouldn't know whether it was
being used by the FBI or if it had been commandeered by a third
party wishing to spy on our customer - it's a totally unworkable
situation."
Following media stories that other anti-virus vendors would
overlook the Trojan horse if asked to do so by the FBI, Sophos has
received many enquiries from customers concerned Sophos may
deliberately compromise the quality of its malware detection.
Sophos would like to reassure customers that it has not been
asked to turn off detection of any viruses, worms or Trojan horses
by any intelligence agency around the world and continues to
believe that detection of all such malware is important to our
users.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.