Legal malware

10 Dec 2011

The H posted the article accused of wrapping nmap in a "trojan installer". was wrapping nmap (which is under an enhanced GPL) inside a closed-source installer, which violates the license. Furthermore, the installer is flagged by many AV as a trojan, and was using the nmap trademark. Somehow this is legal. The trojan changes the default search engine to Bing and sets the homepage to msn. In order to get to stop, you have to opt-out. This all upsets me greatly.

In another case of legalized malware, F-Secure posted the article Trade Fair... For Trojans, which discusses the ISS World Training fair, which is invite-only and runs five times/year in various locations around the world. It's main purpose, from the F-Secure article and a recent a recent article from the WSJ (Document Trove Exposes Surveillance Methods ) seems to be to track dissidents. The conference ranges from hacking tools to GSM intercept equipment. Also check out the WSJ video discussing the conference, the documents from the companies, and some high-lights from those companies at The Surveillance Catalog. Looking through the ISS World site, I found the following companies sponsoring the event in DC in October, 2011 (I did my best to locate more info about the companies, including their sites, since ISS only displayed their logos):