Both the Independent and the Times Online reported yesterday that the UK police wants to be able to search computers remotely, without the need for a search warrant. Some of the methods that might be used include installing keyloggers, hacking wireless networks and installing backdoors on the suspect’s PC:
Police might also send an e-mail to a suspect’s computer. The message would include an attachment that contained a virus or “malware”. If the attachment was opened, the remote search facility would be covertly activated.
This prompted an immediate response from Sophos:
One thing I can promise you though: If Sophos encounters any malware written by the police, we won’t turn a blind eye. We will add detection for it.
Even if security vendors were made aware of the code, how would we know that our customer was the intended target of police surveillance? You see, by planting spyware on the PCs of those under suspicion, the police could essentially be placing a weapon directly into the hands of their enemies.
While that is a clear statement, and one that I totally agree with, it might place them in a difficult position: they might be charged with intentionally interfering with a police investigation it they actually remove “Police.Spyware.Win32″…