[cryptome] Re: How reliable is this new Detekt?

  • From: doug <douglasrankine2001@xxxxxxxxxxx>
  • To: cryptome@xxxxxxxxxxxxx
  • Date: Sat, 22 Nov 2014 02:40:53 +0000


Apparently, according to the Amnesty international website...see url: *http://tinyurl.com/m75y3pr*. (Watch out for the cookies:-)) it is good for raising awareness of security issues, but there are no gaurantees that by using it, it will discover spyware or malware, state or private. Still, it is free...and of course if one visits the website and download it, then that action becomes a matter of public record....It sort of hints that it might detect "Finspy", but on closer reading...it misleads. It also says that it can uncover some commonly used spyware on a computer, but it can't detect all. it is hoping that all those nice geeky people out there are going to give up their time, making it better so that Amnesty International will get all the credit when a new, sooper dooper version is put together. Still, it is open source and free...

Quote<<<

*Has anyone used Detekt successfully to know if they were being spied on?*

Detekt was developed by researchers affiliated with the Citizen Lab, who used a preliminary version of the tool during the course of their investigations into the use of unlawful surveillance equipment against human rights defenders in various countries around the world.

For example, according to research carried out by Citizen Lab and information published by Wikileaks, FinSpy – a spyware developed by FinFisher, a German firm that used to be part of UK-based Gamma International-- was used to spy on prominent human rights lawyers and activists in Bahrain.

*How effective is this tool against technologies developed by powerful companies? *

Detekt is a very useful tool that can uncover the presence of some commonly used spyware on a computer, however it cannot detect all surveillance software. In addition, companies that develop the spyware will probably react fast to update their products to ensure they avoid detection.

This is why we are encouraging security researchers in the open-source community to help the organizations behind this project to identify additional spyware or new versions to help Detekt keep up to date. Contact information is available here.

It is important to underline that if Detekt does not find trace of spyware on a computer, it does not necessarily mean that none is present. Rather than provide a conclusive guarantee to activists that their computer is infected, our hope is that Detekt will help raise awareness of the use of such spyware by governments and will make activists more vigilant to this threat.

In addition, by raising awareness with governments and the public, we will be increasing pressure for more stringent export controls to ensure that such spyware is not sold to governments who are known to use these technologies to commit human rights violations.>>>End quote.

ATB
Dougie.


On 21/11/14 22:02, Aftermath wrote:
I feel that this software is hype.

What special detection does it offer over other common AV solutions? It only detects several known threats, rather than thousands offered by other AV products. I dont get what the big deal is about this software

On Fri, Nov 21, 2014 at 1:53 PM, Shaun O'Connor <capricorn8159@xxxxxxxxx <mailto:capricorn8159@xxxxxxxxx>> wrote:

    currently testing Detekt. however for it to be any good at what it
    claims to do it will need massive work and most likely VERY
    regular upgrades... therein lies the snag. Detekt itself will
    likely be prone to compromise ( if it hasn't been compromised
    already)

    On 21/11/2014 21:07, John Young wrote:
    We used it last night. It found no malware. It cautioned if still
    suspicious
    have an expert check the machine.

    So what Detekt left on our machine is yet to be spied. Rummaged
    through our prison-grade secrets for two hours. In closing, it
    blinked
    a sign: "You been pwnd by Amnesty and EFF. Edward Snowden."


    At 03:28 PM 11/21/2014, you wrote:
    
http://www.theguardian.com/world/2014/nov/20/amnesty-launches-detekt-app-scan-for-spyware


    
https://www.eff.org/deeplinks/2014/11/detekt-new-malware-detection-tool-can-expose-illegitimate-state-surveillance





    .


-- *_PRIVACY IS A BASIC RIGHT - NOT A CONCESSION _*



Other related posts: