Looking for your opinion on working with law enforcement...

[tjs]

Hey folks.. I'm curious about your opinions here, so please respond to my poll question. I will run this poll for 7 days:

Do you think that companies that work with law enforcement to put malware authors, botnet runners, etc in jail are more likely to sell security software?

Thanks,
TJS

[JohnC]

As a marketing strategy? I think you would have to ask the question, as a consumer would you be more interested in buying a security product from a company that works with law enforcement as opposed to one that doesn't.

[MysteryFCM]

John's nailed part of it ....

The way I see it ........ if they provide a great product, I'll use it - if they work with LE aswell, fantastic!

[sowhat-x]

...heh,that's a really weird phenomenon...actually,I've encountered it only here in MDL,he-he...
While most people around don't have the slightest doubt,
when it comes to clicking suspicious hyperlinks and following malware...
at the same time,for some really weird reason,they never seem to vote in polls:
acting like they're afraid of pushing the small "Vote" button,lmao... 
Ok,guys,it's not that doing so will save the earth from...global warming,
but it wouldn't really harm anyone doing so,lol... 

My answer is obviously yes...the way I see it,
with malware variants replicating and spreading under this amazingly fast rhythm,
no matter the products' technology,heuristics,internal detection/unpacking routines etc...
sigs will never be enough anymore,neither will be released quickly enough to end-users.
More or less,working in close with ISP providers and law enforcement,
is/will be the 'future' form of antiviral work...

One thing still stands true and will always do...that prevention is better than cure/detection.
And as proven to the day,there's still no better prevention technique discovered than:
1)Having malware authors brought to justice.
2)Having malware hosts shutted down at the first place.

[tjs]

I have no hidden motive here. I'm just wondering whether you all think computer security software vendors are the internet police, or whether you expect the meatspace police to do the police work....

TJS

[sowhat-x]

To put it the simplest way possible,a comparison with...meatspace's "real" world.

When say a malware spambot has already "broke into" thousands of machines...
pretty much the only thing that certainly doesn't give a solution,
is having av products inspecting around the "crime scene" afterwards,
if that takes place merely in order to list what info were corrupted and/or stolen.
And after the av engine's "detective" work has taken place,
based upon already known and spotted...criminal vx fingerprints (see signatures),
as well as the experienced detective's "inner instict" (see heuristics)...
trying to identify and "bust" the...malware.exe suspect. 

So,the real question is not if security vendors are the internet police:
that's something that has been already answered by...themselves,
with their behavior through the years...and their advertisements/propaganda as well.
Now,if the majority of them has eventually came up nowadays to the conclusion,
that every day that passes this 'role' gets even harder for them to cope around with...
Question is,do they intend of doing something more towards today's malware situation,
or are they simply gonna continue under the same 'not-good-anymore-old' way,
"digitally" imitating the 'meatspace' police's work. 
====================================

A very good friend of mine,
found this image on the net the other day...
(copyright from Ikarus AV - credits to whoever designed it).
No matter what someone might believe about 'internet police',
law enforcement,the way it should take place or not etc.,
I believe that it describes today's AV industry 'panic' in the most precise way:

[tjs]

123 views and only 4 votes?!? Seriously?!

Looks like i'm going to have to run this on facebook instead

TJS

[Drusepth]

I voted no.  I voted no because I'm indifferent to whether the AV companies work with the law - either because I'm too ignorant in the subject, or because it doesn't really seem apparent or important to me, the end user, on what the company is actually doing - all I care about is if the product does its job and removes malware efficiently.

[Dobby]

No.

The way I see it ........ if they provide a great product, I'll use it - if they work with LE aswell, fantastic!

ditto