The very software that is supposed to protect your security is an under-appreciated threat to privacy because of the massive amount of data many products secretly gather on customers, according to F-Secure's Jarno Niemelä.
Niemelä also told told The Register that despite the dismissive claim in the recent WikiLeaks' release of CIA documents, namely that “F-Secure has generally been a lower tier product that causes us minimal difficulty,” the company is confident it can handle intelligence agencies' espionage efforts.
Speaking to us at this year's IAPP's Europe Data Protection Intensive 2017 in London, Niemelä, who's the lead researcher at F-Secure labs, said his company had not been significantly offended by the mention: “Obviously we have only the leaked notes to go on with, but as far as we can see basically what they're talking about is the gateway product — so basically mail filters.”
Niemelä added “they are products, so anybody can buy them, and anybody with enough time can figure out some kind of mistake there. That's a fact of life, it's software, bugs happen, and then any attacker with enough resources will be able to find a way of bypassing that.”
Such products can handle the lower-level and more common threats that might hit the unwary, but “the more important defence systems are in the end-point itself, so there's the end-point protection systems, EPPs, which can identify that Word has started misbehaving,” which is “much more difficult to bypass,” said Niemelä, “and then we have this premium service, Rapid Detection Service, which basically then is a sensor which sends information to our back-end.”
Niemelä also told told The Register that despite the dismissive claim in the recent WikiLeaks' release of CIA documents, namely that “F-Secure has generally been a lower tier product that causes us minimal difficulty,” the company is confident it can handle intelligence agencies' espionage efforts.
Speaking to us at this year's IAPP's Europe Data Protection Intensive 2017 in London, Niemelä, who's the lead researcher at F-Secure labs, said his company had not been significantly offended by the mention: “Obviously we have only the leaked notes to go on with, but as far as we can see basically what they're talking about is the gateway product — so basically mail filters.”
Niemelä added “they are products, so anybody can buy them, and anybody with enough time can figure out some kind of mistake there. That's a fact of life, it's software, bugs happen, and then any attacker with enough resources will be able to find a way of bypassing that.”
Such products can handle the lower-level and more common threats that might hit the unwary, but “the more important defence systems are in the end-point itself, so there's the end-point protection systems, EPPs, which can identify that Word has started misbehaving,” which is “much more difficult to bypass,” said Niemelä, “and then we have this premium service, Rapid Detection Service, which basically then is a sensor which sends information to our back-end.”
Comments